Vishing-Based Compromise at Optimizely Highlights Identity Risk
-
Vishing-Based Compromise at Optimizely Highlights Identity Risk
Attackers gained access via voice phishing, targeting SSO-linked systems and CRM records.
No confirmed privilege escalation, but exposure of business contact data reinforces how social engineering bypasses perimeter defenses.
Activity patterns resemble ShinyHunters campaigns abusing MFA prompts and OAuth 2.0 device authorization flows.
Common post-access targets include Salesforce, Microsoft 365, Google Workspace, Slack, SAP, Atlassian - wherever SSO tokens provide lateral access.
Identity is the control plane. Once tokens are compromised, downstream exposure scales quickly.
Is your organization monitoring abnormal device code authentication and token issuance events?
Engage below.
Follow @technadu for actionable threat intelligence.#Infosec #Vishing #OAuth #IAM #SSO #ZeroTrust #ThreatHunting #SOC #IdentitySecurity #CyberRisk
-
R relay@relay.infosec.exchange shared this topic
