#Coinbase says some employees’ information stolen by hackers-TechCrunch

Coinbase has confirmed that it was briefly compromised by same attackers that targeted Twilio, Cloudflare, DoorDash, & more than a hundred other orgs last year

In a post-mortem of the incident, Coinbase said that the so-called ‘0ktapus’ hackers stole the login credentials of one of its employees in an attempt to remotely gain access
#oktapus

https://techcrunch.com/2023/02/21/0ktapus-coinbase-stolen-employees-information/

Would You Accept an Inconvenience To Prevent a Data Breach?

Addressing the rise in credential and session compromise
~~~~~~
by Teri Radichel | Jan, 2023
#cloudsecurity #iam #mfa #separationofduties #securityarchitecture #circleci #oktapus

https://medium.com/cloud-security/would-you-accept-an-inconvenience-to-prevent-a-data-breach-f0df9de628e9

AWS CLI for an SSO User
ACM.127 AWS CLI commands with an AWS SSO (AWS Identity Center) session — threat modeling and attack surface
~~~~~~~~~
by Teri Radichel | Jan 9, 2023
#cloudsecurity #sso #iamidentitycenter #iam #phishing #oktapus #cybersecurity #aws

https://medium.com/cloud-security/aws-cli-for-an-sso-user-156893beec44

Oktapus:
Reviewing one of the most dangerous attacks in 2022 to design an authentication system less susceptible to attack
~~~~~~~~~~~~~~
by Teri Radichel | Jan. 4, 2023
#cloudsecurity #databreach #oktapus #mfa #encryption #networksecurity

https://medium.com/cloud-security/oktapus-7a58e4dbc1d8