credential stuffing
SEC’s Office of Compliance Inspection and Examinations Warns of a Sudden Increase in Credential Stuffing Hack
Recently, the Securities and Exchange Commission’s exam division issued a Risk Alert (the “Alert”) where it carried out several targeted cybersecurity investigations. The agency is now concerned with how there’s been an ...
The North Face resets passwords after credential-stuffing attack
An undisclosed number of customers of outdoor clothing retailer The North Face have had their passwords reset by the company, following a credential-stuffing attack. The company has revealed that on October 9, ...
Dunkin’ Donuts Will Pay Over Half a Million Dollar Fine After Data Breach Lawsuit
Dunkin Donuts has agreed to pay $650,000 as penalty settlement costs for the lawsuit over its failure to respond to credential stuffing attacks that compromised customer accounts between 2015 and 2019. What ...
The Skinny on Password Attacks
Thousands of Canadian citizens are at risk of identity fraud after cybercriminals used stolen credentials to access government services including COVID-19 relief funds. The source of the breach was a credential stuffing ...
Cybercriminals Make Millions Selling Stolen Fortnite Accounts, New Research Shows
Thousands of stolen Fortnite accounts are selling like hotcakes in underground marketplaces, amassing around $1.2 million a year for cybercriminals, a new report shows. The Fortnite Underground Cybercrime Economy report sheds light ...
Credential Stuffing Attacks Targeted GCKey, CRA Accounts
Malicious actors launched credential stuffing attacks that targeted Canada’s GCKey service and Canada Revenue Agency (CRA) accounts. On August 15, the Treasury Board of Canada Secretariat announced that the Government of Canada ...
Canada Revenue Agency Discloses Credential Stuffing Attack on 5,500 Service Accounts
A credential stuffing attack targeting Canada Revenue Agency (CRA) accounts has forced the government tax collector to suspend its online services over the weekend. The compromised accounts were linked to the GCKey ...
Are Businesses Unprepared to Fight Bot Attacks?
Businesses know bots present a big threat to their security and sensitive data. But they’re not doing nearly enough to mitigate the problem, according to new research from Netacea, which looked at ...
F5 BIG-IP Exploit, WiFi Router Security Updates, Password Reuse
In episode 129 for July 13th 2020: Impact of the F5-BIG-IP critical vulnerability, security updates and your WiFi router, and details about new research that shows how billions of compromised credentials are ...
Kasa Camera Vulnerability Discovery: Responsible Disclosures Feel Like Groundhog Day, Again
When APIs Say Too Much As a Midwesterner and hobby farmer I spend a lot of time solving problems. A few months ago I encountered a problem where a live 2-month-old cucumber ...
