A common user mistake can lead to compromised Okta login credentials

Logged failed logins into a company’s Okta domain could be used by threat actors to discover access credentials of valid accounts, Mitiga researchers have found. Those credentials can then be used log in to any of the organization’s platforms that use Okta single sign-on (SSO) or – if the login credentials belong to an administrator – to gain privileged access to other systems or restricted network areas.

Read full article on Help Net Security

 


Date:

Categorie(s):

Tag(s):