website: fix blog title quotation

also fix typo

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens Langhammer 2023-10-24 02:02:48 +02:00
parent 04d27cbcb6
commit 6f67c1a277
No known key found for this signature in database

View file

@ -1,6 +1,6 @@
---
title: “Okta got breached again and they still havent learned their lesson”
description: “HAR files uploaded to Okta support system contained session tokens.”
title: "Okta got breached again and they still havent learned their lesson"
description: "HAR files uploaded to Okta support system contained session tokens."
slug: 2023-10-23-another-okta-breach
authors:
- name: Jens Langhammer
@ -49,7 +49,7 @@ Similarly, the support team at Okta was used as entry point. Once the hacker gai
The timing of Okta's response, not great. The initial denial of the incident, not great. And then, add insult to injury, theres what can objectively be labeled an [abysmal “announcement” blog](https://sec.okta.com/harfiles) from Okta on October 20.
Everything from the obfuscatory title to the blogs brevity to the actual writing… and importantly, the lack of any mention at all of BeyondTrust, the company that informed Okta on Octover 2nd that they suspected a breach of the Okta support system.
Everything from the obfuscatory title to the blogs brevity to the actual writing… and importantly, the lack of any mention at all of BeyondTrust, the company that informed Okta on October 2nd that they suspected a breach of the Okta support system.
> “_Tracking Unauthorized Access to Okta's Support System_” has to be the lamest of all confession titles in the history of security breach announcements.