Attackers breached Okta's support system, stealing session tokens from 18,400 users. Learn the four control failures that enabled the attack, why MFA didn't help, how other organisation avoided compromise and get a security operator checklist with actions to take to protect your organisation.
Reading time 10 Minutes
Executive TL;DR:
A 10-minute phone call cost MGM Resorts $100 million. Learn how attackers bypassed helpdesk security through vishing, what identity controls failed, and actionable steps to prevent similar breaches. Includes timeline analysis, control gap breakdown, and operator checklist for to help protect your organisation.
Reading time 15 Minutes
Executive TL;DR:
» Enterprise vulnerability exposure is fundamentally an operational velocity issue rather than a lack of threat intelligence. Attackers automate internet-wide scanning to weaponize public exploit code in days, while standard corporate change management and testing pipelines still take weeks.
» Traditional defense controls like EDR and SIEM face severe coverage blind spots on the edge devices, network appliances, and unmanaged cloud instances that ransomware operators and state-sponsored groups prioritize for initial access.
» Defenders must close this structural asymmetry by decoupling Known Exploited Vulnerabilities (KEVs) from standard patch cycles, building continuous asset visibility, and establishing pre-approved emergency change workflows.
Reading time 15 Minutes
When organizations patched CitrixBleed in 2023, attackers stayed in. As CISA's April 2026 KEV additions and the unpatched BlueHammer variants keep the pressure on security teams, the same identity governance failure is repeating. This analysis reconstructs exactly where the control system broke and what to check today.
COOKIE / PRIVACY POLICY: This website uses essential cookies required for basic site functionality. We also use analytics cookies to understand how the website is used. We do not use cookies for marketing or personalization, and we do not sell or share any personal data with third parties.