惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Security Archives - TechRepublic
Security Archives - TechRepublic
Project Zero
Project Zero
K
Kaspersky official blog
G
Google Developers Blog
T
Threat Research - Cisco Blogs
T
The Blog of Author Tim Ferriss
Cyberwarzone
Cyberwarzone
Y
Y Combinator Blog
Recorded Future
Recorded Future
Blog — PlanetScale
Blog — PlanetScale
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Cisco Talos Blog
Cisco Talos Blog
Latest news
Latest news
Microsoft Security Blog
Microsoft Security Blog
H
Help Net Security
S
Schneier on Security
P
Palo Alto Networks Blog
H
Hacker News: Front Page
N
News and Events Feed by Topic
N
Netflix TechBlog - Medium
博客园 - Franky
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
SecWiki News
SecWiki News
Cloudbric
Cloudbric
TaoSecurity Blog
TaoSecurity Blog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
The Hacker News
The Hacker News
C
Check Point Blog
L
LangChain Blog
腾讯CDC
小众软件
小众软件
T
Tenable Blog
Google DeepMind News
Google DeepMind News
GbyAI
GbyAI
L
LINUX DO - 最新话题
A
About on SuperTechFans
Google Online Security Blog
Google Online Security Blog
C
Cisco Blogs
Recent Announcements
Recent Announcements
Hacker News: Ask HN
Hacker News: Ask HN
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Vercel News
Vercel News
雷峰网
雷峰网
美团技术团队
D
DataBreaches.Net
Martin Fowler
Martin Fowler
Help Net Security
Help Net Security
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
F
Full Disclosure
博客园_首页

Okta Security RSS Feed

OpenSSL HollowByte: A DoS Hiding in 11 Bytes Datadog and Okta Combine for New Customer Detections Detecting OpenClaw at Sign-In Okta Hardening Guide Updated to Secure Non-Human Identities Okta Pooled Security Audits: a One-Year Retrospective Account Recovery, without Password Resets Okta’s Response to React2Shell Uncloaking VoidProxy: a Novel and Evasive Phishing-as-a-Service Framework Attackers Target Hotelier Accounts in Malvertising and Phishing Campaign Using Auth0 Logs for Proactive Threat Detection Controlling Cross-App Data Sprawl in Google Workspace How this ClickFix campaign leads to Redline Stealer Paving the Path: Pooled Audits with Okta Security Building Confidence in Support Comms with Caller Verify at Okta Enabling ISO/IEC 27001:2022 Compliance with Okta Okta’s Secure by Design Pledge - One Year On Leveraging Okta System Logs for Proactive Threat Detection Enhancing Customer Trust Through a Comprehensive Audit Program Okta's new Security Technical Implementation Guide (STIG) A Guide to DORA Compliance with Okta How AI services power the DPRK’s IT contracting scams Detect and Prevent Cross Device Authentication How Responsible Disclosures are Shaping a Safer Cyberspace Cybersecurity’s Next Gen Next.js CVE-2025-29927 CSO Conversations: Matthew Hansen, Regional CSO of Americas West Empowering Security with Customer Trust Solutions Putting Security First with Secure Development One trick finds the root of any Okta troubles CSO Conversations: Stephen McDermid, Regional CSO of EMEA Content-Security-Policy in a Complex Environment CSO Conversations: Keiko Itakura, Regional CSO of Japan How Okta Embraces Identity Verification Using Persona CSO Conversations: Matt Immler, Regional CSO of Americas East Raising the Bar for our Industry with IPSIE Okta Social Engineering Impersonation Report - Response and Recommendation Five Reasons to Upgrade your Org to Okta Identity Engine Okta’s Ongoing Commitment to Secure By Design Unveiling the Essence of the Security Customer Trust Function Security Education Through the Art of Storytelling Seven Ways to Reduce Super Admins in Okta The Case for Zero Standing Privileges FastPass: The battle-hardened authenticator Detecting Cross-Origin Authentication Credential Stuffing Attacks How to Block Anonymizing Services using Okta Why Cyber-heroes need a Zero Trust CAEP! Okta Verify Vulnerability Disclosure Report - Response and Remediation Defensive Domain Registration is a Mug’s Game Protecting Administrative Sessions in Okta How to Secure the SaaS Apps of the Future Okta October 2023 Security Incident Investigation Closure October Customer Support Security Incident - Update and Recommended Actions Unauthorized Access to Okta's Support Case Management System: Root Cause and Remediation Tracking Unauthorized Access to Okta's Support System Go “Secure by Default” With Custom Admin Roles for IT support staff Cross-Tenant Impersonation: Prevention and Detection BYO Telephony and the future of SMS at Okta Saying “No Thanks” to nOAuth Telling More Okta Detection Stories with Google Chronicle An Unexpected Endorsement for WebAuthn Social Engineering is Getting More Extreme, but the Fixes Can Be Simple Study up on Okta Logs for Splunk’s Boss of the SOC! Keeping Phishing Adversaries Out of the Middle Using Workflows to Respond to Anomalous Push Requests Okta and Splunk Combine to Detect Common Attacks Setting the Right Levels of Assurance for Zero Trust Catch-All's and Canary Rules User Sign-in and Recovery Events in the Okta System Log Okta Code Repositories Detecting Real-Time Phishing Attacks Detecting Real-Time Phishing Attacks Okta’s Response to OpenSSL Security Update Monitoring for Abuse of Administrative Privileges System Log: a Window into Supporting the Okta Cloud The Human Factor in Phishing Resistance Auth0 Code Repository Archives From 2020 and Earlier Phishing Resistance and Why it Matters Detecting Scatter Swine: Insights into a Relentless Phishing Campaign Defending against Session Hijacking Unlocking the Mystery of 700+ Okta System Log Events Official Okta Statement on LAPSUS$ Claims Protection, without perimeters We (still) need to talk about RDP Just How Risky is Legacy Authentication?
Cyber-Safety over the Holidays
Carmen Girardin and Okta Security Culture · 2024-12-18 · via Okta Security RSS Feed

In 2023, consumers worldwide lost over $1 trillion to scams with wide-ranging economic and emotional consequences. Despite significant efforts dedicated to combatting scam-based cybercrime, many continue to fall victim to ever-evolving threats.

Okta’s market-leading Identity solutions continually evolve as mission-critical security infrastructure to combat Identity-based attacks. Over a 30-day period, Okta has blocked over 3 billion attacks including credential stuffing and malicious bots, securing nearly 20,000 customers globally. We invite you to learn more about our long-term initiative to lead the industry in the fight against Identity attacks.

Check out our Security Culture team’s cyber-safety checklist to help keep your digital Identity safe this holiday season.

Cyber-Safety Checklist

At Okta, we believe in sharing valuable, actionable security insights because we Love our Customers. As the holiday season approaches and scams continue to emerge, here are five easy tips from Okta’s Security Culture team to help keep you, your data, and your devices safe and secure.

1. Monitor your accounts

Catching suspicious or fraudulent charges early gives you a greater chance of restoring lost funds, preventing further compromise and also halting unauthorized spending.

Check your bank accounts and credit cards regularly to validate intentional transactions and their totals. Most providers allow you to set up alerts and/or multi-factor authentication (MFA) for additional protection. In practicing good credit hygiene, you should also consider:

  • Requesting a (usually free) copy of your credit report.

  • Signing up to a credit monitoring service.

2. Check your tech

Vulnerabilities in both outdated software applications and operating systems are more likely to be exploited by threat actors in order to gain unauthorized access to your accounts.

We recommend always using up-to-date devices, especially when performing financial transactions such as online banking or making credit card purchases. Some devices and/or applications allow you to turn on automatic updates to avoid having to manually check for software updates in the future.

3. Click carefully

Social media ads, emails and text messages can take you to fake websites that look like the real thing. To stay safe, always type the official website URL directly into your browser instead of clicking on links. Phishing and smishing are getting increasingly sophisticated and can be hard to tell apart from messages from trusted sources.

Staying cyber-safe means staying updated; numerous organizations and retailers publish best practices they recommend for leveraging their products, services or tools.

4. Shop smart

When taking advantage of holiday deals, make sure your credit card information gets securely encrypted.

A good start could be to check the webpage URL, ensuring that it begins with HTTPS (and not HTTP) before you checkout and enter your sensitive data. It’s good practice to use reputable sites and create an account, enabling multi-factor authentication (MFA) to authenticate for future purchases. In general, it’s a best practice to not have sites save your credit card information, and when able using session-based payments (such as Apple Pay) can provide additional security.

5. Protect your accounts

Instead of traditional passwords, we recommend the use of passphrases for additional assurance. An eight-character password can be quickly cracked by a threat actor; a strong 12-character passphrase could take years. Also, consider using a password manager (such as Okta Personal) to safely and securely store your account credentials.

It is best practice to enable multi-factor authentication (MFA) wherever possible. Given 81% of breaches involve stolen or weak credentials, use a passkey where available. Passkeys are proven to be significantly stronger than standard passwords. We recommend using biometrics such as FaceID or Fingerprint to log in and authenticate to your commonly used sites and services.

A Culture of Cybersecurity

Today’s digital world has evolved tremendously in enabling our online reach, which in turn can expand the potential for impact. Being vigilant to online scams shouldn’t just be a priority over the holiday season. Here at Okta, we promote a culture of cybersecurity all-year-round and recommend building routine habits around our recommendations.

Okta’s Always Secure, Always On corporate value reflects our ongoing commitment to make every employee an owner of security. With 68% of breaches involving a human element, a strong security culture is more important than ever. Okta’s culture of cybersecurity is a core value; learn more about our foundational pillars and how we foster our security culture.

Carmen Girardin is a Manager, Security Communications at Okta. Backed by over a decade of experience in the fintech sector, Carmen is a proficient technical writer with domain expertise in Identity and Access Management (IAM). She is passionate about delivering engaging, timely customer communications on the cybersecurity ecosystem and the evolving threat landscape, to help our customers gain the most value from Okta. Carmen spends her downtime traveling, thrifting for treasures and reading.

Okta's Security Culture team is responsible for championing a world-class security culture via education, trainings, and awareness to make the internet safer both through and for our global employees and our growing customer base.