Vulnerabilities in Single Sign-On Services Could be Abused to Bypass Authentication

Vulnerabilities
Share It On:

25th April 2021, Kathmandu

Vulnerabilities in Single Sign-On services could be abused to bypass authentication controls

A category of vulnerability detected in a number of Single Signal-On (SSO) companies may enable attackers to hack into company techniques, safety researchers at NCC Group warn.

SSO expertise is a strategy for authentication and identification administration that enables enterprise customers to entry to an array of company functions via a single (usually third-party) service.

The expertise, which has been extensively adopted amongst enterprises, affords comfort to customers as a result of it will get around the necessity to handle a number of office passwords.

In addition to reducing down on helpdesk calls, the expertise affords a solution to handle credentials and privileges from a single location and will increase safety – a minimum of in concept.

Safety researcher Adam Roberts of NCC Group has found related vulnerabilities in a number of SSO companies that depend on Safety Assertion Markup Language (SAML) to authenticate customers.

These implementation flaws create a possible means to interrupt into techniques and trigger all methods of mischief, Roberts warns in a technical blog post.


Share It On:

Recent Posts

Dursikshya Education Network Successfully Concludes Finals of Discovery Education & Edutech’s National Coding Competition – Nepal Edition

Dursikshya Education Network Successfully Concludes Finals of Discovery Education &

Share It On:22nd December 2024, Kathmandu Dursikshya Education Network, in collaboration with Edutech India, Discovery Education UK, and ICT Frame

Child Online Protection in Nepal: Insights From UNICEF and ChildSafeNet Dialogue

Child Online Protection in Nepal: Insights From UNICEF and ChildSafeNet

Share It On:21st December 2024, Kathmandu A high-level dialogue on child online protection organized by UNICEF, in partnership with ChildSafeNet,

Support Your NPL Team With Ncell’s Exclusive PRBTs

Support Your NPL Team With Ncell’s Exclusive PRBTs

Share It On:20th December 2024, Kathmandu As the finale of the Nepal Premier League (NPL), the ‘Festival of the Himalayas,’

Garima Bank Cash Dividend Proposal: 5% for Shareholders

Garima Bank Cash Dividend Proposal: 5% for Shareholders

Share It On: 20th December 2024, Kathmandu Garima Bikas Bank has announced its decision to offer a cash dividend to

Citizens Bank and SM Dental Partnership: Exclusive Discounts for Digital Payment Users

Citizens Bank and SM Dental Partnership: Exclusive Discounts for Digital

Share It On: 20th December 2024, kathmandu Citizens Bank International Limited has formed a strategic partnership with SM Dental and

Nabil Bank Toll-Free Number for Easy Banking Support: 24/7 Access to Assistance

Nabil Bank Toll-Free Number for Easy Banking Support: 24/7 Access

Share It On: 20th December 2024, kathmandu Nabil Bank Limited has rolled out a new initiative to improve customer support