Despite claims that Okta's CORS policies and device matching can stop AiTM phishing attacks, our research proves otherwise. We demonstrate how attackers can easily modify Evilginx configurations to bypass these controls and steal session cookies—even with MFA enabled. Learn why traditional security measures fall short against sophisticated phishing and what actually works: phishing-resistant MFA like Okta FastPass, proactive domain monitoring, and robust ITDR solutions. Link in comments.
Fantastic insights.
Principal Information Security Engineer @ RGA
1wWas reading about this on vector on Push Security last month. Interesting and really great use case for fast pass via Okta. If that fails as it should I’d imagine 90%+ of users will just use push.