Tag: okta

Phishing Campaign Exploits Ads to Breach Hotel Property Management Systems

Sep 1, 2025 2:20 PM

Tags: breach, cloud, credentials, cyber, exploit, google, intelligence, login, malicious, malware, okta, phishing, service, threat

A sophisticated malvertising campaign has emerged that specifically targets hoteliers and vacation rental operators by impersonating well-known service providers. Okta Threat Intelligence reports that attackers have used malicious search engine advertisements”, particularly sponsored ads on Google Search”, to lure unsuspecting hospitality professionals to counterfeit login portals. The ultimate goal: harvesting credentials for cloud-based property management…
Okta ‘Accelerating’ Privileged Access Growth Amid Shift To Agentic: COO

Aug 27, 2025 1:23 AM

Tags: access, identity, okta

Okta beat analyst expectations for its latest quarter Tuesday even as the identity security vendor signaled that it aims to ramp up its expansion in privileged access management with the planned acquisition of Axiom Security. First seen on crn.com Jump to article: www.crn.com/news/security/2025/okta-accelerating-privileged-access-growth-amid-shift-to-agentic-coo
Okta to Purchase Axiom Security to Bolster Privileged Access

Aug 27, 2025 12:23 AM

Tags: access, container, kubernetes, okta, startup

Just-in-Time, Database, Kubernetes Access Fuel Privileged Access Startup M&A. By acquiring startup Axiom Security, Okta aims to enhance privileged access by offering broader coverage of sensitive assets like Kubernetes containers and databases. The company says the move accelerates value delivery and complements Okta’s existing privileged access capabilities. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/okta-to-purchase-axiom-security-to-bolster-privileged-access-a-29303
Okta makes AI identity play with Axiom acquisition

Aug 26, 2025 8:23 PM

Tags: access, ai, identity, okta, technology

Okta says Axiom Security’s technology will reinforce its own offerings in privileged access management, especially when it comes to the growing number of non-human identities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629921/Okta-makes-AI-identity-play-with-Axiom-acquisition
Okta To Acquire Axiom For Privileged Access Management Expansion

Aug 26, 2025 6:23 PM

Tags: access, okta, startup

Okta is seeking to expand its privileged access management capabilities with the announcement Tuesday that it plans to acquire a startup in the space, Axiom Security. First seen on crn.com Jump to article: www.crn.com/news/security/2025/okta-to-acquire-axiom-for-privileged-access-management-expansion
AI at Work Report von Okta – KI im Unternehmen oft ohne Strategie und trotz Bedenken

Aug 20, 2025 4:55 PM

Tags: ai, okta, strategy

First seen on security-insider.de Jump to article: www.security-insider.de/effizienz-durch-ki-sicherheitsrisiken-und-datenschutz-herausforderungen-a-3a15e9a5346f7121083277d131120e48/
ASPM buyer’s guide: 7 products to help secure your applications

Aug 20, 2025 10:56 AM

Tags: access, ai, api, application-security, attack, business, ceo, cloud, compliance, container, crowdstrike, data, detection, endpoint, exploit, gartner, google, guide, iam, identity, infrastructure, ivanti, marketplace, microsoft, monitoring, okta, open-source, oracle, programming, risk, software, supply-chain, threat, tool, vulnerability, vulnerability-management

Protect the software development lifecycle (SDLC) and supply chain pipelinesAutomate software testingIntegrate with various applications to mitigate and remove various risksFeatures offered by ASPMs vary widely. As a result, tools can prove difficult to evaluate in terms of exactly what is being protected, what data and metadata is being collected to inform security judgments, and…
Okta open-sources catalog of Auth0 rules for threat detection

Aug 19, 2025 8:54 PM

Tags: detection, okta, open-source, threat

Okta has open-sourced ready-made Sigma-based queries for Auth0 customers to detect account takeovers, misconfigurations, and suspicious behavior in event logs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/okta-open-sources-catalog-of-auth0-rules-for-threat-detection/
AI adoption fuels problems for identity management

Aug 18, 2025 5:54 PM

Tags: ai, identity, okta

Okta research indicates the emergence and growth of novel security problems, connected with the spread of AI agents and non-human identities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629189/Okta-AI-adoption-fuels-problems-for-identity-management
AI adoption fuels problems for identity management

Aug 18, 2025 5:54 PM

Tags: ai, identity, okta

Okta research indicates the emergence and growth of novel security problems, connected with the spread of AI agents and non-human identities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629189/Okta-AI-adoption-fuels-problems-for-identity-management
Cyber criminals would prefer businesses don’t use Okta

Aug 6, 2025 9:12 PM

Tags: authentication, cyber, okta, phishing, threat

Okta details a phishing campaign in which the threat actor demonstrated some unusually strong opinions on what authentication methods they would like their targets to use. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366628482/Cyber-criminals-would-prefer-businesses-dont-use-Okta
PoisonSeed überlistet FIDO-Schlüssel

Jul 22, 2025 1:40 PM

Tags: authentication, ceo, crypto, cyberattack, encryption, fido, mfa, okta, password, phishing, qr, social-engineering, vulnerability

Cyberkriminelle nutzen die geräteübergreifende Anmeldeoption von FIDO aus, um eine von ihnen kontrollierte authentifizierte Sitzung zu erstellen.FIDO-Schlüssel verwenden eine hardwarebasierte Multi-Faktor-Authentifizierung, um Schwachstellen anderer MFA-Methoden zu beheben. Der berüchtigten Krypto-Hackergruppe PoisonSeed ist es jedoch offenbar gelungen, diese zusätzliche Sicherung zu umgehen. Forscher von Expel sind auf eine Angriffskampagne der Gruppe gestoßen, bei der FIDO mit…
Okta und Palo Alto Networks bündeln ihre Kräfte gegen Identitätsbedrohungen

Jul 16, 2025 9:40 AM

Tags: network, okta

Neue, integrierte Sicherheitslösungen schützen Unternehmen besser vor Angriffen auf digitale Identitäten durch automatisierte Reaktionen, sichere Zugriffskontrollen und weniger Sicherheitslücken First seen on infopoint-security.de Jump to article: www.infopoint-security.de/okta-und-palo-alto-networks-buendeln-ihre-kraefte-gegen-identitaetsbedrohungen/a41410/
Palo Alto Networks Extends Zero-Trust Alliance with Okta

Jul 15, 2025 4:40 PM

Tags: cybersecurity, network, okta, zero-trust

Palo Alto Networks today extended its alliance with Okta to provide deeper integrations to enable cybersecurity teams to restrict which applications can be accessed from a secure browser. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/palo-alto-networks-extends-zero-trust-alliance-with-okta/
Okta macht KI-Zugriffe sicherer- Cross App Access kontrolliert KI-Agenten

Jul 3, 2025 3:34 PM

Tags: access, ai, okta

Cross App Access steht ab dem dritten Quartal 2025 ausgewählten Okta Platform-Kunden zur Verfügung zunächst in Zusammenarbeit mit Partnern aus dem ISV-Bereich. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/okta-macht-ki-zugriffe-sicherer-cross-app-access-kontrolliert-ki-agenten/a41295/
Vercel’s v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale

Jul 2, 2025 9:34 AM

Tags: ai, cybercrime, intelligence, login, okta, phishing, threat, tool

Unknown threat actors have been observed weaponizing v0, a generative artificial intelligence (AI) tool from Vercel, to design fake sign-in pages that impersonate their legitimate counterparts.”This observation signals a new evolution in the weaponization of Generative AI by threat actors who have demonstrated an ability to generate a functional phishing site from simple text prompts,”…
CISOs must rethink defense playbooks as cybercriminals move faster, smarter

Jul 1, 2025 10:34 AM

Tags: access, automation, breach, business, cisco, ciso, crowdstrike, cybercrime, cybersecurity, data, defense, finance, incident response, Intruder, okta, ransomware, siem, technology, threat

Threat actor containment: Increasingly ‘surgical’ and best with a plan: Even after an intruder has been identified, today’s rapid pace of adversary activity is also straining cybersecurity teams’ ability to contain intruders before they can cause damage.”If I’m a CISO, if I’m responsible for detecting and remediating that incident before it progresses to becoming a…
Why Are CISOs Prioritizing Snowflake Security? The Breach Playbook Has Changed.

Jun 26, 2025 6:36 PM

Tags: access, ai, attack, authentication, breach, ciso, credentials, data, defense, detection, exploit, finance, google, group, identity, insurance, intelligence, login, mandiant, monitoring, okta, risk, saas, social-engineering, theft, threat

In recent conversations with prospective customers, one request keeps rising to the top: “Can you monitor Snowflake?” At first, it felt like a coincidence. But over multiple engagements, that urgency isn’t random it reflects a deeper industry concern. Security leaders are increasingly prioritizing Snowflake as a high-risk, high-value SaaS application. And they’re right to. The…
Half of Customer Signups Are Now Fraudulent

Jun 25, 2025 11:35 AM

Tags: fraud, okta

Okta says over 46% of new customer registrations are bot-driven fraud attempts First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/half-customer-signups-now/
Okta Introduces Access Control Protocol for AI Agent Interactions

Jun 24, 2025 10:35 PM

Tags: access, ai, control, okta

First seen on scworld.com Jump to article: www.scworld.com/brief/okta-introduces-access-control-protocol-for-ai-agent-interactions
Deutsche fordern Transparenz und Kontrolle bei KI-Agenten

Jun 24, 2025 2:36 PM

Tags: ai, gartner, identity, okta

Okta hat seinen jährlichen ‘Customer Identity Trends Report” veröffentlicht. Dieser enthüllt eine entscheidende Erkenntnis für Unternehmen, die KI-Agenten einsetzen: Vertrauen und Kontrolle sind für eine erfolgreiche Akzeptanz von entscheidender Bedeutung, insbesondere bei deutschen Verbrauchern. Trotz der zunehmenden Verbreitung von KI-Agenten in der EMEA-Region laut Gartner werden bis 2028 ein Drittel aller Interaktionen mit generativer […]…
Okta Introduces Cross App Access to Secure AI Agents in Enterprise

Jun 23, 2025 3:35 PM

Tags: access, ai, control, governance, intelligence, okta, tool

Okta Inc. on Monday said it has created a new protocol to secure artificial intelligence (AI) agents to bring visibility, control and governance to agent-driven and app-to-app interactions. The Cross App Access platform is especially important as more AI tools use protocols like Model Context Protocol (MCP) to connect their AI learning models to important..…
Integrating SCIM with Identity Providers: Your Complete Guide to Okta and Azure AD

Jun 17, 2025 2:54 PM

Tags: guide, identity, okta

Think about SCIM integration as part of your overall enterprise readiness strategy. It should work seamlessly with your SSO implementation, complement your security features, and integrate well with your customer onboarding process. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/integrating-scim-with-identity-providers-your-complete-guide-to-okta-and-azure-ad/
8 tips for mastering multicloud security

Jun 17, 2025 9:54 AM

Tags: access, attack, automation, business, ciso, cloud, compliance, conference, control, cybersecurity, data, detection, framework, google, governance, identity, intelligence, least-privilege, malware, microsoft, monitoring, okta, resilience, risk, service, siem, skills, software, strategy, technology, threat, tool, training, vulnerability

2. Create unified security governance: A unified security governance model should be established, spanning all cloud environments and supported by centralized identity management, visibility, automation, and policy enforcement, advises Nigel Gibbons, director and senior advisor at security services firm NCC Group.This approach, Gibbons says, minimizes complexity and silos by creating consistent security controls across cloud…
Salesforce, Okta Targeted by Telephone-Wielding Hackers

Jun 6, 2025 1:55 AM

Tags: attack, cloud, data, hacker, hacking, okta, phishing, scam, theft

Hackers Impersonate IT Support Staff. A hacking collective linked to recent British retailer attacks is targeting cloud companies through or voice phishing scams for data theft from European hospitality, retail and education sectors. Hackers impersonate IT support staff. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/salesforce-okta-targeted-by-telephone-wielding-hackers-a-28604
Hackers Are Stealing Salesforce Data, Google Warns

Jun 5, 2025 6:54 PM

Tags: attack, authentication, breach, cloud, credentials, cyber, data, defense, detection, exploit, extortion, google, group, hacker, identity, intelligence, malware, microsoft, mitigation, monitoring, network, okta, saas, service, theft, threat, tool, update

By Christy Lynch This post summarizes the June 4, 2025 threat intelligence update from Google and offers additional recommendations from Reveal Security based on similar and recently observed attack patterns targeting SaaS applications and cloud infrastructure. Reveal Security monitors the overall cyber landscape for unique threats that can evade legacy detection methodologies. This UNC6040 campaign…
Hackers use Vishing to breach Salesforce customers and swipe data

Jun 4, 2025 4:55 PM

Tags: access, attack, authentication, best-practice, breach, cloud, data, extortion, group, hacker, least-privilege, malware, mfa, microsoft, monitoring, network, okta, service, social-engineering, tactics, threat, tool

Lateral movement for further extortion: After breaching Salesforce, the group moves laterally across cloud services, targeting tools like Okta, Microsoft 365, and Workplace to widen the scope of the breach.Researchers point out that, in some cases, extortion attempts have surfaced months after the initial intrusion, with the threat actors even claiming ties to the infamous…
Will AI agent-fueled attacks force CISOs to fast-track passwordless projects?

May 28, 2025 8:54 AM

Tags: access, ai, api, attack, authentication, breach, business, ciso, cloud, credentials, cyber, cybersecurity, data, fido, finance, framework, google, Hardware, identity, login, metric, microsoft, okta, passkey, password, phishing, privacy, risk, risk-management, service, technology, threat, tool, update, zero-trust

Passwordless options: In retiring passwords, security leaders will need to consider their options, passkeys, biometrics, and third-party login services, looking for the best technical, usability, and security fit. There are pros and cons for each option, and in many cases CISOs may be guided towards one based on their existing environment.Passkeys, used by Microsoft, Samsung,…
Samlify bug lets attackers bypass single sign-on

May 22, 2025 1:56 PM

Tags: access, authentication, data, flaw, identity, okta, saas, update

SAML authenticators should update to patched versions: The flaw has been addressed through patches in samlify versions 2.10.0 and later.Researchers have recommended that systems using SAML authentication must update to a fixed version and ensure “secure SSO flows: implement HTTPS and avoid untrusted sources for SAML flows.”SAML-powered SSO supports a range of use cases: enterprise…
Top 12 US cities for cybersecurity job and salary growth

May 22, 2025 11:55 AM

Tags: access, ai, apple, attack, blockchain, business, country, crowdstrike, cyber, cybersecurity, data, defense, finance, fintech, government, group, infrastructure, insurance, iot, jobs, metric, microsoft, nvidia, office, okta, privacy, software, startup, strategy, supply-chain, technology, training, warfare

While major hubs like San Francisco naturally come to mind, and perform well based on the metrics we evaluated, there are many lesser-known cities that may be just as promising, if not more. These emerging destinations can offer easier access to job opportunities, more sustainable career paths, higher pay, and a lower cost of living.Here’s…