Sizing Up The Scourge of Credential-Stuffing

Discussion in 'other security issues & news' started by Minimalist, Jul 20, 2018.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    12,162
    Location:
    Here
    https://threatpost.com/threatlist-sizing-up-the-scourge-of-credential-stuffing
     
  2. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Operator at kayo.moe found a 42M Record Credential Stuffing Data ready to use
    September 14, 2018
    https://securityaffairs.co/wordpress/76195/hacking/credential-stuffing-data.html
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Credential Stuffing Attacks Generate Billions of Login Attempts
    September 19, 2018
    https://www.bleepingcomputer.com/ne...-attacks-generate-billions-of-login-attempts/
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Hackers Breach Dunkin’ Donuts Accounts in Credential Stuffing Attack
    November 29, 2018
    https://threatpost.com/hackers-breach-dunkin-donuts-accounts-in-credential-stuffing-attack/139472/
     
  5. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Credential stuffing attack focuses on glasses retailer Warby Parker
    December 21, 2018
    https://www.scmagazine.com/home/sec...ack-focuses-on-glasses-retailer-warby-parker/
     
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    DailyMotion discloses credential stuffing attack
    DailyMotion falls to credential stuffing attack two weeks after Reddit had the same faith
    January 27, 2019

    https://www.zdnet.com/article/dailymotion-discloses-credential-stuffing-attack/
     
  7. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Basecamp Fights Off Mass Login Attempt With Quick Cyber Response
    February 1, 2019
    https://www.cbronline.com/news/basecamp-fights-off-mass-login
     
  8. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Dunkin' Donuts accounts compromised in second credential stuffing attack in three months
    Hacked Dunkin' Donuts accounts are now being sold on Dark Web forums
    February 12, 2019

    https://www.zdnet.com/article/dunki...d-credential-stuffing-attack-in-three-months/
     
  9. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Tax Returns Exposed in TurboTax Credential Stuffing Attacks
    February 22, 2019
    https://www.bleepingcomputer.com/ne...osed-in-turbotax-credential-stuffing-attacks/
     
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    75,866
    Location:
    Texas
    TurboTax Hack: Intuit Says There Was No Data Breach, Users Are Not at Risk
     
  11. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Retailers have become the top target for credential stuffing attacks
    February 27, 2019
    https://www.zdnet.com/article/retailers-have-become-the-top-target-for-credential-stuffing-attacks/
    Akamai: 2019 State of the Internet: Retail Attacks and API Traffic
    (PDF - 11.0 MB): https://www.akamai.com/uk/en/multimedia/documents/state-of-the-internet/state-of-the-internet-security-retail-attacks-and-api-traffic-report-2019.pdf
     
  12. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Credential stuffing attacks target media streaming services
    April 8, 2019
    https://betanews.com/2019/04/08/credentialstuffing-media-services/
    Akamai: Streaming Services Among The Most Targeted By Credential Stuffing Attacks According To Akamai Report
    (PDF - 4.23 MB) https://www.akamai.com/uk/en/multimedia/documents/state-of-the-internet/soti-security-credential-stuffing-attacks-and-economies-report-2019.pdf
     
  13. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    75,866
    Location:
    Texas
    How Nest, designed to keep intruders out of people’s homes, effectively allowed hackers to get in
     
  14. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    The Economy of Credential Stuffing Attacks
    April 25, 2019
    https://www.recordedfuture.com/credential-stuffing-attacks/
    The Economy of Credential Stuffing Attacks (PDF - 4.22 MB): https://go.recordedfuture.com/hubfs/reports/cta-2019-0425.pdf
     
  15. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    After account hacks, Twitch streamers take security into their own hands
    Twitch has an account hacking problem
    April 30, 2019

    https://techcrunch.com/2019/04/30/twitch-account-hacks/
     
  16. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Credential Stuffing Costs Firms $4m Each Year
    April 30, 2019
    https://www.infosecurity-magazine.com/news/credential-stuffing-costs-firms-4m/
     
  17. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    12,162
    Location:
    Here
    What is credential stuffing, and why is my smart security camera vulnerable to it?
    https://blog.avast.com/credential-stuffing-and-web-cams
     
  18. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Hackers access data from more than 460,000 accounts at Uniqlo’s online store
    May 14, 2019
    https://www.cnbc.com/2019/05/14/jap...-access-data-from-460000-online-accounts.html
    English version of the statement:
    Unauthorized Logins on Fast Retailing Online Store Websites due to List Type Account Hacking and Request to Change Password
     
  19. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    12,162
    Location:
    Here
    Gaming industry has become popular target of credential stuffing attacks: study
    https://www.scmagazine.com/home/sec...-target-of-credential-stuffing-attacks-study/
     
  20. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    TripAdvisor Invalidates Member Passwords Found in Data Breaches
    June 22, 2019
    https://www.bleepingcomputer.com/ne...ates-member-passwords-found-in-data-breaches/
    Dear TripAdvisor Traveler,

    As part of our ongoing efforts to protect your security, TripAdvisor recently compared our member databases with lists of publicly leaked passwords. Unfortunately, your email and password were included on a list of leaked passwords. As a result, to protect your TripAdvisor account we have invalidated your password.

    We recommend that you create a strong password that includes:

    * A unique combination of words, numbers, symbols, and both upper- and lower-case letters
    * A minimum of eight (8) characters
    * No commonly used words

    Please visit the following page to create a new password for your account:

    https://www.tripadvisor.com/MemberForgotPassword

    In addition, we recommend that you take additional steps for the safety of your other online accounts. If your discontinued TripAdvisor password is used on any other site or app, change your password on those sites/apps — and avoid using any password on more than one site.

    Thank you for being a valued part of our community, and for taking a moment to create a new password. If you have questions about any of this information, please contact us at loginsupport@tripadvisorsupport.com

    Best Regards,
    The TripAdvisor Team
     
  21. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Deliveroo Accounts Are Being Hacked And Sold For Just $6
    July 24, 2019
    https://www.forbes.com/sites/thomas...nts-hacked-and-sold-on-dark-web/#4fdbfd342ff5
     
  22. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    Gamers Are Easy Prey for Credential Thieves
    July 26, 2019
    https://threatpost.com/gamers-are-easy-prey-for-credential-thieves/146700/
     
  23. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    17,505
    DNForum Sends Out Password Reset
    July 26, 2019
    https://domaininvesting.com/dnforum-sends-out-password-reset/
     
  24. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    12,162
    Location:
    Here
  25. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    12,162
    Location:
    Here
    Cyber criminals launched 3.5 billion malicious login attempts in just 18 months - Akamai
    https://www.computing.co.uk/ctg/news/3079911/financial-sector-cyber-crime
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.