Cybernews

Reports link ShinyHunters to SSO vishing attacks, but key details reserved for Okta paying customers

There are reports that threat actor ShinyHunters is behind an active voice phishing campaign, aimed at stealing single ...

Canva among ~100 targets of ShinyHunters Okta identity-theft campaign

Atlassian, RingCentral, ZoomInfo also among tech targets ShinyHunters has targeted around 100 organizations in its latest ...

ShinyHunters claims Okta customer breaches, leaks data belonging to 3 orgs

'A lot more' victims to come, we're told ShinyHunters has claimed responsibility for an Okta voice-phishing campaign during ...
SDxCentral

Okta Optimizes No-Code for Identity Management

Okta introduced no-code extensibility for identity proofing, consent management, customer data platforms, and progressive profiling in a move to improve developer velocity so those teams can ...

ShinyHunters claim hacks of Okta, Microsoft SSO accounts for data theft

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) ...
HealthcareInfoSecurity

Voice Phishing Okta Customers: ShinyHunters Claims Credit

A surge in attacks that bypass some types of multifactor authentication has been tied to a new generation of voice-phishing toolkits that give attackers the ability ...

Okta SSO accounts targeted in vishing-based data theft attacks

Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks.
The Verge

An Okta login bug bypassed checking passwords on some long usernames

The vulnerability is fixed now, but Okta said that for three months it could’ve been used to access accounts with usernames stretching at least 52 characters long. The vulnerability is fixed now, but ...