Seasoned full-stack entrepreneur in B2B SaaS. Multiple startups, and multiple successful exits.
I’m impressed (as I usually am) with 1Password. This is the way to discuss a hacking attempt. While others hide breach information, 1Password is out front and sharing what happened so that the security community understands how to protect other companies. Okta had the breach, but 1Password is trying to mitigate this incident for others. That’s the way to lead by example.
There are a lot of big names affected by the Okta incident. 1Password is just the latest. Having technical controls/tools in place to detect suspicious activity is key to knowing early. #vciso #ciso #cybersecurity #breach #incident #okta #1Password #infosec https://lnkd.in/esa2RJQS
Security Engineer @ Adobe · C|CT CBROPS · Follow for cybersecurity news and insights
🔒When Okta's Support Gets "Support" From Hackers🔒 In a plot twist worthy of a Hollywood script, Okta, the keeper of keys to many a digital kingdom, found its own customer support system infiltrated by hackers. The invaders, armed with valid credentials (🤔), browsed through customer files related to recent support cases. What did they get their hands on? HTTP Archive (HAR) files! These little gems can hold sensitive data like cookies and session tokens. It's like stealing the recipe to grandma’s cookies—only way less endearing and far more dangerous. The real kicker? BeyondTrust, a security firm, flagged suspicious activity to Okta weeks before the breach was acknowledged. They were essentially the night watchmen yelling "Iceberg, right ahead!" on the Titanic. But, it seems, the ship sailed a bit too close to the ice, despite having time to change course. So, the next time you share a HAR file with support, remember: it's not just cookies, it's your digital DNA. 🧬 For those keeping score at home, this isn't Okta's first rodeo. In March 2022, images circulated showing that hackers had gained access to an Okta admin panel. And in December 2022, Okta source code got nabbed from a GitHub account. The more things change, the more they stay the same, huh? For more jaw-dropping details, here's the full article: https://lnkd.in/d2X--JzC #Okta #BeyondTrust #Cybersecurity #OopsTheyDidItAgain
In many organizations, the crown jewels of data may have breadcrumbs leading to them from other systems. It will be interesting to see if we find out how this plays out. Can the threat actors leverage support data to get to a higher level of sensitive data? #cyber #cybersecurity #infosec #informationsecurity #ciso https://lnkd.in/gSw67f39
Okta's support organization was breached. This led to an attack on our and other Okta customers infrastructure. While we immediately detected and prevented the attack, with no exposure to customers, we have shared a blog with as many details as we can in hopes of educating other Okta users on securing their own environments. Also, for BeyondTrust customers leveraging our Identity Security Insights solution, we have outlined the various Detections and Recommendations that would have triggered/hardened you against this attack. We also refer to a previous Okta security focused blog from our research team with even more details on securing Okta environments. https://lnkd.in/guKdaenn
Identity Security Insights is just getting started but is already proving its worth. Check out the blog post below to learn more about the Okta breach.
Okta's support organization was breached. This led to an attack on our and other Okta customers infrastructure. While we immediately detected and prevented the attack, with no exposure to customers, we have shared a blog with as many details as we can in hopes of educating other Okta users on securing their own environments. Also, for BeyondTrust customers leveraging our Identity Security Insights solution, we have outlined the various Detections and Recommendations that would have triggered/hardened you against this attack. We also refer to a previous Okta security focused blog from our research team with even more details on securing Okta environments. https://lnkd.in/guKdaenn
Building stuff that works, and fixing stuff that doesn't. Providing technology resources to enable people and Agile teams to be successful and the business to drive revenue. Proven IT leader for rapidly growing startups.
See the article linked below for IOCs related to Okta Support breach.
Okta's support organization was breached. This led to an attack on our and other Okta customers infrastructure. While we immediately detected and prevented the attack, with no exposure to customers, we have shared a blog with as many details as we can in hopes of educating other Okta users on securing their own environments. Also, for BeyondTrust customers leveraging our Identity Security Insights solution, we have outlined the various Detections and Recommendations that would have triggered/hardened you against this attack. We also refer to a previous Okta security focused blog from our research team with even more details on securing Okta environments. https://lnkd.in/guKdaenn
Okta, Inc. is an identity and access management company (a Zero-trust enabler) with revenue of $1.8B. "The fault lies with the security people who designed the support system that was breached, specifically the way the breached service account was configured. Service accounts are mostly reserved for automating machine-to-machine functions, such as performing data backups or antivirus scans every night at a particular time. [This is] why MFA wasn’t set up on the account. [They could have] put a limit or conditions on the IP addresses that can connect or regularly rotate access tokens used to authenticate to service accounts." The credential for the service account were obtained by breaching a personal device/gmail account where they were stored. #Okta #Cybersecurity #IAM #configurationmanagement #humanerror https://lnkd.in/gv636BFj
IAM|Cloud IAM|Modern Authentications|Azure IAM|AWS IAM|AWS IAM|MFA|Federation|B2B|B2C|Passwordless|Identity Lifecycle|PAM|Identity Governance|PBAC|SCIM|SecDevOPS|NAC
Heads up, everyone! Before uploading any logs to a vendor, always exercise caution even if an NDA is in place. Recent events have shown that cyber attacks can happen to any organization at any level. Check out this article from TechCrunch to learn about the recent data breach at Okta, where hackers stole customer access tokens from their support unit. Stay vigilant and protect your organization's data! #cybersecurity #datasecurity #technews #cybersecurityawareness #cyberawareness #identityandaccessmanagement
How did the Okta Support breach impact 1Password?: 1Password detected suspicious activity on its Okta instance after the recent compromise of the Okta support system. The password management and security application 1Password announced it had detected suspicious activity on its Okta instance on September 29, but excluded that user data was exposed. The activity is linked to the recent attack on the Okta […] The post How did the Okta Support breach impact 1Password? appeared first on Security Affairs.
Do you work in information security, or anything even remotely adjacent to it? You should probably assume that if you have access to anything valuable that you're a potential target. Nothing has more value than access. Okta Breach Tied to Worker's Personal Google Account (https://lnkd.in/ecDB7BwB) #fraud #fraudmanagement #okta #breach #security #informationsecurity #oops
