关于「 okta」的内容列表
SlowMist Chief Information Security Officer 23pds posted that Okta allows any username longer than 52 characters to bypass login! Also according to the Okta announcement from identity and access management software provider, on October 30, a vulnerability was discovered internally when generating a cache key for AD/LDAP DelAuth. The Bcrypt algorithm is used to generate a cache key, where we hash a combined string of userId + username + password. Under certain conditions, this can allow users to ...
Gaurav, CTO io.net Solana Ecosystem DePIN Protocol, said in an X post, "The Auth0 process of Okta, a third-party authentication provider on the worker node, encountered problems because the io.net reached the rate limit on the Okta side, resulting in a limited authentication rate. Some devices may encounter problems accessing the API and experience potential connection failures. Suspected malicious users may impersonate io.net and attack Okta, which in turn affects io.net authentication solution...
Solana生态DePIN协议io.net首席技术官Gaurav在X发文表示,“工作节点上第三方身份验证提供商Okta的Auth0流程遇到问题,因为io.net达到了Okta端的速率限制,导致身份验证速率受限,部分设备在访问API时可能会遇到问题而遇到潜在连接失败。怀疑有恶意用户可能会冒充io.net并攻击Okta,继而影响io.net身份验证解决方案。io.net在与Okta积极合作解决此问题并防止将来再次发生此类...
io.net首席执行官兼创始人Ahmad Shadid在X平台发文称,io.net元数据API遭遇安全时间,攻击者利用用户ID到设备ID的可访问映射,导致未经授权的元数据被更新,此漏洞并未影响GPU访问,但确实影响了前端向用户显示的元数据,io.net不收集任何PII,也不会泄露敏感的用户或设备数据。io.net系统设计允...
