Tag: okta

Palo Alto closes privileged access gap with $25B CyberArk acquisition

Feb 12, 2026 1:58 PM

Tags: access, ai, cloud, control, detection, endpoint, governance, identity, intelligence, microsoft, network, okta, risk, threat, zero-trust

Customer impact and integration risks: While Palo Alto is integrating CyberArk’s capabilities into its security ecosystem, the company will continue to offer CyberArk’s identity security solutions as a standalone platform.This signals continuity and roadmap stability for existing customers in the near term. “Standalone CyberArk availability is expected to continue, now backed by Palo Alto’s global…
How to Prevent Vishing Attacks Targeting Okta and other IDPs

Feb 11, 2026 10:58 PM

Tags: access, attack, authentication, email, identity, mfa, okta, phishing

<div cla Vishing as the Front Door to MFA Bypass Threat reporting tied to ShinyHunters and Scattered Spider-linked activity shows voice phishing (vishing) being operationalized as a coordinated access vector against enterprise identity systems. Rather than relying solely on email-based phishing, attackers now call employees directly, impersonating IT support, security teams, or identity administrators. These…
How to Prevent Vishing Attacks Targeting Okta and other IDPs

Feb 11, 2026 10:58 PM

Tags: access, attack, authentication, email, identity, mfa, okta, phishing

<div cla Vishing as the Front Door to MFA Bypass Threat reporting tied to ShinyHunters and Scattered Spider-linked activity shows voice phishing (vishing) being operationalized as a coordinated access vector against enterprise identity systems. Rather than relying solely on email-based phishing, attackers now call employees directly, impersonating IT support, security teams, or identity administrators. These…
Semperis Buys MightyID to Expand Identity Security

Feb 4, 2026 11:14 PM

Tags: backup, ceo, cyber, identity, okta, resilience, strategy

Acquisition Adds Okta and Ping Coverage to Semperis’ Identity Security Platform. Semperis has acquired MightyID to extend its identity-first security and cyber resilience strategy beyond Active Directory and Entra ID into Okta and Ping. CEO Mickey Bresman says the deal addresses customer demand for multi-identity provider protection backup recovery and migration. First seen on govinfosecurity.com…
ShinyHunters escalates tactics in extortion campaign linked to Okta environments

Feb 2, 2026 7:13 PM

Tags: access, extortion, okta, social-engineering, tactics

Researchers are tracking multiple clusters that are using social engineering to gain access to victims. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/shinyhunters-tactics-extortion-okta-environ/811112/
ShinyHunters escalates tactics in extortion campaign linked to Okta environments

Feb 2, 2026 7:13 PM

Tags: access, extortion, okta, social-engineering, tactics

Researchers are tracking multiple clusters that are using social engineering to gain access to victims. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/shinyhunters-tactics-extortion-okta-environ/811112/
ShinyHunters escalates tactics in extortion campaign linked to Okta environments

Feb 2, 2026 7:13 PM

Tags: access, extortion, okta, social-engineering, tactics

Researchers are tracking multiple clusters that are using social engineering to gain access to victims. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/shinyhunters-tactics-extortion-okta-environ/811112/
AI Compliance Tools: What to Look For FireTail Blog

Jan 30, 2026 8:42 PM

Tags: ai, antivirus, api, attack, automation, backdoor, business, cloud, compliance, control, credit-card, data, defense, email, finance, framework, GDPR, governance, grc, guide, identity, injection, intelligence, jobs, LLM, login, malicious, mitre, network, nist, okta, remote-code-execution, risk, risk-management, siem, software, threat, tool, training, unauthorized, vulnerability

Jan 30, 2026 – Alan Fagan – Quick Facts: AI Compliance ToolsManual tracking often falls short: Spreadsheets cannot track the millions of API calls and prompts generated by modern AI systems.Real-time is required: The best AI compliance tools monitor live traffic, not just static policy documents.Framework mapping matters: Firetail automatically maps activity to the OWASP…
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
Social Engineering Hackers Target Okta Single Sign On

Jan 28, 2026 8:22 PM

Tags: authentication, cloud, corporate, data, hacker, mfa, okta, phishing, social-engineering

ShinyHunters Campaign Uses Voice Phishing to Bypass MFA and Steal Corporate Data. Security experts warn that an active and ongoing campaign being waged by ShinyHunters extortionists has at least 150 organizations in its sights across a range of sectors, with attackers using live voice phishing to bypass multifactor authentication, steal cloud data and hold it…
ShinyHunters Group Targets Over 100 Enterprises, Including Canva, Atlassian, and Epic Games

Jan 27, 2026 4:21 PM

Tags: cyber, group, identity, infrastructure, okta, phishing, tactics, theft, threat

A surge in infrastructure deployment that mirrors the tactics of SLSH, a predatory alliance uniting three major threat actors: Scattered Spider, LAPSUS$, and ShinyHunters. A sophisticated identity-theft campaign has emerged, targeting Single Sign-On (SSO) platforms particularly Okta across more than 100 high-value enterprises. Unlike automated phishing campaigns, this operation is human-led. It relies on voice…
Phishing-Kits imitieren vermehrt Telefongespräche

Jan 27, 2026 3:21 PM

Tags: cyberattack, google, okta, phishing, social-engineering, threat

Digitale Angriffe verlagern sich zunehmend weg von simplen Massenmails hin zu gezielten, telefonbasierten Betrugsversuchen. Parallel dazu haben sich auch die Werkzeuge der Angreifer verändert: Moderne Phishing-Kits sind heute so ausgelegt, dass sie die speziellen Anforderungen sprachbasierter Social-Engineering-Angriffe in Vishing-Kampagnen unterstützen. Das ergaben jüngste Untersuchungen von Okta-Threat-Intelligence. Immer häufiger werden solche Kits gegen Konten bei Google,…
Canva among ~100 targets of ShinyHunters Okta identity-theft campaign

Jan 27, 2026 12:20 AM

Tags: identity, okta, theft

Atlassian, RingCentral, ZoomInfo also among tech targets First seen on theregister.com Jump to article: www.theregister.com/2026/01/26/shinyhunters_okta_sso_campaign/
Cybercrime group claims credit for voice phishing attacks

Jan 26, 2026 6:21 PM

Tags: attack, cybercrime, group, okta, phishing, social-engineering

Security researchers at Okta previously disclosed a social engineering campaign involving custom phishing kits. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cybercrime-group-voice-phishing-attacks-Okta/810493/
6 Okta security settings you might have overlooked

Jan 26, 2026 5:21 PM

Tags: identity, okta, saas

Okta misconfigurations can quietly weaken identity security as SaaS environments evolve. Nudge Security shows six Okta security settings teams often overlook and how to fix them. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/6-okta-security-settings-you-might-have-overlooked/
Okta Flags Customized, Reactive Vishing Attacks Which Bypass MFA

Jan 26, 2026 3:21 PM

Tags: attack, credentials, login, mfa, okta, phishing, threat

Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into handing over credentials First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/okta-flags-vishing-attacks-which/
Okta Flags Customised, Reactive Vishing Attacks Which Bypass MFA

Jan 26, 2026 2:21 PM

Tags: attack, credentials, login, mfa, okta, phishing, threat

Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into handing over credentials First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/okta-flags-vishing-attacks-which/
ShinyHunters claim hacks of Okta, Microsoft SSO accounts for data theft

Jan 25, 2026 5:31 AM

Tags: attack, breach, corporate, data, extortion, google, microsoft, okta, phishing, saas, theft, threat

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shinyhunters-claim-to-be-behind-sso-account-data-theft-attacks/
ShinyHunters claim to be behind SSO-account data theft attacks

Jan 24, 2026 1:30 AM

Tags: attack, breach, corporate, data, extortion, google, microsoft, okta, phishing, saas, theft, threat

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shinyhunters-claim-to-be-behind-sso-account-data-theft-attacks/
Voice Phishing Okta Customers: ShinyHunters Claims Credit

Jan 23, 2026 10:30 PM

Tags: attack, authentication, ciso, malicious, okta, phishing, service

Okta Alerts Customers’ CISOs to Malicious Campaigns Seeking Single Sign-On Access. A surge in attacks that bypass some types of multifactor authentication has been tied to a new generation of voice-phishing toolkits that give attackers the ability to orchestrate what a target sees in their browser, warns a new report from Okta, which is among…
ShinyHunters claims Okta customer breaches, leaks data belonging to 3 orgs

Jan 23, 2026 8:30 PM

Tags: breach, data, leak, okta

‘A lot more’ victims to come, we’re told First seen on theregister.com Jump to article: www.theregister.com/2026/01/23/shinyhunters_claims_okta_customer_breaches/
Okta Uncovers Custom Phishing Kits Built for Vishing Callers

Jan 23, 2026 4:34 PM

Tags: credentials, mfa, okta, phishing, phone

They can intercept user credentials while providing real-time context that helps attackers convince victims to approve MFA challenges during phone calls.. The post Okta Uncovers Custom Phishing Kits Built for Vishing Callers appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-phishing-kits-vishing-callers/
Okta Uncovers Custom Phishing Kits Built for Vishing Callers

Jan 23, 2026 4:34 PM

Tags: credentials, mfa, okta, phishing, phone

They can intercept user credentials while providing real-time context that helps attackers convince victims to approve MFA challenges during phone calls.. The post Okta Uncovers Custom Phishing Kits Built for Vishing Callers appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-phishing-kits-vishing-callers/
Okta users under attack: Modern phishing kits are turbocharging vishing attacks

Jan 23, 2026 2:30 PM

Tags: attack, credentials, login, okta, phishing, threat

Threat actors who specialize in vishing (i.e., voice phishing) have started using phishing kits that can intercept targets’ login credentials while also allowing … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/23/okta-vishing-adaptable-phishing-kits/
Okta SSO accounts targeted in vishing-based data theft attacks

Jan 22, 2026 11:30 PM

Tags: attack, credentials, data, okta, phishing, social-engineering, theft

Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks. BleepingComputer has learned that these kits are being used in active attacks to steal Okta SSO credentials for data theft. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/okta-sso-accounts-targeted-in-vishing-based-data-theft-attacks/
Secure web browsers for the enterprise compared: How to pick the right one

Jan 20, 2026 9:13 AM

Tags: access, ai, android, api, attack, browser, business, chrome, cloud, computer, control, corporate, data, encryption, endpoint, fortinet, gartner, google, guide, identity, linux, login, malicious, malware, mfa, mobile, monitoring, network, okta, phishing, saas, service, siem, software, technology, threat, tool, training, vpn, windows, zero-trust

Enable MFA at the beginning of any browser session by default.Handle isolation controls both with respect to the user’s session and to isolate any application from cross-infection. This means controlling the movement of data between the browser, your particular endpoint and the web application or applications involved.Control access to web destinations, either to allow or…
CrowdStrike to acquire SGNL for $740M, expanding real-time identity security

Jan 9, 2026 2:01 PM

Tags: access, authentication, ciso, control, crowdstrike, cybersecurity, data, detection, endpoint, google, iam, identity, network, okta, risk, software, update, windows

Market consolidation accelerates: The $740 million price reflects broader consolidation as cybersecurity vendors race to expand identity capabilities. The deal marks the latest in a wave of identity security acquisitions as platform vendors expand beyond core products. Liu compared the move to Palo Alto Networks’ acquisition of CyberArk in 2025, noting both vendors are racing…
CrowdStrike to acquire SGNL for $740M, expanding real-time identity security

Jan 9, 2026 2:01 PM

Tags: access, authentication, ciso, control, crowdstrike, cybersecurity, data, detection, endpoint, google, iam, identity, network, okta, risk, software, update, windows

Market consolidation accelerates: The $740 million price reflects broader consolidation as cybersecurity vendors race to expand identity capabilities. The deal marks the latest in a wave of identity security acquisitions as platform vendors expand beyond core products. Liu compared the move to Palo Alto Networks’ acquisition of CyberArk in 2025, noting both vendors are racing…
Agentic AI already hinting at cybersecurity’s pending identity crisis

Dec 23, 2025 9:19 AM

Tags: access, ai, api, attack, authentication, breach, business, ceo, cisco, ciso, cyber, cybersecurity, data, defense, framework, identity, least-privilege, malicious, okta, risk, strategy, supply-chain, switch, threat, tool, update

Agentic AI’s identity crisis: Authentication and agentic experts interviewed, three of whom estimate that less than 5% of enterprises experimenting with autonomous agents have deployed agentic identity systems, say the reasons for this lack of security hardening are varied.First, many of these efforts are effectively shadow IT, where a line of business (LOB) executive has…