New blog from Okta recommends phishing-resistant methods, restricting privileged accounts, and monitoring anomalies after they observed attackers using social engineering to gain privileged roles, abuse accounts, and impersonate users
https://sec.okta.com/articles/2023/08/cross-tenant-impersonation-prevention-and-detection