MAJOR Identity/security platform HACKED

preview_player
Показать описание
Okta, a major identity management platform that secures the accounts of thousands of large organizations, has been hacked.
Lapsus$, a group of extortion hackers, published photos of someone in control of an Okta administrative account.

The potential fallout, and number of companies this might affect, could be extreme. We dive into the details.

0:00 Preroll
0:47 Intro
1:46 Okta HACKED
3:26 What Is Okta?
6:39 About The Hack
9:44 'Super-user' admin accounts
12:43 Importance of digital identity
16:36 Hack impact
17:09 3rd party SECURITY HOLE!
27:00 Twitter Poll Results
34:08 Privacybeat Quiz Winner - Nico Silva!
39:19 Show Out and Thanks

Brought to you by NBTV members: Sam Ettaro, Will Sandoval, Naomi Brockwell

(tax-deductible in the US)

Sign up for the free CryptoBeat newsletter here:

Beware of scammers, I will never give you a phone number or reach out to you with investment advice. I do not give investment advice.

Visit the NBTV website:

Watch this video on Odysee!

Here are a bunch of products I like and use. Using these links helps support the channel and future videos!

Recommended Books:

Permanent Record - Edward Snowden

No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State - Glenn Greenwald

What has the government done to our money - Rothbard

Extreme Privacy - Michael Bazzel (The best privacy book I've ever read)

Naomi's Privacy Bag: some of my favorite products to help protect your privacy!

USB-C to ethernet adapter:

Lightening to ethernet adapter:

Faraday bag (signal stopping, to protect your fob, credit card, computer, and phone)

Data Blocker (if you're charging your phone in an unknown port, use this so that no data is transferred)

Computer privacy screen (use your computer in public? Keep your information safe! Choose the size right for your computer)

Phone privacy screen (don't let people in public see your private data, choose the size for your phone)

Camera cover (for computers and phones, so no one can access your camera without you knowing)

Privacy Tip: Turn off your wifi and bluetooth when you're not using them!!! (or don't use them at all)
  1. Naomi Brockwell TV
  2. naomi
  3. brockwell
  4. bitcoin
  5. cryptocurrency
  6. Fiat
Рекомендации по теме
MAJOR Identity/security platform 0:40:31

MAJOR Identity/security platform HACKED

Cybersecurity Expert Demonstrates 0:03:27

Cybersecurity Expert Demonstrates How Hackers Easily Gain Access To Sensitive Information

5 Crucial Cybersecurity 0:00:57

5 Crucial Cybersecurity Tips with Ryan Montgomery: Protect Yourself from Hackers NOW! #ShawnRyanShow

Digital Identity Theft: 0:07:15

Digital Identity Theft: What You Need to Know About It

Kids vs. MALWARE!! 0:00:58

Kids vs. MALWARE!!

#CyberSecurityAnalyst making $150k 0:00:59

#CyberSecurityAnalyst making $150k in Washington, DC📍#salarytransparentstreet #paytransparency

'Hacking Is The 0:00:45

'Hacking Is The Best Decision I've Ever Made In My Life' Ryan Montgomery - Shawn Ryan...

Cybersecurity in the 0:07:59

Cybersecurity in the age of AI | Adi Irani | TEDxDESC Youth

Bro’s hacking life 0:00:20

Bro’s hacking life 😭🤣

Before the Breach 0:48:08

Before the Breach Strategy on Identity Security

#319 - Identity 1:16:56

#319 - Identity Security & Cyber Resilience with David Mahdi of Transmit Security

What AT&T customers 0:03:25

What AT&T customers should know about about the major hack

Don’t Get Hacked! 0:01:29

Don’t Get Hacked! 3 Vital Steps to Secure Your Online Life

Password Hacking Threat 0:00:29

Password Hacking Threat from Okta Detected

How to get 0:00:22

How to get Udemy courses for free?

Phishing Explained In 0:06:48

Phishing Explained In 6 Minutes | What Is A Phishing Attack? | Phishing Attack | Simplilearn

Twitter Hacked, User 0:00:47

Twitter Hacked, User Email Addresses Leaked | IKN Snaps #Shorts

Non Human Identity 0:32:51

Non Human Identity Attack Surface: A Live Hacking Demo And Defense Strategies by Michael Silva

How much money 0:00:38

How much money is in your bank account? 🤔💰 #shorts #finance #interview

TPMs Can't Be 0:06:10

TPMs Can't Be Hacked - Cybersecurity Mythbusters

What Is Cyber 0:07:07

What Is Cyber Security | How It Works? | Cyber Security In 7 Minutes | Cyber Security | Simplilearn

$10 Million Bounty 0:04:00

$10 Million Bounty for Info on Iranian Behind Major U.S. Defense Hack

Palo Alto Firewalls 0:24:26

Palo Alto Firewalls Hacked: Wiz’s $450M Acquisition & Top Cybersecurity Updates

3 biggest mobile 0:05:25

3 biggest mobile security dangers EXPLAINED

Комментарии
Автор

Once we have central bank digital currencies, our identities won’t need to be hacked any more. Protest. Use cash. Don’t comply.

richardwoollaston
Автор

Working in an information security division my boss would always say "you can't outsource risk" - yet this is what most firms seem to flog to companies and specific individuals inside these companies. Often they quietly peddle the notion that you can outsource the risk of being held personally liable for a breach and put a few layers between the decision maker and the problem area; not of protective security but of clear blame and responsibility, at least in the short to medium term. Many firms, agencies, government departments, etc. are loathed to go the long route to prosecute this aspect because it's costly financially (and reputation, liability, exposure, etc.). He argued this is why there's quite so much outsourcing and offshoring of the most critical internal elements of the organisation.
The ROAC model may be broken down in the worst way possible but this will start to lose favour the more legislation and legal protections evolve; curiously it's a huge opportunity for 1st world countries to sharply increase their own national security and infrastructure integrity while increasing local economic activity and reputation/assurance levels. Sharply tighten and localise these protection requirements and you end up driving activity and business towards you (with the tax revenue that comes along with this), the UK have been doing this with banking, regulatory and legal frameworks for centuries.
I'd argue that information security and information management (indeed almost all of IT generally) is way behind in this regard; it needs tighter legislative requirements and needs them fast, perhaps not all in one big hit but brought on in a relatively short timeframe, enough to sharply steer strategic and c-suite-level decisions.
Break down the quietly implied parts of service marketing with some clear and strong legislation and bingo, you get much more local control, authority, economic activity, expertise, responsiveness, local responsibility and local ownership of the industry itself. Keep your friends close, your enemies closer and your infrastructure even closer than that as it were.

davocc
Автор

It's almost like we need federal regulations mandating the only person who can own a user's data is themselves, and protect that data like HIPA does.

middle_pickup
Автор

Great post Naomi. Much love, care and blessings to you and your team/ channel. Stay safe, free, happy and healthy my friend. 😇💪🥰🤗💛

gefginn
Автор

Yes, definitely heard of okta. We considered using them for MFA, because I work with some educational institutions and okta has quite a footprint in that vertical, but ended up sticking with Microsoft (Azure AD SSO) + MFA + Duo Security.

chloefletcher
Автор

You make a good point Naomi maybe we need a good 4 or 5 digital identies so nobody really knows who we are.

j
Автор

I'm familiar with Okta. So this is going to hurt a bit, on an enterprise level. Ouch 😬

Jonesybabie
Автор

I came for the accent, stayed for the info...grazie!

esoteric_teachings
Автор

Gosh, a giant central database of secrets. What an extraordinarily bad idea. Maybe someone should fix that. Again. Still.

IndSovU
Автор

If someone broke into your google account you would be in deep shit.

RCohle
Автор

pen and paper to remember passwords ....fork sake..

pitmanncb
Автор

I would love to hear your opinion on the many companies offering identity protection services that claim to remove your personal information from data broker websites... I'd love to see a video on reclaiming your information and dealing with data brokers. Thanks!

smcla
Автор

Selection bias, yes. Naomi's Twitter followers are almost always going to be security aware.

iangreen
Автор

We're a global HR company and use Okta at work to SSO 😱

pineapple-on-pizzas
Автор

All the universities in Australia use okta as a single sign on solution.

RCohle
Автор

I’m not sure you understand the Twitter hack

razadaza
Автор

Cyber is the real domain of power~ former Israeli primeminister Benjamin Netanyahu.

RCohle
Автор

I'm certain that I'll get a slagging for this, there is nothing like a good 'ole negative comment for the slagging to begin from the fan boys. I just have to add my two pence worth after watching the entirety of your video.. I feel that I've earnt it 🤭. The first third of your video, you over use of the phrase 'Dive in'. Generally yes Naomi you do cover some good points, but a forty odd minute video could easily be condensed into around 10 minutes. I'm still wondering if your audience is actually listening to what your saying or just having random thoughts about you? 🥰🙄🤫 Ultimately, there can never be total security, it's the triangle of security, usability and functionality. I did however like that you were publicising to your audience about not using certain online sites/services. I'd guess it'll go on deaf ears to the majority but it's still good to hear. Now I'm done, thankyou for taking the time to read this and let the slagging commence! 🤪 EDIT: and I get your point, it's generally about educating the masses.

TheRobMozza