6 Okta security settings you might have overlooked

Okta misconfigurations can quietly weaken identity security as SaaS environments evolve. Nudge Security shows six Okta security settings teams often overlook and how to fix them.
Infosecurity Magazine

Okta Flags Customised, Reactive Vishing Attacks Which Bypass MFA

Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into ...

ShinyHunters claim hacks of Okta, Microsoft SSO accounts for data theft

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) ...

Canva among ~100 targets of ShinyHunters Okta identity-theft campaign

Atlassian, RingCentral, ZoomInfo also among tech targets ShinyHunters has targeted around 100 organizations in its latest ...

Okta Uncovers Custom Phishing Kits Built for Vishing Callers

They can intercept user credentials while providing real-time context that helps attackers convince victims to approve MFA ...

Crims hit the easy button for Scattered-Spider style helpdesk scams

Teach a crook to phish… Criminals can more easily pull off social engineering scams and other forms of identity fraud thanks ...
SecurityWeek

Over 100 Organizations Targeted in ShinyHunters Phishing Campaign

Many major organizations appear to have been targeted in a recent cybercrime campaign linked to the ShinyHunters group.
SecurityWeek

Why Identity Security Must Move Beyond MFA

Organizations with a comprehensive identity security strategy are better positioned to defend against evolving threats and ...
The Hacker News

Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms

Microsoft reports a multi-stage AitM phishing and BEC campaign abusing SharePoint, inbox rules, and stolen session cookies to ...

North Korean hackers using malicious QR codes in spear phishing, FBI warns

Kimsuky's latest attacks can bypass email protections and MFA to steal M365 and VPN accounts.
Homeland Security Today

North Korean Hackers Leverage Malicious QR Codes in Spearphishing Campaigns Targeting U.S. Entities

The Federal Bureau of Investigation (FBI) has released a "FLASH" to alert NGOs, think tanks, academia, and other foreign ...
The Daily Athenaeum

Students, faculty frustrated with Okta Verify

Many students and faculty members are dissatisfied with Okta Verify, WVU’s new two-factor authentication system.