All news with #sso tag

Thu, August 14, 2025

Defending Against SCATTERED SPIDER with Falcon SIEM

#Azure Entra ID #Cross-Tenant Access #CrowdStrike #Data Exfil via Tools #Identity Threat Detection #MFA #Okta #PII #Ransomware #SSO

🔒 Falcon Next-Gen SIEM provides real-time, cross-domain detection to help organizations detect and respond to the identity-centric eCrime group SCATTERED SPIDER. The platform correlates identity, cloud, SaaS, network and email telemetry, offering out-of-the-box rule templates for phishing, MFA fatigue, suspicious SSO events and exfiltration. CrowdStrike recommends comprehensive log ingestion and tuning of these templates to improve detection and response across the full attack lifecycle.

Thu, August 7, 2025

CISA Issues Emergency Directive for Microsoft Exchange

#Azure Entra ID #IAM #Microsoft #Patch #Privilege Escalation #Regulatory Action #Security Advisory #SSO

⚠️ CISA issued Emergency Directive 25-02 directing federal civilian agencies to immediately update and secure hybrid Microsoft Exchange environments to address a post-authentication privilege escalation vulnerability. The flaw, tracked as CVE-2025-53786, could allow an actor with administrative access on an Exchange server to escalate privileges and affect identities and administrative access in connected cloud services. CISA says it is not aware of active exploitation but mandates agencies implement vendor mitigation guidance and will monitor and support compliance. All organizations using hybrid Exchange configurations are urged to adopt the recommended mitigations.

Wed, June 4, 2025

Google survey: U.S. consumers report rising online scams

#Account Takeover #Google #MFA #Passkeys #PII #SSO #Threat Report

🔒 Google’s latest survey with Morning Consult shows U.S. consumers increasingly aware of online scams and taking new protective steps. Over 60% report an uptick in scams and one-third say they experienced a data breach, with texts and email the most common vectors. The report highlights generational differences in sign-in preferences — older adults rely on passwords while Gen Z favors passkeys and social sign-ins — and recommends Google Password Manager, 2‑Step Verification and modern authentication methods.

Mon, August 29, 2022

0ktapus Phishing Campaign Compromises 130+ Firms Worldwide

#Account Takeover #Cloudflare #IAM #MFA #Okta #PII #SSO #Supply-Chain Incident #Twilio

🔐 Researchers link a sprawling phishing campaign to the 0ktapus threat group, which spoofed Okta authentication pages and induced employees to submit credentials and MFA codes. The operation hit more than 130 organizations and led to 9,931 compromised accounts, with targeted activity against Twilio and Cloudflare staff. Group-IB reports 5,441 harvested MFA codes and urges URL vigilance, better password hygiene and adoption of FIDO2 security keys.