SSO/MFA

Archive

(Credit: PixieMe – stock.adobe.com)

CloudZ RAT plugin targets Windows Phone Link for possible OTP theft

Laura FrenchMay 6, 2026

The Pheno plugin monitors active Phone Link connections to eavesdrop on texts and notifications.

Cisco patches critical bugs in Webex, ISE

Steve ZurierApril 16, 2026

Experts warn that the Webex bug may get the headlines, but exploited ISE bugs offer attackers the keys to the kingdom.

Smartphone scam call and phishing concept with unknown caller interface and hacker icon on screen

Vishing attacks on Okta identity systems on the rise

Steve ZurierApril 15, 2026

Vishing attacks target Okta to bypass MFA, enabling broad SSO data access.

Why Passkeys Are Ready for Prime Time in Modern Banking – Ashish Jain – RSAC26 #3

March 25, 2026

Authentication has long required an uneasy tradeoff between strong security and smooth user experience. Banks have relied on a mix of passwords, OTPs, SMS codes, voice calls, and push notifications each with its own vulnerabilities and user experience challenges. Passkeys, built on FIDO standards, finally deliver a phishing resistant, high assuranc...

In a threat intelligence post Thursday, Microsoft said a campaign by APT 33 began in February and used more sophisticated tactics, techniques, and procedures (TTPs) than its previous attacks. (Photo: Fabian Sommer/dpa (Photo by Fabian Sommer/picture alliance via Getty Images)

Workforce identity security: Why you need enterprise password management

Paul WagenseilMarch 11, 2026

Passwords aren't going away any time soon. Here's how to make sure your organization keeps them safe.

Digital fingerprint scanner, scan biometric identity and access

Identity security as app growth accelerates: Why automation is becoming essential

Paul WagenseilMarch 7, 2026

How can you get all those new applications to work with your identity-management systems?

Unlocking Potential Exploring the Power of Large Language Models

Application security

Threat group leverages LLMs to compromise 600 FortiGate firewalls

Steve ZurierFebruary 23, 2026

Amazon Threat Intelligence said the attacks happened over five weeks in 55 countries.

Okta Verify mobile app is seen

Okta warns of multiple vishing attacks that can defeat MFA

Steve ZurierJanuary 23, 2026

Experts say we’ve seen similar attacks in recent Salesforce vishing campaigns tied to ShinyHunters.

Fast Five

Selected by the SC Media Editorial team every Tuesday.

Sign up now for the top five issues cybersecurity pros need to know this week.