Cybercriminal gangs are advising victims to avoid using Okta authentication services, indicative of the technology's robustness. Okta's identity management systems are often targeted by threat actors aiming to breach organizational defenses. The gang Scattered Spider notably exploited Okta services during 2023 cyber attacks on Las Vegas casinos. The FastPass feature in Okta's Verify service offers passwordless authentication methods such as biometrics. Cybercriminals are evolving their tactics, utilizing phishing attacks via trusted communication platforms like Slack to manipulate targets into bypassing security measures.
This unusual instruction, delivered to targets of a recent social engineering campaign observed by Okta Threat Intelligence, offers a look into how cyber criminals are evolving their tactics in response to higher adoption of advanced, high-assurance sign-in methods.
During the observed phishing attacks, attackers ... tried to convince targeted users to evade security measures the company had in place. The campaign abused trusted instant messaging communications channels - in this case, Slack - to deliver lures to targeted users.
Cyber criminal gangs are telling their targets to stop authenticating using Okta services, which highlights the escalating tactics of cyber criminals in undermining security measures.
FastPass is a feature in Okta's Verify service that offers passwordless authentication - such as biometrics or device-based security - to access secured resources.
Collection
[
|
...
]