fbpx

Cloudflare

Shadow IT use at Okta behind series of damaging breaches

An Okta employee who signed into their personal Google account on a company-owned device appears to have been the source a breach that is now known to have impacted a total of 134 downstream customers, including several other suppliers of authentication services. The breach, which began on 28 September and lasted until 17 October, saw…

Shadow IT use at Okta behind series of damaging breaches Read More »

Microsoft warns over growing threat from Octo Tempest gang

A gang of native English-speaking cyber criminals who began their careers as social engineers in support of so-called SIM swapping attacks and cryptocurrency fraud, and have since graduated to cyber extortion, is rapidly emerging as one of the most dangerous financially motivated cyber crime groups operating today, according to information on the gang released by…

Microsoft warns over growing threat from Octo Tempest gang Read More »

1Password caught up in Okta support breach

Credential management software supplier 1Password has disclosed it has been caught up in the same breach of the tech support systems of fellow identity and access management (IAM) specialist Okta that impacted BeyondTrust and Cloudflare. 1Password chief technology officer (CTO) Pedro Canahuati said the firm detected suspicious activity on the Okta tenant it uses to…

1Password caught up in Okta support breach Read More »

Customers speak out over Okta’s response to latest breach

Cyber security companies BeyondTrust and Cloudflare have criticised identity and access management (IAM) specialist Okta after both became ensnared in yet another cyber attack against the latter’s systems. BeyondTrust said it detected an identity-centric attack on an in-house Okta admin account on 2 October 2023, which used a valid session cookie stolen from Okta. It…

Customers speak out over Okta’s response to latest breach Read More »

National Crime Agency sting operation infiltrates cyber crime market

The National Crime Agency has infiltrated a cyber crime marketplace by setting up websites pretending to offer the tools needed to mount distributed denial of service (DDoS) attacks. The sting was part of an international law enforcement response targeting criminal DDoS-for-hire infrastructures worldwide, known as Operation PowerOff. Several thousand people have accessed these websites, which…

National Crime Agency sting operation infiltrates cyber crime market Read More »

Scroll to Top