Service Bulletins and Announcements

Security

Enabling REFEDS MFA in your FIM Identity Provider

Many cybersecurity experts agree that Multi-Factor Authentication (MFA) is the single most effective defense against password hacking. MFA enhances security by requiring two or more independent and distinct factors…

Log4j Advisory for CAF Participants

A zero-day exploit has been reported against the Apache logging library — Log4j – that can allow an attacker to remotely execute code. This vulnerability has been reported with the highest criticality ranking of 10/10 and requires immediate attention to mitigate the risk.

Security Advisory for Azure AD User Consent Settings

If your organization is among 95-97% of Canadian research and education organizations that use Azure Active Directory (AAD), a simple default setting may be exposing your users’ personal data to third party applications/services in Azure.

Multifactor Authentication (MFA) Deadline at National Institutes of Health (NIH)

To strengthen cybersecurity practices, research and education organizations are implementing MFA and requiring it for access to critical resources and services. One such organization is the National Institutes of Health (NIH) from the United States.

Shibboleth v4 Upgrade Guidance

Regardless of the platform you use, keeping current on your Identity Provider (IdP) software is a vital factor in your organization’s security practices…

Security Bulletin for SAML2 Service Providers

A new flaw has been found in the XML processing performed by various SAML Service Providers…

Security Advisory for Shibboleth Service Providers

A security advisory for the Shibboleth Service Provider software was published for both Linux and Windows platforms…

Using SAML Proxying in the Shibboleth IdP to Connect with Azure AD

The most current version of this technical guide is located on the Shibboleth Wiki located here.

General Topics

ADFSToolkit

CANARIE is pleased to announce the addition of ADFSToolkit functionality to the Canadian Access Federation (CAF) Federated Identity Management (FIM) service…