Okta has a standard process that can be abused for nefarious purposes. The legitimate method for changing credential details within Okta (for example, if a person gets married and changes her last name and adopts a new email address) can be misused by an attacker to impersonate another existing user.
Cybersecurity Funding·Identity & Access
Okta Impersonation Technique Could be Utilized by Attackers
Okta has a standard process that can be abused for nefarious purposes. The legitimate method for changing credential details within Okta (for example, if a person gets married and changes her last name and adopts a new email address) can be misused by an attacker to impersonate another existing user. The post Okta Impersonation Technique Could be Utilized by Attackers appeared first on SecurityWeek.
Latest News
- TrueConf Zero-Day Exploited in Asian Government Attacks
- In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
- Critical ShareFile Flaws Lead to Unauthenticated RCE
- Mobile Attack Surface Expands as Enterprises Lose Control
- React2Shell Exploited in Large-Scale Credential Harvesting Campaign
- T-Mobile Sets the Record Straight on Latest Data Breach Filing
- North Korean Hackers Drain $285 Million From Drift in 10 Seconds
- Critical Vulnerability in Claude Code Emerges Days After Source Leak
Publisher