Okta Flags Customized, Reactive Vishing Attacks Which Bypass MFA
Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into handing over credentials
Okta is an identity and access management platform whose authentication services affect account security, access control, and breach response.
Search across headline titles and summaries.
Background for this topic.
Okta is a cloud identity and access management platform used to authenticate people, issue access to applications, and administer workforce or customer identities. Its capabilities commonly include single sign-on, multifactor authentication, directory and lifecycle management, and policy-based authorization across SaaS, on-premises, and custom applications.
Because Okta can control access to many systems, its administrator accounts, identity APIs, integrations, and authentication sessions are high-value security surfaces. Organizations should apply least privilege, phishing-resistant MFA where feasible, careful separation of administrative roles, and prompt removal of departing users; misconfigured federation or provisioning can otherwise grant excessive or persistent access. Logs covering administrator activity, authentication events, token use, and changes to applications or policies support detection and incident response. Security advisories and vulnerability assessments should include Okta agents, connectors, browser components, and downstream integrations, while investigations should consider revoking sessions and rotating affected credentials.
Weekly headline count for the current query.
Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into handing over credentials
Okta says over 46% of new customer registrations are bot-driven fraud attempts
Okta has issued customers with new advice on how to block mounting credential stuffing attacks
Cloudflare revealed suspected nation-state attackers compromised its systems and accessed source code using credentials stolen in the Okta breach
Exposure is limited to names and emails for most
Several suffered follow-on session hijacking attacks
Threat actor accessed case management system
The flaw derives from the way the Okta system records failed login attempts to instances
Despite using low-skill methods, the campaign compromised a large number of well-known companies
The complex interrelation between trust, privacy and cybersecurity was discussed by experts during Okta Forum 2022
Authentication vendor completes investigation into incident
Firm confirms hackers accessed internal systems via RDP
Microsoft also admits it was hit by ransom group
Concerns rise that ransomware group used access to target customers