Okta Archives • Daily CyberSecurity

Sophisticated Okta SSO Phishing Bypasses Defenses to Steal Session Tokens With Salary Review Lures UAT-8099 BadIIS Malware Pacific Islands Forum Cyberattack

UAT-8099 BadIIS Malware Pacific Islands Forum Cyberattack

Sophisticated Okta SSO Phishing Bypasses Defenses to Steal Session Tokens With Salary Review Lures

Do Son December 12, 2025

Just as employees begin anticipating their year-end performance reviews, a sophisticated new phishing campaign has emerged, turning...

Unveiling VoidProxy: The Phishing-as-a-Service That Bypasses MFA VoidProxy Phishing

Unveiling VoidProxy: The Phishing-as-a-Service That Bypasses MFA

Do Son September 12, 2025

Okta Threat Intelligence has published a detailed analysis of VoidProxy, a previously unreported Phishing-as-a-Service (PhaaS) platform that...

A Deceptive Ad Campaign Is Stealing Credentials from the Hospitality Industry the phishing page prompts for OTP codes sent via SMS

A Deceptive Ad Campaign Is Stealing Credentials from the Hospitality Industry

Do Son September 2, 2025

Okta Threat Intelligence is sounding the alarm over a large-scale phishing campaign that has been actively impersonating...

UNC6040 Threat Actor Exploits Salesforce via Vishing and Malicious Data Loader Apps Salesforce Gainsight Breach AppExchange Security Vishing, Salesforce Attack UNC6040

Salesforce Gainsight Breach AppExchange Security Vishing, Salesforce Attack UNC6040

UNC6040 Threat Actor Exploits Salesforce via Vishing and Malicious Data Loader Apps

Do Son June 6, 2025

Google Threat Intelligence Group (GTIG) has sounded the alarm on UNC6040, a financially motivated threat cluster waging...

North Korean Operatives Use GenAI to Infiltrate Global Tech Jobs, Okta Warns North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korean Operatives Use GenAI to Infiltrate Global Tech Jobs, Okta Warns

Do Son April 25, 2025

A recent report by Okta Threat Intelligence has shed light on the alarming ways that North Korean...

Okta Discloses Authentication Vulnerability in AD/LDAP DelAuth, Urges Customer Review Okta Authentication Vulnerability

Okta Discloses Authentication Vulnerability in AD/LDAP DelAuth, Urges Customer Review

Do Son November 2, 2024

On October 30, 2024, Okta announced a critical security advisory addressing a vulnerability in its AD/LDAP Delegated...

Okta Patches Vulnerability Allowing Unauthorized Access Okta Vulnerability

Okta Patches Vulnerability Allowing Unauthorized Access

Do Son October 4, 2024

Identity and access management giant, Okta, recently addressed a vulnerability that could have allowed malicious actors with...

Okta Patches Cross-Site Scripting Flaw (CVE-2024-0981) in Browser Plugin

Do Son July 22, 2024

Okta, a leading identity and access management provider, has recently patched a high-severity cross-site scripting (XSS) vulnerability...

New Cybercrime Wave: UNC3944 Exploits SaaS Vulnerabilities UNC3944

New Cybercrime Wave: UNC3944 Exploits SaaS Vulnerabilities

Do Son June 16, 2024

Mandiant, a renowned cybersecurity firm, has issued a warning about the evolving tactics of the financially motivated...

Data Breach at Okta Affects All Customer Support Users: Company Updates Scope Okta Data Breach - TopSec cybersecurity firm

Data Breach at Okta Affects All Customer Support Users: Company Updates Scope

Do Son November 29, 2023

In an unsettling revelation that underscores the relentless threats in the digital world, Okta, a renowned identity...

September Cyberattack Leaks Okta Employees’ Sensitive Data Okta Cyberattack

September Cyberattack Leaks Okta Employees’ Sensitive Data

Do Son November 3, 2023

Nearly 5,000 individuals, encompassing current and former employees of Okta and their families, have been thrust into...

Okta’s Security Breach Puts Businesses on Alert Okta Security Breach

Okta’s Security Breach Puts Businesses on Alert

Do Son October 21, 2023

Okta, a purveyor of identity tools such as multifactor authentication and single sign-on for countless enterprises, grappled...

Critical Alert 1 Active Exploit Detected Today