CyberSecurityBoard
Sponsor Register Login

Okta

Okta is an enterprise-grade, identity management service that connects any person with any application on any device. It’s built for the cloud, but is also compatible with many on-premises applications. With Okta, IT can manage any employee’s access to any application or device. Okta runs in the cloud, on a secure, reliable, extensively audited platform, which integrates deeply with on-premises applications, directories, and identity management systems. Okta features include Provisioning, Single Sign-On (SSO), Active Directory (AD) and LDAP integration, the centralized deprovisioning of users, multifactor authentication (MFA), mobile identity management, and flexible policies for organization security and control. All of these functions are brought together through a network of pre-integrated applications called the Okta Integration Network (OIN). The OIN provides diverse integration options, enabling SSO login for every app your users need to access during their work day. In summary, Okta is a customizable, secure, and drop-in solution to add authentication and authorization services to your applications. It provides scalable authentication built right into your application without the development overhead, security risks, and maintenance that come from building it yourself.


Cyber News related to Okta

Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities - The CL0P ransomware group exploited vulnerabilities to access sensitive employee data, including names and Social Security numbers. SonicWall has patched three vulnerabilities in its NetExtender VPN client for Windows (versions prior to 10.3.2). ...
5 days ago Cybersecuritynews.com CVE-2025-29824 Scattered Spider SideCopy
Scattered Spider Employs Sophisticated Attacks to Steal Login Credentials & MFA Tokens - To counter this threat, Silent Push has developed Indicators of Future Attack (IOFA) feeds that track Scattered Spider infrastructure, including recently observed domains like “klv1.it.com” targeting Klaviyo and multiple others ...
1 week ago Cybersecuritynews.com Scattered Spider
New 'Atlantis AIO' automates credential stuffing on 140 services - Credential stuffing is a type of cyberattack where threat actors try out a list of credentials (usernames + passwords) they stole or sourced from leaked data breaches against platforms hoping to gain access to accounts. Specifically, Atlantis AIO ...
3 weeks ago Bleepingcomputer.com
Top 10 Best Passwordless Authentication Tools in 2025 - Auth0 provides a flexible authentication and authorization platform that supports passwordless login methods, enhancing security and user experience by eliminating the need for traditional passwords. Okta provides a robust identity and access ...
1 month ago Cybersecuritynews.com
New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins - A surge in “Pass-the-Cookie” (PTC) attacks is undermining multi-factor authentication (MFA), enabling cybercriminals to hijack session cookies and bypass security measures to access sensitive accounts. Similarly, Google’s Threat ...
1 month ago Cybersecuritynews.com
CVE-2025-22301 - Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore allows Cross Site Request Forgery.This issue affects MyBookTable Bookstore: from n/a through 3.5.3. ...
3 months ago Tenable.com
CVE-2024-9875 - Okta Privileged Access server agent (SFTD) versions 1.82.0 to 1.84.0 are affected by a privilege escalation vulnerability when the sudo command bundles feature is enabled. To remediate this vulnerability, upgrade the Okta Privileged Access server ...
4 months ago Tenable.com
CVE-2024-9191 - The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The ...
5 months ago
CVE-2024-1900 - Improper session management in the identity provider authentication flow in Devolutions Server 2023.3.14.0 and earlier allows an authenticated user via an identity provider to stay authenticated after his user is disabled or deleted in the identity ...
5 months ago
CVE-2024-10327 - A vulnerability in Okta Verify for iOS versions 9.25.1 (beta) and 9.27.0 (including beta) allows push notification responses through the iOS ContextExtension feature allowing the authentication to proceed regardless of the user’s selection. When a ...
5 months ago Tenable.com
The Secret Weakness Execs Are Overlooking: Non-Human Identities - By shifting our focus to secrets security and adopting a comprehensive approach that includes robust detection, automated remediation, and integration with identity systems, organizations can significantly reduce their attack surface and bolster ...
6 months ago Thehackernews.com
CVE-2024-43255 - Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore allows Cross-Site Scripting (XSS).This issue affects MyBookTable Bookstore: from n/a through 3.3.9. ...
7 months ago
CVE-2024-7061 - Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5.0.2 or greater. ...
8 months ago
CVE-2023-48331 - Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore by Stormhill Media allows Cross Site Request Forgery.This issue affects MyBookTable Bookstore by Stormhill Media: from n/a through 3.3.4. ...
8 months ago
CVE-2024-0981 - Okta Browser Plugin versions 6.5.0 through 6.31.0 (Chrome/Edge/Firefox/Safari) are vulnerable to cross-site scripting. This issue occurs when the plugin prompts the user to save these credentials within Okta Personal. A fix was implemented to ...
8 months ago
Three Ways to Chill Attacks on Snowflake - More than a month after a spate of data theft of Snowflake environments, the full scope of the incident has become more clear: at least 165 likely victims, more than 500 stolen credentials, and suspicious activity connected to known malware from ...
9 months ago Darkreading.com
Okta warns of credential stuffing attacks targeting its CORS feature - Okta warns that a Customer Identity Cloud feature is being targeted in credential stuffing attacks, stating that numerous customers have been targeted since April. Okta is a leading identity and access management company providing cloud-based ...
10 months ago Bleepingcomputer.com LockBit
New Endpoint Protection Platform by Cigent Blocks Ransomware at the Data Level - A new endpoint data protection platform from Cigent Technology refocuses ransomware prevention onto protecting customer data from both encryption and exfiltration. With no loss of data, criminal extortion is prevented. The common approach today is to ...
10 months ago Securityweek.com
Thoma Bravo-owned LogRhythm Announces Merger with Rival Exabeam - There's a major rumble brewing in the Security Information and Event Management landscape with Thoma Bravo-owned LogRhythm announcing plans to merge with rival Exabeam. Financial terms of the planned merger were not released but the price tag is ...
11 months ago Securityweek.com
As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs - Scattered Spider hackers have been tearing through the finance and insurance sectors, all while authorities are preparing legal actions to stop them. A game of cops and robbers is playing out between the FBI and Scattered Spider, the cybercrime ...
11 months ago Darkreading.com Scattered Spider
Why Tokens Are Like Gold for Opportunistic Threat Actors - COMMENTARY. Authentication tokens aren't actual physical tokens, of course. Authentication tokens are an important part of cybersecurity. Which means that anyone with a token has a gold key to corporate systems - without requiring a multifactor ...
11 months ago Darkreading.com
Russian hackers hijack Ukrainian TV to broadcast Victory Day parade - Russia-aligned hackers hijacked several Ukrainian television channels on Thursday to broadcast a Victory Day parade in Moscow, commemorating the defeat of Nazi Germany in World War II. According to the Ukrainian agency responsible for television and ...
11 months ago Therecord.media
AuditBoard enhances InfoSec Solutions to reduce compliance fatigue across the organization - AuditBoard announced powerful enhancements for its InfoSec Solutions to help organizations meet their IT compliance, cyber risk, and vendor risk management needs in the face of rising risks and increased regulatory requirements. With these new ...
11 months ago Helpnetsecurity.com
Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days - Strategies for secure identity management in hybrid environmentsIn this Help Net Security interview, Charlotte Wylie, SVP and Deputy CSO at Okta, discusses the challenges of managing user identities across hybrid IT environments. Leveraging AI for ...
1 year ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)