The Okta Identity Services Provider warns of Social Engineering Attacks Enrages social engineering actors to obtain administrator privileges from the company’s Super Administrator accounts.
They then use these privileges to institute users within the compromised organization.
The threat actor also uses the access granted to the Super Administrators to assign higher privileges to other accounts, reset enrolled authenticators in existing administrator accounts, and remove second-factor requirements from authentication policies.
This second identity provider, also controlled by the attacker, would act as a source’ IdP in an inbound federation relationship (sometimes called ‘Org2Org) with the target.
According to the threat actor, this resulted in the creation of a second identity provider that serves as their source or idP for the intended victim.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply