SecureAuth
U
SecureAuth Joins OpenID to Drive Interoperability & Authentication for Identity Security Across Cloud & Mobile

SecureAuth Joins OpenID to Drive Interoperability & Authentication for Identity Security Across Cloud & Mobile

March 29, 2021
Today, SecureAuth is an official member of the OpenID Foundation a non-profit international standardization ...
Martin Gallo
SecureAuth uncovers SAML validation weakness in SAP HANA

SecureAuth uncovers SAML validation weakness in SAP HANA

December 15, 2020
This blog post details a specific vulnerability affecting SAP’s HANA implementation of the SAML standard. This ...
Martin Gallo
SecureAuth Innovation Labs – New Impacket Release Available Today!

SecureAuth Innovation Labs – New Impacket Release Available Today!

November 23, 2020
As of January 2023, Fortra's Core Security now hosts and maintains Impacket. They will continue to develop both ...
Leandro Cuozzo
Exploring the SAP HANA SQL Command Network Protocol – Federated Authentication

Exploring the SAP HANA SQL Command Network Protocol – Federated Authentication

October 21, 2020
We continue our journey into SAP security topics. The following is the third part of a series exploring the HANA ...
Martin Gallo
Exploring the SAP HANA SQL Command Network Protocol – Password-based Authentication and TLS

Exploring the SAP HANA SQL Command Network Protocol – Password-based Authentication and TLS

August 10, 2020
In this article about SAP security topics, we continue exploring the HANA SQL Command Network Protocol, now ...
Martin Gallo
Exploring the SAP HANA SQL Command Network Protocol – Protocol Basics and Authentication

Exploring the SAP HANA SQL Command Network Protocol – Protocol Basics and Authentication

July 20, 2020
With this post we continue our series about enterprise software and SAP security articles. I will cover the basics ...
Martin Gallo
Why Browser Fingerprinting is Creating Challenges for Identity Security

Why Browser Fingerprinting is Creating Challenges for Identity Security

May 12, 2020
Uniquely identifying the user’s device or browser when accessing an online resource can be useful in very ...
Martin Gallo
Revisiting the Old and Looking at New Potential SAP Vulnerabilities

Revisiting the Old and Looking at New Potential SAP Vulnerabilities

April 07, 2020
This post is the first of a series of articles refloating some old notes about enterprise software, SAP security ...
Martin Gallo
What is old is new again: The Relay Attack

What is old is new again: The Relay Attack

April 07, 2020
The NTLM (NT Lan Manager) relay attack is a well-known attack method that has been around for many years. Anybody ...
Leandro Cuozzo
Hijacking 2FA – A look at Mobile Malware Through an Identity Lens

Hijacking 2FA – A look at Mobile Malware Through an Identity Lens

March 25, 2020
Introduction In the last weeks, several news outlets reported on a new Android malware variant, that added ...
Martin Gallo

Playing with Relayed Credentials

June 25, 2018
During penetration testing exercises, the ability to make a victim connect to an attacker’s controlled host ...
Alberto Solino

Kerberos Delegation, SPNs and More…

March 07, 2017
During the past few years, there has been an increasing amount of research around Kerberos security, leading to ...
Alberto Solino
Load More
Sign Up for Identity Cloud Demo Today
Request your Demo

Pin It on Pinterest