The Dilemma of Attacking Okta, Red Team Operations

Introduction An ominous login page, mysterious isn’t it? This page is seen by hundreds of employees/customers of companies like Discord, Microsoft, Paypal, GoDaddy, Roblox, etc. This is an Okta login page, successfully authenticating yourself with one of these will usually redirect you to a companies internal services, such as: Jira, Confluence, Metrics systems, the whole shebang! Okta? Okta is “an American identity and access management company” that allows companies to easily manage and c

The LAPSUS$ Supply Chain Attack: Third-Party Playbooks and

Customer Spotlight: Identity Under Attack

Okta's Investigation of the January 2022 Compromise

Game of Thrones in cybersecurity: data gravity, industry

Decoding the (Broken) Modern Identity Stack

The LAPSUS$ Supply Chain Attack: Third-Party Playbooks and

Phishing with SAML and SSO Providers – Jordan Potti – Security Things

Lapsus$ Attack on OKTA – Analysis and Recommendations - CYE

All about the phishing campaign that compromised over 130

Okta: Hackers target IT help desks to gain Super Admin, disable MFA

News Archives - Page 5 of 324 - Phoenix Technology Solutions

Okta for Red Teamers - XPN InfoSec Blog