Okta

Okta is an enterprise-grade, identity management service that connects any person with any application on any device. It’s built for the cloud, but is also compatible with many on-premises applications. With Okta, IT can manage any employee’s access to any application or device. Okta runs in the cloud, on a secure, reliable, extensively audited platform, which integrates deeply with on-premises applications, directories, and identity management systems. Okta features include Provisioning, Single Sign-On (SSO), Active Directory (AD) and LDAP integration, the centralized deprovisioning of users, multifactor authentication (MFA), mobile identity management, and flexible policies for organization security and control. All of these functions are brought together through a network of pre-integrated applications called the Okta Integration Network (OIN). The OIN provides diverse integration options, enabling SSO login for every app your users need to access during their work day. In summary, Okta is a customizable, secure, and drop-in solution to add authentication and authorization services to your applications. It provides scalable authentication built right into your application without the development overhead, security risks, and maintenance that come from building it yourself.


Cyber News related to Okta

CVE-2024-9875 - Okta Privileged Access server agent (SFTD) versions 1.82.0 to 1.84.0 are affected by a privilege escalation vulnerability when the sudo command bundles feature is enabled. To remediate this vulnerability, upgrade the Okta Privileged Access server ...
1 month ago Tenable.com
CVE-2024-9191 - The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The ...
1 month ago
CVE-2024-1900 - Improper session management in the identity provider authentication flow in Devolutions Server 2023.3.14.0 and earlier allows an authenticated user via an identity provider to stay authenticated after his user is disabled or deleted in the identity ...
1 month ago
CVE-2024-10327 - A vulnerability in Okta Verify for iOS versions 9.25.1 (beta) and 9.27.0 (including beta) allows push notification responses through the iOS ContextExtension feature allowing the authentication to proceed regardless of the user’s selection. When a ...
1 month ago Tenable.com
The Secret Weakness Execs Are Overlooking: Non-Human Identities - By shifting our focus to secrets security and adopting a comprehensive approach that includes robust detection, automated remediation, and integration with identity systems, organizations can significantly reduce their attack surface and bolster ...
2 months ago Thehackernews.com
Three Ways to Chill Attacks on Snowflake - More than a month after a spate of data theft of Snowflake environments, the full scope of the incident has become more clear: at least 165 likely victims, more than 500 stolen credentials, and suspicious activity connected to known malware from ...
5 months ago Darkreading.com
Okta warns of credential stuffing attacks targeting its CORS feature - Okta warns that a Customer Identity Cloud feature is being targeted in credential stuffing attacks, stating that numerous customers have been targeted since April. Okta is a leading identity and access management company providing cloud-based ...
6 months ago Bleepingcomputer.com
New Endpoint Protection Platform by Cigent Blocks Ransomware at the Data Level - A new endpoint data protection platform from Cigent Technology refocuses ransomware prevention onto protecting customer data from both encryption and exfiltration. With no loss of data, criminal extortion is prevented. The common approach today is to ...
6 months ago Securityweek.com
Thoma Bravo-owned LogRhythm Announces Merger with Rival Exabeam - There's a major rumble brewing in the Security Information and Event Management landscape with Thoma Bravo-owned LogRhythm announcing plans to merge with rival Exabeam. Financial terms of the planned merger were not released but the price tag is ...
7 months ago Securityweek.com
As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs - Scattered Spider hackers have been tearing through the finance and insurance sectors, all while authorities are preparing legal actions to stop them. A game of cops and robbers is playing out between the FBI and Scattered Spider, the cybercrime ...
7 months ago Darkreading.com
Why Tokens Are Like Gold for Opportunistic Threat Actors - COMMENTARY. Authentication tokens aren't actual physical tokens, of course. Authentication tokens are an important part of cybersecurity. Which means that anyone with a token has a gold key to corporate systems - without requiring a multifactor ...
7 months ago Darkreading.com
Russian hackers hijack Ukrainian TV to broadcast Victory Day parade - Russia-aligned hackers hijacked several Ukrainian television channels on Thursday to broadcast a Victory Day parade in Moscow, commemorating the defeat of Nazi Germany in World War II. According to the Ukrainian agency responsible for television and ...
7 months ago Therecord.media
AuditBoard enhances InfoSec Solutions to reduce compliance fatigue across the organization - AuditBoard announced powerful enhancements for its InfoSec Solutions to help organizations meet their IT compliance, cyber risk, and vendor risk management needs in the face of rising risks and increased regulatory requirements. With these new ...
7 months ago Helpnetsecurity.com
Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days - Strategies for secure identity management in hybrid environmentsIn this Help Net Security interview, Charlotte Wylie, SVP and Deputy CSO at Okta, discusses the challenges of managing user identities across hybrid IT environments. Leveraging AI for ...
8 months ago Helpnetsecurity.com
CVE-2024-0980 - The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code. ...
8 months ago
CVE-2024-29772 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stormhill Media MyBookTable Bookstore allows Stored XSS.This issue affects MyBookTable Bookstore: from n/a through 3.3.7. ...
8 months ago
Productiv launches Sidekick, an AI-powered assistant for smarter SaaS management - Join leaders in Boston on March 27 for an exclusive night of networking, insights, and conversation. Productiv, a leading SaaS management platform, has announced the launch of Sidekick, an AI-powered chatbot designed to revolutionize how IT leaders ...
9 months ago Venturebeat.com
IT helpdeskers increasingly targeted by cybercriminals The Register - It's not a novel phenomenon, nor is it being carried out in a very sophisticated way, Red Canary's latest threat report notes, yet the trend is growing and miscreants are seeing greater rates of success. Keen infosec watchers will remember last year ...
9 months ago Theregister.com
IT helpdeskers increasingly targeted by cybercriminals The Register - It's not a novel phenomenon, nor is it being carried out in a very sophisticated way, Red Canary's latest threat report notes, yet the trend is growing and miscreants are seeing greater rates of success. Keen infosec watchers will remember last year ...
9 months ago Go.theregister.com
Acer confirms Philippines employee data leaked on hacking forum - Acer Philippines confirmed that employee data was stolen in an attack on a third-party vendor who manages the company's employee attendance data after a threat actor leaked the data on a hacking forum. Acer is a Taiwanese maker of computer hardware ...
9 months ago Bleepingcomputer.com
Okta says data leaked on hacking forum not from its systems - Okta denies that its company data was leaked after a threat actor shared files allegedly stolen during an October 2023 cyberattack on a hacker forum. Okta is a San Fransisco-based cloud identity and access management solutions provider whose Single ...
9 months ago Bleepingcomputer.com
OneLogin vs. Okta: Which IAM Solution Is Better? - OneLogin and Okta are two industry-leading identity and access management platforms used to secure user access to corporate resources and manage information about user identity. OneLogin and Okta are enterprise-grade IAM platforms offering security ...
9 months ago Techrepublic.com
VMware urges admins to remove deprecated, vulnerable auth plug-in - VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left unpatched. The vulnerable VMware Enhanced ...
10 months ago Bleepingcomputer.com
Action1 platform update improves patching workflows - Action1 announced its latest release and the introduction of a new guiding concept for its business. The latest feature update contains multiple enhancements to the Action1 platform, empowering customers to bring their patching efforts 'down to ...
10 months ago Helpnetsecurity.com
Blocking Compromised Tokens with Wallarm - In our Annual API ThreatStats report, we highlighted the increasing threat of API Leaks. An API Leak is the disclosure of sensitive API information, such as a token, credential, or private schema. These leaks can occur directly via the API itself, ...
10 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)