Logged failed logins into a company’s Okta domain could be used by threat actors to discover access credentials of valid accounts, Mitiga researchers have found. Those credentials can then be used log in to any of the organization’s platforms that use Okta single sign-on (SSO) or – if the login credentials belong to an administrator – to gain privileged access to other systems or restricted network areas. How to discover valid Okta credentials in logs … More
The post A common user mistake can lead to compromised Okta login credentials appeared first on Help Net Security.