UK Government Officials Targeted by Chinese Spyware for Years as Nova Ransomware Breaches KPMG Netherlands While Shiny Hunters Escalate Okta Admin Phishing and Microsoft Ships Office Zero-Day Fixes
The Okta admin phishing piece is particualrly worrying dunno if anyone else noticed but combining voice calls with MFA fatigue is almost unstopable if help desks arent trained. I've seen one compromised session lead to entire identity infrastructure getting pivoted. The ticketed reset suggestion is spot-on but enforcing it when users are frantic takes real organizational disicpline.
The Okta admin phishing piece is particualrly worrying dunno if anyone else noticed but combining voice calls with MFA fatigue is almost unstopable if help desks arent trained. I've seen one compromised session lead to entire identity infrastructure getting pivoted. The ticketed reset suggestion is spot-on but enforcing it when users are frantic takes real organizational disicpline.