![]() Some of the other customers who have been affected by the incident include BeyondTrust and Cloudflare. ![]() The company told The Hacker News that the event impacted about 1 percent of its customer base. The development comes days after Okta revealed that unidentified threat actors leveraged a stolen credential to break into its support case management system and steal sensitive HAR files that can be used to infiltrate the networks of its customers. ![]() It's worth pointing out that the identity services provider had previously warned of social engineering attacks orchestrated by threat actors to obtain elevated administrator permissions.Īs of writing, it's currently not known if the attacks have any connection to Scattered Spider (aka 0ktapus, Scatter Swine, or UNC3944), which has a track record of targeting Okta using social engineering attacks to obtain elevated privileges. "Corroborating with Okta support, it was established that this incident shares similarities of a known campaign where threat actors will compromise super admin accounts, then attempt to manipulate authentication flows and establish a secondary identity provider to impersonate users within the affected organization," 1Password said. 1Password further said it has since taken a number of steps to bolster security by denying logins from non-Okta IDPs, reducing session times for administrative users, tighter multi-factor authentication (MFA) rules for admins, and decreasing the number of super administrators.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |