All news with #sso tag

🔒 Mandiant reports a recent wave of ShinyHunters attacks that combine targeted vishing and company‑branded phishing sites to capture SSO credentials and MFA codes. Attackers impersonate IT or helpdesk staff, guide victims through MFA approval or one‑time passcodes in real time, and enroll attacker-controlled MFA devices. With access to Okta, Microsoft Entra, or Google SSO dashboards they pivot into SaaS platforms (Salesforce, Microsoft 365, SharePoint, DocuSign, Slack, Atlassian, Dropbox, Google Drive) to steal and extort cloud data.

🔐 AWS now lets individuals create an AWS Builder ID using Sign in with Google, enabling one-click access to AWS applications such as Kiro, AWS Builder Center, AWS Training and Certification, re:Post, and AWS Startups. This personal profile remains separate from AWS account credentials and persists across a user's education and career. The integration simplifies registration, reduces password friction, and streamlines returning-user sign-in.