This research by Okta highlights the issue of users recycling passwords: Okta: Credential stuffing accounts for 34% of all login attempts (bleepingcomputer.com) There were more login attempts by threat actors than legitimate ones! They were just trying out passwords to see if someone was stupid, (sorry if you do not …
Technology in Schools
I have a friend from the MSc course, who is a teacher here in the UK, and he is often caught by the schools very high security stance, when he is trying to teach cyber security to his students. Many of the legitimate sites and resources he wants access to …
Credential theft – where the threat actors start and some advice
Collecting (stealing) credentials is a favourite pastime of threat actors – either to break into accounts directly or to add them to their credential stuffing attacks (looking for those people who reuse passwords) or just to sell on the dark web! Here they are doing it to users of the …
Continue reading “Credential theft – where the threat actors start and some advice”
FBI Credential Stuffing warning
The reuse of password by users is still probably the most common cyber security mistake organisations and individuals make – making a credential stuffing attacks profitable for threat actors. Once a threat actor has gathered their lists of credentials then they – or rather their automated tools will attempt to …