all InfoSec news
Week in Brief - Okta Breach, Brave's Stealthy VPN, Weak Admin Passwords an More
Oct. 22, 2023, 5:06 p.m. | /u/mandos_io
cybersecurity www.reddit.com
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- **Credential Abuse and Data Exposure**: Hackers exploited a stolen credential to access Okta's support case management system. They viewed HAR (HTTP Archive) files containing sensitive cookies and session tokens. These tokens could be used for impersonation attacks, posing a significant risk to Okta's client base.
- **Third-Party Impact and Containment**: Cloudflare detected unauthorized access to their Okta instance, originating from a compromised token at Okta. They used their Zero …
abuse access archive attacks base case case management client cloudflare containment cookies credential credential abuse cybersecurity data data exposure exploited exposure files hackers http http archive impact impersonation impersonation attacks instance management okta party risk sensitive session stolen support system third third-party tokens unauthorized access
More from www.reddit.com / cybersecurity
Creating a breach search website?
12 hours ago |
www.reddit.com
Is it normal to see your tools lie?
14 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Application Security Engineer - Remote Friendly
@ Unit21 | San Francisco,CA; New York City; Remote USA;
Cloud Security Specialist
@ AppsFlyer | Herzliya
Malware Analysis Engineer - Canberra, Australia
@ Apple | Canberra, Australian Capital Territory, Australia
Product CISO
@ Fortinet | Sunnyvale, CA, United States
Manager, Security Engineering
@ Thrive | United States - Remote