Okta Single Sign-On (SSO) Authentication, Microsoft Teams, Lastpass, Tesla
Risk 1: High
Issue: Okta, one of the largest providers of Single Sign-On (SSO) has announced an increased risk using certain forms of SSO protocols. SSO allows you to sign-on to a website or service and then use those same credentials to “automatically” sign-on to another site or service. An example of SSO is the “Sign on with Google” button.
The protocols at heightened risk include e-mail and sms/text authentication as well as authenticator apps with push and one-time codes. New phishing attempts are targeting all of these methods at a rapid pace.
With all SSO requests, even those linked to multi-factor authentication protocols, there is now an increased risk that users may not recognize given the unique way the attacks use local computer code (scripts) to execute the attacks.
Resolution: SSO is no longer consider a ‘safe’ method for authentication. Users should begin using phishing-protected methods such as hardware keys (such as YubiKey) or passkeys.
But keep in mind that both hardware keys and passkeys have vulnerabilities on their own. So, ideally, the more methods you can add, especially for critical systems, the better.
Risk 2: Warning
Issue: Microsoft is adding a fraud detection feature to Teams that will notify users receiving incoming calls/messages if there is a heightened risk of fraud or impersonations.
Resolution: This is just a warning in case you notice something being flagged different within Microsoft Teams.
Risk 3: Medium
Issue: Phishing attacks using Lastpass branding and messaging are increasing in circulation presenting urgent alerts requesting users follow a link to reset their password vault password (yes you read that correctly). Upon clicking the link, the code collects their credentials allowing a malicious actor to gain access to their entire password vault.
Important note: This is not a vulnerability within Lastpass; it is a phishing attack using their branding.
Resolution: Non-Lastpass users should just ignore any message received for a service they do not use.
Lastpass users should not rely upon e-mail communications to warrant a vault password change or review. Keep in mind, Financial Guardians has already issued a warning that users should migrate away from Lastpass.
Risk 4: Low
Issue: This one is more for acknowledgement than anything, but during a recent competition, there were 37 new vulnerabilities discovered in the Tesla automotive ecosystem (within their mobile app, their car operating system, and their hosted system).
Resolution: At this time, Tesla is continuing to work on evolving their systems; however, Tesla users should remain ever aware of the ongoing security issues related to their vehicle.
Announced Data Breaches
Fortinet
Zendesk
PcCompenentes
Privacy Wins & Updates
n/a
Financial Guardians is a proud member of InCite, the recently launched online community exclusively for tax professionals, bookkeepers, and accountants. InCite members receive a 30% discount.
Financial Guardians has partnered with the California Society of Tax Consultants to provide a 30% access discount as well as many other offers. More info can be found at www.cstcsociety.org
