May 30, 2024 at 03:09AM
Okta warns of credential stuffing susceptibility in Customer Identity Cloud, mentioning proactive communication with impacted customers. Users are advised to review tenant logs for unusual login events, rotate credentials, and restrict cross-origin authentication. Other mitigations include breached password detection, strong password enforcement, and passwordless, phishing-resistant authentication. The warning follows an uptick in credential stuffing attacks.
Key takeaways from the meeting notes:
– Okta has identified a vulnerability in the Customer Identity Cloud (CIC) that is susceptible to credential stuffing attacks.
– The company has observed credential stuffing attacks on the cross-origin authentication feature and has proactively informed impacted customers.
– Customers are advised to review tenant logs for signs of unexpected login events, rotate credentials, and restrict or disable cross-origin authentication for tenants.
– Mitigations include enabling breached password detection or Credential Guard, prohibiting weak passwords, and exploring passwordless, phishing resistant authentication options.
– This development follows a previous alert about an increase in the frequency and scale of credential stuffing attacks facilitated through residential proxy services.
These takeaways emphasize the need for proactive measures to address the vulnerability and protect against potential credential stuffing attacks.