Okta has detected a significant increase in credential stuffing attacks facilitated by the availability of proxy services like TOR, residential proxies, and stolen credentials, leading to a surge in attacks targeting VPNs, web application interfaces, and SSH services. With attacks originating from anonymizing services and mobile devices turned into residential proxies, Okta advises organizations to implement strong passwords, two-factor authentication, location-based restrictions, and passkeys to enhance security measures against account takeovers.
https://thehackernews.com/2024/04/okta-warns-of-unprecedented-surge-in.html