The cybersecurity landscape is structured like Swiss cheese - fragmented and full of vulnerabilities. This complex, ever-evolving environment requires a multifaceted approach to address gaps and a specific focus on data security and identity protection, said Maxine Holt, senior director at Omdia.
Okta has paused product development and internal projects for 90 days to beef up its security architecture and operations for applications, hardware and third-party vendors. Okta will move to strengthen its cyber posture, including a security action plan and engaging with third-party cyber firms.
Identity and authentication giant Okta said the attacker behind its September data breach stole usernames and contact details for all users of its primary customer support system and warned customers to beware potential follow-on phishing and social engineering attacks.
In today's complex cloud environments, gaining visibility and control over all assets is a critical challenge. Shadow cloud assets, often overlooked by security teams, pose a significant risk as they remain exposed to the internet, providing easy targets for attackers. Cloud Discovery and Exposure Management (CDEM)...
Days after announcing a security compromise, cloud-based identity and authentication management provider Okta said that an unknown threat actor had accessed files of 134 customers after an employee signed in to a personal Google profile on the Chrome browser of an Okta-managed laptop.
Stolen and compromised credentials continue to be the crux of major health data security incidents involving cloud environments. But stronger credential management practices and a focused approach to "least privilege engineering" would help, said Taylor Lehmann of Google Cloud.
Social media single sign-on standard OAuth has an implementation weakness that hackers could exploit to obtain unauthorized access, say researchers. "We expect that 1,000s of other websites are vulnerable to the attack," wrote Salt Security, "putting billions of additional internet users at risk."
Widely used password management software provider 1Password said a hacker breached had one of its systems but failed to steal any sensitive data, after stealing a valid session cookie from the customer support system of its access and identity management provider, Okta.
A breach of Okta's support case management system using a stolen credential allowed attackers to access sensitive files uploaded by the identity security giant's customers. San Francisco-based Okta said the threat actor could view filed uploaded by certain customers as part of recent support cases.
Deployment processes for cloud environments and on-premises infrastructures may look similar, but it’s often too easy to overlook the differences.
Security blind spots are misconfigurations that even skilled administrators frequently fail to see, such as IAM configuration drift across a multi-cloud environment. To...
Hotel and casino giant MGM Resorts says the recent hack attack against it cost $110 million in lost revenue and mitigation expenses. The publicly traded company expects to recoup losses and costs to date via cyber insurance. MGM Resorts says that its investigation remains ongoing.
Okta bought a password manager founded by a former Google engineer and backed by Andreessen Horowitz to get a foothold in the consumer identity market. Okta was impressed by Uno's experience in building consumer-first, design-focused and easy-to-use password management and personal identity tools.
Palo Alto Networks remains a leader in Forrester's zero trust platform rankings while Microsoft and Check Point entered the leaders category for the first time. Vendors in the zero trust platform space ditched point products and pursued organic investments or M&A to create a broader offering.
Microsoft updated Windows 11 on Tuesday to simplify passwordless adoption, protect against malicious code and have the ability to refresh configuration in the event of tampering. Updates to Windows 11 allow users to replace passwords with passkeys to stop hackers from exploiting stolen passwords.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.