topic Okta warns of &quot;unprecedented&quot; credential stuffing attacks on customers in Threats https://community.isc2.org/t5/Threats/Okta-warns-of-quot-unprecedented-quot-credential-stuffing/m-p/69824#M1187 <P>Hi All</P><P>&nbsp;</P><P>So you would have a lull after the weekend....</P><P>&nbsp;</P><P>Okta warns of an "unprecedented" spike in credential stuffing attacks targeting its identity and access management solutions, with some customer accounts breached in the attacks.</P><P>Threat actors use credential stuffing to compromise user accounts by trying out in an automated manner lists of usernames and passwords&nbsp;typically purchased from cyber-criminals.</P><P>In an advisory today, Okta says the attacks seem to&nbsp;originate from the same infrastructure used in the brute-force and password-spraying attacks previously reported by Cisco Talos [<A href="https://www.bleepingcomputer.com/news/security/cisco-warns-of-password-spraying-attacks-targeting-vpn-services/" target="_blank" rel="noopener">1</A>, <A href="https://www.bleepingcomputer.com/news/security/cisco-warns-of-large-scale-brute-force-attacks-against-vpn-services/" target="_blank" rel="noopener">2</A>].</P><P>&nbsp;</P><P><A href="https://www.bleepingcomputer.com/news/security/okta-warns-of-unprecedented-credential-stuffing-attacks-on-customers/" target="_blank">https://www.bleepingcomputer.com/news/security/okta-warns-of-unprecedented-credential-stuffing-attacks-on-customers/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 30 Apr 2024 00:57:19 GMT Caute_cautim 2024-04-30T00:57:19Z Okta warns of "unprecedented" credential stuffing attacks on customers https://community.isc2.org/t5/Threats/Okta-warns-of-quot-unprecedented-quot-credential-stuffing/m-p/69824#M1187 <P>Hi All</P><P>&nbsp;</P><P>So you would have a lull after the weekend....</P><P>&nbsp;</P><P>Okta warns of an "unprecedented" spike in credential stuffing attacks targeting its identity and access management solutions, with some customer accounts breached in the attacks.</P><P>Threat actors use credential stuffing to compromise user accounts by trying out in an automated manner lists of usernames and passwords&nbsp;typically purchased from cyber-criminals.</P><P>In an advisory today, Okta says the attacks seem to&nbsp;originate from the same infrastructure used in the brute-force and password-spraying attacks previously reported by Cisco Talos [<A href="https://www.bleepingcomputer.com/news/security/cisco-warns-of-password-spraying-attacks-targeting-vpn-services/" target="_blank" rel="noopener">1</A>, <A href="https://www.bleepingcomputer.com/news/security/cisco-warns-of-large-scale-brute-force-attacks-against-vpn-services/" target="_blank" rel="noopener">2</A>].</P><P>&nbsp;</P><P><A href="https://www.bleepingcomputer.com/news/security/okta-warns-of-unprecedented-credential-stuffing-attacks-on-customers/" target="_blank">https://www.bleepingcomputer.com/news/security/okta-warns-of-unprecedented-credential-stuffing-attacks-on-customers/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 30 Apr 2024 00:57:19 GMT https://community.isc2.org/t5/Threats/Okta-warns-of-quot-unprecedented-quot-credential-stuffing/m-p/69824#M1187 Caute_cautim 2024-04-30T00:57:19Z