Collaborate Disseminate
One of the problems with imitation attacks such as sophisticated credential stuffing is that they are designed to blend in with legitimate traffic. How can you measure something that you can’t detect? Fear-mongering marketing compounds this probl… Continue reading What your login success rate says about your threat surface
Instagram users have been receiving odd messages from followers expressing shock that their accounts have somehow ended up on something called the “Nasty List.” Continue reading Watch out! Don’t fall for the Instagram ‘Nasty List’ phishing attack
Let’s play a game. Below are clues describing a specific type of cyberattack; can you guess what it is? This cyberattack is an automated bot-based attack It uses automation tools such as cURL and PhantomJS It leverages breached usernames and pas… Continue reading Can You Crack the Hack?
As technology advances and the costs of connecting electronic components to the internet decreases, the lower the cost of having an internet connected smart home is. Sensors placed throughout a house and integrated into home appliances can provide home… Continue reading The Risk of Credential Stuffing to the Smart Home
In our industry, the term bot applies to software applications designed to perform an automated task at a high rate of speed. Typically, I use bots at Radware to aggregate data for intelligence feeds or to automate a repetitive task. I also spend a va… Continue reading Bots 101: This is Why We Can’t Have Nice Things
Gnosticplayers has released about 26 million records from what he said are breaches of six new companies. Continue reading Fourth Major Credential Spill in a Month Hits DreamMarket
A Sydney man is accused of selling nearly 1 million compromised accounts, for a significant profit. Continue reading Purveyor of Cracked Netflix, Hulu, Spotify Accounts Arrested
This is your Shared Security Weekly Blaze for February 18th 2019 with your host, Tom Eston. In this week’s episode: Preventing illegal robocalls, should you be scared of your laptop’s webcam, and recent hacks of popular dating apps. Silent … Continue reading Preventing Illegal Robocalls, Webcam Spying, Dating App Account Hacking – WB56
Dunkin’ Donuts may have just launched its first double-filled doughnut, but another doubling up is not quite as tasty. The chain has suffered its second credential-stuffing attack in three months. Like the first incident, the attack targeted past… Continue reading Double-Stuffed: Dunkin’ Hit by Another Credential-Stuffing Attack
Dunkin’ Brands Inc. (“Dunkin’”) said that bad actors recently used credential stuffing attacks to target some DD Perks accounts. Kari McHugh, senior director of customer relations at Dunkin’, wrote in a sample letter sent to the… Continue reading Dunkin’ Says Credential Stuffing Attacks Targeted DD Perks Accounts