all InfoSec news
Okta breach post mortem reveals weaknesses exploited by attackers
Help Net Security www.helpnetsecurity.com
The recent breach of the Okta Support system was carried out via a compromised service account with permissions to view and update customer support cases. “During our investigation into suspicious use of this account, Okta Security identified that an employee had signed-in to their personal Google profile on the Chrome browser of their Okta-managed laptop. The username and password of the service account had been saved into the employee’s personal Google account,” David Bradbury, Chief … More
The post …
1password account account hijacking attackers beyondtrust breach browser cases chrome cloudflare compromised customer customer support don't miss employee exploited google hot stuff incident response investigation okta okta breach permissions personal post mortem profile security service support system update weaknesses