Research Featured MITM Risk in Push-Approval and OTP-Based MFA Disclaimer: The risk described in this article applies to ANY website or SaaS platform with a public authentication mechanism that allows using traditional 2FA, such as push approvals or OTP, not just Okta. 📜 Background Story An enterprise client suffers a significant compromise, security teams and organizations with an IAM system
News LAPSUS$ and IdP Exposure “Caution is the eldest child of wisdom.” There is a fine line between what may seem like a minor, contained event and the actual damage LAPSUS$ could have inflicted when they had access to the right tools via the support engineer’s laptop. First, let’s take a look at
