Extortion crew hijacks Microsoft 365 accounts via fake passkey setup
The Pink cyber extortion crew is tricking employees into giving them access to their Microsoft 365 accounts by faking Entra passkey enrollment requests. The attack The attack …
FIDO Alliance wants to keep AI agents from going rogue on online payments
AI agents are beginning to shop, log in, and complete tasks with little direct input. That shift is pushing the security industry to rethink how trust works when actions are …
Okta users under attack: Modern phishing kits are turbocharging vishing attacks
Threat actors who specialize in vishing (i.e., voice phishing) have started using phishing kits that can intercept targets’ login credentials while also allowing …
Passwordless is finally happening, and users barely notice
Security teams know the strain that comes from tightening authentication controls while keeping users productive. A new report from Okta suggests this strain is easing. …
North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S.
North Korea’s clandestine IT Worker (ITW) program, which is long known for targeting U.S. technology firms and crypto firms, has broadened its scope to attempt to infiltrate a …
Okta Cross App Access secures AI agents in the enterprise
Okta announced Cross App Access, a new protocol to help secure AI agents. As an extension of OAuth, it brings visibility and control to both agent-driven and app-to-app …
Photos: Infosecurity Europe 2025
Infosecurity Europe 2025 is a cybersecurity event taking place from June 3 to 5 in London. Help Net Security is on-site and here’s a closer look at the conference. The …
The future of authentication: Why passwordless is the way forward
By now, most CISOs agree: passwords are the weakest link in the authentication chain. They’re easy to guess, hard to manage, and constantly reused. Even the most complex …
Okta extends identity security fabric to non-human identities
Okta announced new Okta Platform capabilities to help businesses secure AI agents and other non-human identities with the same level of visibility, control, governance, and …
Infosec products of the month: October 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Balbix, BreachLock, Commvault, Dashlane, Data Theorem, Edgio, ExtraHop, …
New infosec products of the week: October 18, 2024
Here’s a look at the most interesting products from the past week, featuring releases from ExtraHop, GitGuardian, Nametag, Okta, Rubrik, and Sectigo. GitGuardian Visual Studio …
Okta helps protect business before, during and after authentication
Okta announced new Workforce Identity Cloud capabilities to address top security challenges such as unmanaged SaaS service accounts, governance risks, and identity …
Featured news
Resources
Don't miss
- Fake OAuth client IDs are helping attackers slip past sign-in logs
- Security threat prompts Progress to disable ShareFile accounts, tell customers to shut down servers
- Why SBOMs, signing, and provenance still don’t tell you if software is safe
- Cynative: Open-source deep research agent
- Microsoft demystifies how Windows updates work