Security News Okta warns of "unprecedented" credential stuffing attacks on customers

Gandalf_The_Grey

Level 78
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,748
Okta warns of an "unprecedented" spike in credential stuffing attacks targeting its identity and access management solutions, with some customer accounts breached in the attacks.

Threat actors use credential stuffing to compromise user accounts by trying out in an automated manner lists of usernames and passwords typically purchased from cybercriminals.

In an advisory today, Okta says the attacks seem to originate from the same infrastructure used in the brute-force and password-spraying attacks previously reported by Cisco Talos [1, 2].

In all attacks that Okta observed the requests came through the TOR anonymization network and various residential proxies (e.g. NSOCKS, Luminati, and DataImpulse).
 
  • +Reputation
Reactions: vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top