Thursday, February 25, 2021
  • Assured Data Protection Partners with Confluera to Launch Managed XDR Service
  • Akamai’s New ESG Office: A Catalyst for Environmental and Social Progress
  • Setting Up an Effective Vulnerability Management Policy
  • How Digital Transformation Impacts IT And Cyber Risk Programs
  • Student Cyber Safety Monitoring & Data Privacy

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Data Security Identity & Access SBN News Security Bloggers Network 

Home » Cybersecurity » Data Security » Video-Sharing Platform Targeted by Credential Stuffing Attacks

Video-Sharing Platform Targeted by Credential Stuffing Attacks

by David Bisson on January 28, 2019

Bad actors have targeted a video-sharing technology platform with credential stuffing attacks in order to hijack users’ accounts.

On 25 January, Dailymotion published a statement on its website in which it announced that it had been the subject of “a large-scale computer attack.”

After discovering the digital offensive, Dailymotion’s technical teams implemented various security measures to contain the attack’s scope.

Dailymotion takes a moment in its statement to identify the exact nature of the assault:

The attack consists in “guessing” the passwords of some dailymotion accounts by automatically trying a large number of combinations, or by using passwords that have been previously stolen from web sites unrelated to dailymotion.

Bad actors have numerous data breaches from which to choose for conducting what are generally known as “credential stuffing” or “password reuse” attacks. Take the “Collection #1” data breach, for instance. This security incident exposed approximately 800 million email addresses as well as tens of millions of passwords.

True, the Collection #1 “megabreach” was two or three years old at the time of its discovery, as noted by investigative information security journalist Brian Krebs. But that’s not to say that users who reused their now-compromised credentials across multiple web accounts have updated their passwords. Digital attackers could therefore use those exposed credentials to fuel their credential stuffing attacks, not to mention other types of scam campaigns.

According to Dailymotion’s technical teams, this latest credential stuffing attack is still ongoing. The video-sharing platform is therefore working to definitively end the attack. In the meantime, it’s notified users affected by the campaign and has contacted CNIL (French Data Protection Authority).

Users of Dailymotion and other web services can defend against credential stuffing attacks by using a strong, unique password for each one of their web accounts. They should also enable (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/video-sharing-platform-targeted-by-credential-stuffing-attacks/

January 28, 2019January 28, 2019 David Bisson 2fa, credential stuffing, IT Security and Data Protection, Latest Security News, Password
  • ← OSMF’s (OpenStreetMap Foundation) investigation report on unusual membership signups just before their board elections
  • Facebook to Merge WhatsApp, Instagram, Facebook Messenger by 2020 →

TechStrong TV – Live

Watch latest episodes and shows

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Think Macs Don’t Get Malware? Think Again.
How to Secure Your Cloud Investment
Mitigating Third-Party Supply Chain Breaches
What’s Scarier Than the SolarWinds Breach?
Making the Right Cloud Security Investments
6 Security Methods to Protect You and Your Customers
Surge in ZLoader Attacks Observed
Ransomware Attacks Remain Persistent and Pervasive
Industrial Cybersecurity and the Florida Water Supply Attack with Dale Peterson
From Zero to Zero Trust: Five Tips to Simplify Your Journey

Upcoming Webinars

Thu 25

Quantifiable Application Security: Mining the Value of DevSecOps

February 25 @ 11:00 am - 12:00 pm
Thu 25

3 Supply Chain Attacks from 2020 Not Named SolarWinds

February 25 @ 1:00 pm - 2:00 pm
Mar 09

Zero Trust Journey – A Security Leader’s Story

March 9 @ 11:00 am - 12:00 pm
Mar 15

Don’t Get Attached to Your Attachment!

March 15 @ 9:00 am - 10:00 am
Mar 15

Managing Security in a Decentralized World

March 15 @ 1:00 pm - 2:00 pm
Mar 17

API Security: Everything You Need to Know To Protect Your APIs

March 17 @ 1:00 pm - 2:00 pm
Mar 22

The Main Application Security Technologies to Adopt in 2021

March 22 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

The State of Cloud Native Security 2020

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

XDR: Next-Level Prevention and Detection
Analytics & Intelligence Cybersecurity Endpoint Incident Response Industry Spotlight Security Boulevard (Original) 

XDR: Next-Level Prevention and Detection

February 25, 2021 Eyal Gruner | 8 hours ago 0
Breach Clarity Data Breach Report: Week of Feb. 22
Cloud Security Cybersecurity Data Security Endpoint Governance, Risk & Compliance Industry Spotlight Security Boulevard (Original) Threats & Breaches 

Breach Clarity Data Breach Report: Week of Feb. 22

February 24, 2021 Kyle Marchini | Yesterday 0
What’s Scarier Than the SolarWinds Breach?
Cloud Security Cybersecurity Data Security Industry Spotlight Network Security Security Awareness Security Boulevard (Original) Threats & Breaches 

What’s Scarier Than the SolarWinds Breach?

February 23, 2021 Yuval Elddad | 2 days ago 0

Top Stories

Think Macs Don’t Get Malware? Think Again.
Analytics & Intelligence Cloud Security Cybersecurity Endpoint Featured Incident Response Malware News Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Think Macs Don’t Get Malware? Think Again.

February 22, 2021 Richi Jennings | 3 days ago 0
SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs
Analytics & Intelligence Application Security Cloud Security Cybersecurity Data Security Featured Governance, Risk & Compliance Identity & Access Incident Response Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

SolarWinds Hack: ‘All is Well,’ Microsoft Shrugs

February 19, 2021 Richi Jennings | Feb 19 0
Oracle is Said to Help China Find Dissidents and Jail Minorities
Analytics & Intelligence Cyberlaw Cybersecurity Data Security Featured Governance, Risk & Compliance Incident Response News Security Boulevard (Original) Social Engineering Spotlight 

Oracle is Said to Help China Find Dissidents and Jail Minorities

February 18, 2021 Richi Jennings | Feb 18 0

Security Humor

via the comic delivery system monikered Randall Munroe resident at XKCD !

XKCD ‘Mars Landing Video’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2021 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.