Okta Breach Widens to Affect 100% of Customer Base

Early disclosures related to September compromise insisted less than 1% of Okta customers were impacted; now, the company says it was all of them [TechWeb]( Follow Dark Reading: [RSS]( December 01, 2023 LATEST SECURITY NEWS & COMMENTARY [Okta Breach Widens to Affect 100% of Customer Base]( Early disclosures related to September compromise insisted less than 1% of Okta customers were impacted; now, the company says it was all of them. [Siemens PLCs Still Vulnerable to Stuxnet-like Cyberattacks]( Security updates are tedious and difficult, so users continue to use a weak version of a core protocol and remain exposed to major attacks on critical infrastructure. [A New, Spookier Gh0st RAT Malware Haunts Global Cyber Targets]( A decade and a half after Gh0st RAT first appeared, the "SugarGh0st RAT" variant aims to make life sweeter for cybercriminals. [Law Firms & Legal Departments Singled Out for Cyberattacks]( Cybercriminals use legal search terms to ensnare unwitting victims, then launch ransomware or business email compromise attacks. [Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus]( The prolific threat actor has laundered hundreds of millions of dollars in stolen virtual currency through the service. [8 Tips on Leveraging AI Tools Without Compromising Security]( AI tools can deliver quick and easy results and offer huge business benefits — but they also bring hidden risks. [(Sponsored Article) Balancing Simplicity and Security in the Digital Experience]( New data shows consumer preferences for security in digital experiences and indicates ways businesses can best protect digital identity in today's digital world. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Patch Now: Attackers Pummel Critical, Easy-to-Exploit OwnCloud Flaw]( A vulnerability in the file server and collaboration platform earned a 10 in severity on the CVSS, allowing access to admin passwords, mail server credentials, and license keys. [Cyberattack on Pennsylvania Water Authority Disrupts OT Gear]( The booster station shut off its automated system and moved to a manual system once the alarms sounded the breach. [Thought GDPR Compliance Was Hard? Buckle Up]( Guy Tytunovich, founder and CEO of CHEQ, says the days of a one-size-fits-all consent strategy are gone. Consider a two-pronged approach and use smart consent management technology to adapt to differing regulations. [MORE]( EDITORS' CHOICE [Google Patches Another Chrome Zero-Day as Browser Attacks Mount]( The vulnerability is among a rapidly growing number of zero-day bugs that major browser vendors have reported recently. LATEST FROM THE EDGE [The 7 Deadly Sins of Security Awareness Training]( Stay away from using these tactics when trying to educate employees about risk. LATEST FROM DR TECHNOLOGY [Rundown of Security News from AWS re:Invent 2023]( Amazon Web Services announced enhancements to several of its security tools, including GuardDuty, Inspector, Detective, IAM Access Analyzer, and Secrets Manager, to name a few during its re:Invent event. LATEST FROM DR GLOBAL [Deluge of Nearly 300 Fake Apps Floods Iranian Banking Sector]( No Iranian bank customers are safe from financially motivated cybercriminals wielding convincing but fake mobile apps. WEBINARS - [How to Combat the Latest Cloud Security Threats]( More businesses have shifted critical assets and operations to the cloud, as service providers enhance their security capabilities and companies adapt to more remote workforces. In this webinar, experts outline the top ways that attackers are exploiting cloud services, applications ... - [Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing]( Many of today's most damaging cyberattacks begin with a phishing lure delivered over corporate email. The attacks against Microsoft Exchange illustrated the extent of damage attackers can inflict by targeting enterprise email servers. Many enterprises still don't have a unified ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( [View More White Papers >>]( FEATURED REPORTS - [Passwords Are Passe: Next Gen Authentication Addresses Today's Threats]( - [The State of Supply Chain Threats]( - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Announcing Fortanix Key Insight — A Solution to Discover and Remediate Data Security Risks in Hybrid Multicloud Environments]( [1Kosmos Unifies Identity Verification User Journeys Across Web and Mobile Platforms]( [Code Scanner by Piiano Helps Enterprises Prevent Data Leaks Proactively]( [XM Cyber Launches Kubernetes Exposure Management to Intelligently Protect Critical Container Environments]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Key DevSecOps Principles for Enterprise Mobile App Development]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=119660&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_12.01.23&sp_cid=50778&utm_content=DR_NL_Dark%20Reading%20Daily_12.01.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#85 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)