Experimental News Clipping Site

Tag: Okta

  • The Cloudflare Blog: Open-sourcing OpenPubkey SSH (OPKSSH): integrating single sign-on with SSH

    by

    Kurt Seifried
    in

    Source URL: https://blog.cloudflare.com/open-sourcing-openpubkey-ssh-opkssh-integrating-single-sign-on-with-ssh/ Source: The Cloudflare Blog Title: Open-sourcing OpenPubkey SSH (OPKSSH): integrating single sign-on with SSH Feedly Summary: OPKSSH (OpenPubkey SSH) is now open-sourced as part of the OpenPubkey project. AI Summary and Description: Yes **Summary:** The text discusses OPKSSH, an open-source SSH tool that integrates with single sign-on (SSO) technologies such as OpenID…

  • Hacker News: The Case for Centralizing Authorization

    by

    Kurt Seifried
    in

    Source URL: https://www.aserto.com/blog/the-case-for-centralizing-authorization Source: Hacker News Title: The Case for Centralizing Authorization Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the importance and benefits of centralizing authorization in business applications to improve efficiency, reduce costs, and enhance security. It emphasizes the need for a centralized Identity and Access Management (IAM) system…

  • Hacker News: Okta Bcrypt incident lessons for designing better APIs

    by

    Kurt Seifried
    in

    Source URL: https://n0rdy.foo/posts/20250121/okta-bcrypt-lessons-for-better-apis/ Source: Hacker News Title: Okta Bcrypt incident lessons for designing better APIs Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a security incident involving Okta and the vulnerabilities associated with the Bcrypt hashing algorithm when utilized improperly. It highlights how the lack of input validation in some cryptographic…

  • Cloud Blog: A look back at Chrome Enterprise in 2024: Strengthening security and improving productivity in the browser

    by

    system automation
    in

    Source URL: https://cloud.google.com/blog/products/chrome-enterprise/a-look-back-at-chrome-enterprise-in-2024-strengthening-security-and-improving-productivity-in-the-browser/ Source: Cloud Blog Title: A look back at Chrome Enterprise in 2024: Strengthening security and improving productivity in the browser Feedly Summary: This has been a year of major advancements for Chrome Enterprise, as we’ve focused on empowering organizations with an even more secure and productive browsing experience. As this year comes…

  • Krebs on Security: Feds Charge Five Men in ‘Scattered Spider’ Roundup

    by

    system automation
    in

    Source URL: https://krebsonsecurity.com/2024/11/feds-charge-five-men-in-scattered-spider-roundup/ Source: Krebs on Security Title: Feds Charge Five Men in ‘Scattered Spider’ Roundup Feedly Summary: Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including…

  • Bulletins: Vulnerability Summary for the Week of October 28, 2024

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/bulletins/sb24-309 Source: Bulletins Title: Vulnerability Summary for the Week of October 28, 2024 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info acnoo — flutter_api  Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API allows Authentication Bypass.This issue affects Acnoo Flutter API:…

  • The Register: Why the long name? Okta discloses auth bypass bug affecting 52-character usernames

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/04/why_the_long_name_okta/ Source: The Register Title: Why the long name? Okta discloses auth bypass bug affecting 52-character usernames Feedly Summary: Mondays are for checking months of logs, apparently, if MFA’s not enabled In potentially bad news for those with long names and/or employers with verbose domain names, Okta spotted a security hole that could…

  • Slashdot: Okta Fixes Login Bypass Flaw Tied To Lengthy Usernames

    by

    system automation
    in

    Source URL: https://it.slashdot.org/story/24/11/02/0113243/okta-fixes-login-bypass-flaw-tied-to-lengthy-usernames?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Okta Fixes Login Bypass Flaw Tied To Lengthy Usernames Feedly Summary: AI Summary and Description: Yes Summary: Okta has addressed a significant authentication bypass vulnerability that impacted its AD/LDAP delegated authentication service. The patch was implemented after an issue was discovered due to an algorithmic flaw that stored cached…

  • Hacker News: Okta – Username Above 52 Characters Security Advisory

    by

    system automation
    in

    Source URL: https://trust.okta.com/security-advisories/okta-ad-ldap-delegated-authentication-username/ Source: Hacker News Title: Okta – Username Above 52 Characters Security Advisory Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a security vulnerability identified in Okta’s authentication process involving the DelAuth mechanism and the Bcrypt hashing algorithm. The significance lies in its implications for user authentication security and…