At this stage, it’s merely a scenario of utilizing the self company password reset functionality for Okta or Entra (which you can get close to because you now possess the MFA issue to confirm by yourself) and voila, the attacker has taken control of the account. ??? ???? ???? ?? ? ???? ??? ???? ??? ?????. ??? ?? ?? ?? ? ?? ??? ???? ? ??, ??, ???