Archive.fm

CyberWire Daily

Code comments cause SAML conundrum. [Research Saturday]

Researchers at Duo Security recently unearthed a new vulnerability class that affects SAML-based single sign-on (SSO) systems. This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a different user without knowledge of the victim user’s password. Kelby Ludwig is a Senior Application Security Engineer at Duo security, and he takes us through his discoveries.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Broadcast on:
24 Mar 2018

Researchers at Duo Security recently unearthed a new vulnerability class that affects SAML-based single sign-on (SSO) systems. This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a different user without knowledge of the victim user’s password.

Kelby Ludwig is a Senior Application Security Engineer at Duo security, and he takes us through his discoveries

Learn more about your ad choices. Visit megaphone.fm/adchoices