ALL OKTA CUSTOMERS HACKED

Okta has been hacked by the popular hacking group LASPUS, who have been targeting customers of the popular identity management solution for over two months without detection.

Backdoors have likely been installed in the world's biggest companies, including Amazon, Salesforce, Twitter, Cloudflare, Workday, Twlilio, JetBlue, HP, Linkedin, Hubspot, Tesla, Nvidia & 6500+ more.

Source: twitter.com/_MG_/status/1506109152665382920

LASPUS Telegram (Beware!) t.me/minsaudebr

Attached: okta-logo-onblue.png (1200x630, 7.08K)

Other urls found in this thread:

twitter.com/_MG_/status/1506109152665382920
reuters.com/technology/authentication-services-firm-okta-says-it-is-investigating-report-breach-2022-03-22/
twitter.com/SFWRedditImages

ahahahahahahA my company just switched to okta

Hack and Leak GPT3 or the Chinese Government Transformer?

Am I understanding this correct?
Lapsus$ got superuser on some Okta internal account,
then used that to escalate,
and now plausibly have access to any logins that were controlled by okta anywhere?

Attached: 1646550316997.gif (499x281, 741.33K)

omg think of the bLUe TeaMs

Is there any more useless tech field to go into than security? The alerts the screen monkeys were getting stuck on never failed to make me smile. Didn't know a switch from a patch panel, never heard of mac addresses, you name it. All they did was post things other people were posting on twitter, like when there was a vuln, just posting about how bad it was, nothing about mitigating.

and yet, nothing will happen, like always

Yep.

And yet they were too stupid to avoid getting ransomware'd by Nvidia.

HAY GUISE LET'S PUT ALL OUR EGGS IN ONE BASKET!!!! IN DA CLOUD!!!

t. single sign on

HN discussion as enlightening as you'd expect:
>>Why outsource the most business-critical parts like auth and email to a third party, knowing that they're the biggest target?
>Because auth is super hard? Have you tried implementing SSO for arbitrary OAuth2 providers?