By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
World of SoftwareWorld of SoftwareWorld of Software
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Search
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
Reading: Cyber criminals would prefer businesses don’t use Okta | Computer Weekly
Share
Sign In
Notification Show More
Font ResizerAa
World of SoftwareWorld of Software
Font ResizerAa
  • Software
  • Mobile
  • Computing
  • Gadget
  • Gaming
  • Videos
Search
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Have an existing account? Sign In
Follow US
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
World of Software > News > Cyber criminals would prefer businesses don’t use Okta | Computer Weekly
News

Cyber criminals would prefer businesses don’t use Okta | Computer Weekly

News Room
Last updated: 2025/08/09 at 3:46 AM
News Room Published 9 August 2025
Share
SHARE

Cyber criminal gangs are telling their targets to stop authenticating with Okta services in what the company’s threat management team is describing as a ringing endorsement of its technology and a lesson in why phishing-resistant authentication methods are now not merely a nice-to-have, but a must-have.

Due to its position as a first line of defence in many organisations, Okta’s identity management systems are frequently targeted by threat actors as they attempt to work their way into their victims’ systems.

Perhaps most famously, its services were exploited by the gang known as Scattered Spider in a series of 2023 cyber heists on Las Vegas casino operators.

This week, Okta’s vice-president of threat intelligence, Brett Winterford, revealed how the firm had stumbled across a new social engineering campaign by an undisclosed threat actor in which the cyber criminals told their targets: “Please sign in normally, do not use the Okta FastPass feature.”

FastPass is a feature in Okta’s Verify service that offers passwordless authentication – such as biometrics or device-based security – to access secured resources.

“This unusual instruction, delivered to targets of a recent social engineering campaign observed by Okta Threat Intelligence, offers a look into how cyber criminals are evolving their tactics in response to higher adoption of advanced, high-assurance sign-in methods,” said Winterford in a blog post.

“During the observed phishing attacks, attackers … tried to convince targeted users to evade security measures the company had in place. The campaign abused trusted instant messaging communications channels – in this case, Slack – to deliver lures to targeted users.”

In the message, headlined “Happy Thursday & Congratulations”, the threat actor posed as a company CEO and messaged the target to invite them to an “exclusive new Slack workspace”.

The message was, of course, a phish, because the threat actor then asked the target to complete the setup by connecting their Okta account via a link.

However, the cyber criminals claimed that they were seeing “some issues” with how Okta FastPass worked with a new Slack integration and told the target not to use FastPass, implying that they should enter their password directly at the link.

The link in question, said Winterford, directed users to visit phishing pages running an adversary-in-the-middle (AiTM) transparent proxy known as Evilginx. This phishing kit would then have passed the password-based authentication request through the threat actor-controlled infrastructure, allowing them to steal passwords and any one-time passcode (OTP) needed to access the resource.

Winterford said attackers well understand that the choice of sign-in methods organisations offer their users is hugely important, noting that AiTM kits aren’t effective in circumstances where there are strong phishing-resistant authentication methods, or phishing resistance was enforced in policy.

“When administrators enforce phishing resistance in an authentication policy rule, a user can only access the protected resource using Okta FastPass, FIDO2-based authentication or PIV [Personal Identity Verification] Smart Cards,” he wrote.

“These sign-in methods will not allow access if the request is routed through a transparent proxy. Users can’t be tricked into selecting any other sign-in method. If all your users are enrolled in phishing-resistant authenticators, you’ve done most of the work,” added Winterford.

Sign Up For Daily Newsletter

Be keep up! Get the latest breaking news delivered straight to your inbox.
By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share This Article
Facebook Twitter Email Print
Share
What do you think?
Love0
Sad0
Happy0
Sleepy0
Angry0
Dead0
Wink0
Previous Article This app lets Mac users take full advantage of Android’s Quick Share with new QR code support
Next Article The 2024 Apple Mac mini with M4 chip is now $50 off at Amazon
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected

248.1k Like
69.1k Follow
134k Pin
54.3k Follow

Latest News

How to Watch Man United vs. Fiorentina From Anywhere: Stream Preseason Friendly Soccer
News
Wordel Hints and Answer to Puzzle #1512
News
Cyber Apocalypse Now: Black Hat 2025’s Most Terrifying Hacks and Security Breaches
News
Security asset management faces visibility gaps – News
News

You Might also Like

News

How to Watch Man United vs. Fiorentina From Anywhere: Stream Preseason Friendly Soccer

8 Min Read
News

Wordel Hints and Answer to Puzzle #1512

3 Min Read
News

Cyber Apocalypse Now: Black Hat 2025’s Most Terrifying Hacks and Security Breaches

13 Min Read
News

Security asset management faces visibility gaps – News

6 Min Read
//

World of Software is your one-stop website for the latest tech news and updates, follow us now to get the news that matters to you.

Quick Link

  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact

Topics

  • Computing
  • Software
  • Press Release
  • Trending

Sign Up for Our Newsletter

Subscribe to our newsletter to get our newest articles instantly!

World of SoftwareWorld of Software
Follow US
Copyright © All Rights Reserved. World of Software.
Welcome Back!

Sign in to your account

Lost your password?