Okta users under attack: Modern phishing kits are turbocharging vishing attacks

Threat actors who specialize in vishing (i.e., voice phishing) have started using phishing kits that can intercept targets’ login credentials while also allowing attackers to control the authentication flow in a targeted user’s browser in real-time. At least two custom-made phishing kits are currently used by a number of threat actors that go after credentials and authentication factors to gain access to corporate systems and assets. “These custom kits are made available on an as-a-service …