21 min listen
Code comments cause SAML conundrum. [Research Saturday]
FromCyberWire Daily
ratings:
Length:
19 minutes
Released:
Mar 24, 2018
Format:
Podcast episode
Description
Researchers at Duo Security recently unearthed a new vulnerability class that affects SAML-based single sign-on (SSO) systems. This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a different user without knowledge of the victim user’s password.
Kelby Ludwig is a Senior Application Security Engineer at Duo security, and he takes us through his discoveries.
Kelby Ludwig is a Senior Application Security Engineer at Duo security, and he takes us through his discoveries.
Released:
Mar 24, 2018
Format:
Podcast episode
More Episodes from CyberWire Daily
Encore: Welcome to New York, it's been waitin' for you. [Research Saturday] by CyberWire Daily