Data Source: Okta System Logs | Detection.FYI

Potential Okta MFA Bombing via Push Notifications

Sep 11, 2025 · Domain: Identity Use Case: Identity and Access Audit Tactic: Credential Access Data Source: Okta Data Source: Okta System Logs Resources: Investigation Guide ·
Share on:

Detects when an attacker abuses the Multi-Factor authentication mechanism by repeatedly issuing login requests until the user eventually accepts the Okta push notification. An adversary may attempt to bypass the Okta MFA policies configured for an organization to obtain unauthorized access.

Read More
Potentially Successful Okta MFA Bombing via Push Notifications

Sep 11, 2025 · Domain: Identity Use Case: Identity and Access Audit Tactic: Credential Access Data Source: Okta Data Source: Okta System Logs Resources: Investigation Guide ·
Share on:

Detects when an attacker abuses the Multi-Factor authentication mechanism by repeatedly issuing login requests until the user eventually accepts the Okta push notification. An adversary may attempt to bypass the Okta MFA policies configured for an organization to obtain unauthorized access.

Read More