#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Credential stuffing | Breaking Cybersecurity News | The Hacker News

Category — Credential stuffing
Lessons from the Snowflake Breaches

Lessons from the Snowflake Breaches

Jun 12, 2024 Data Breach / Identity Management
Last week, the notorious hacker gang, ShinyHunters, sent shockwaves across the globe by allegedly plundering 1.3 terabytes of data from 560 million users. This colossal breach, with a price tag of $500,000, could expose the personal information of a massive swath of a live event company's clientele, igniting a firestorm of concern and outrage.  Let's review the facts: two large organizations announced that they suffered a data breach, identifying unauthorized activity within a third-party cloud database environment. The accessed business records contained critical information on some employees, a large number of customers and other key business data.  The cloud connection  What might link these two breaches is the cloud data company Snowflake, which counts among its users both organizations. Snowflake did publish a warning with CISA , indicating a "recent increase in cyber threat activity targeting customer accounts on its cloud data platform." Snowflake issued a recommendation
Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud

Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud

May 30, 2024 Credential Stuffing / Incident Response
Okta is warning that a cross-origin authentication feature in Customer Identity Cloud (CIC) is susceptible to credential stuffing attacks orchestrated by threat actors. "We observed that the endpoints used to support the cross-origin authentication feature being attacked via credential stuffing for a number of our customers," the Identity and access management (IAM) services provider said . The suspicious activity commenced on April 15, 2024, with the company noting that it "proactively" informed customers that had the feature enabled. It did not disclose how many customers were impacted by the attacks. Credential stuffing is a type of cyber attack in which adversaries attempt to sign in to online services using an already available list of usernames and passwords obtained either from previous data breaches, or from phishing and malware campaigns. As recommended actions, users are being asked to review tenant logs for any signs of unexpected login events –
Cyber Story Time: The Boy Who Cried "Secure!"

Cyber Story Time: The Boy Who Cried "Secure!"

Nov 21, 2024Threat Detection / Pentesting
As a relatively new security category, many security operators and executives I've met have asked us "What are these Automated Security Validation (ASV) tools?" We've covered that pretty extensively in the past, so today, instead of covering the " What is ASV?" I wanted to address the " Why ASV?" question. In this article, we'll cover some common use cases and misconceptions of how people misuse and misunderstand ASV tools daily (because that's a lot more fun). To kick things off, there's no place to start like the beginning. Automated security validation tools are designed to provide continuous, real-time assessment of an organization's cybersecurity defenses. These tools are continuous and use exploitation to validate defenses like EDR, NDR, and WAFs. They're more in-depth than vulnerability scanners because they use tactics and techniques that you'll see in manual penetration tests. Vulnerability scanners won't relay hashes or combine vulnerabilities to further attacks, whic
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks

Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks

Apr 28, 2024 Credential Stuffing / Data Breach
Identity and access management (IAM) services provider Okta has warned of a spike in the "frequency and scale" of credential stuffing attacks aimed at online services. These unprecedented attacks, observed over the last month, are said to be facilitated by "the broad availability of residential proxy services, lists of previously stolen credentials ('combo lists'), and scripting tools," the company  said  in an alert published Saturday. The findings build on a  recent advisory  from Cisco, which cautioned of a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since at least March 18, 2024. "These attacks all appear to be originating from TOR exit nodes and a range of other anonymizing tunnels and proxies," Talos noted at the time, adding targets of the attacks comprise VPN appliances from Cisco, Check Point, Fortinet, Soni
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
What's the State of Credential theft in 2023?

What's the State of Credential theft in 2023?

Aug 16, 2023
At a little overt halfway through 2023, credential theft is still a major thorn in the side of IT teams. The heart of the problem is the value of data to cybercriminals and the evolution of the techniques they use to get hold of it. The  2023 Verizon Data Breach Investigations Report (DBIR)  revealed that 83% of breaches involved external actors, with almost all attacks being financially motivated. Of these breaches by external actors, 49% involved the use of stolen credentials.  We'll explore why credential theft is still such an attractive (and successful) attack route, and look at how IT security teams can fight back in the second half of 2023 and beyond. Users are still often the weak link The hallmarks of many successful cyberattacks are the determination, inventiveness, and patience threat actors show. Though a user may spot some attacks through security and awareness training, it only takes one well-crafted attack to catch them. Sometimes all it takes is for a user to be
The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins

The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins

Jun 23, 2023 Web Security / Browser
The case for browser fingerprinting: personalizing user experience, improving fraud detection, and optimizing login security Have you ever heard of browser fingerprinting? You should! It's an online user identification technique that collects information about a visitor's web browser and its configuration preferences to associate individual browsing sessions with a single website visitor.  With browser fingerprinting, many pieces of data can be collected about a user's web browser and device, such as screen resolution, location, language, and operating system. When you stitch these pieces together, they reveal a unique combination of information that forms every user's visitor ID or "digital fingerprint." Websites can use the visitor ID in various ways, including personalizing the user's experience, improving fraud detection, and optimizing login security. This article discusses the case for browser fingerprinting and how to use it safely on your websi
Expert Insights / Articles Videos
Cybersecurity Resources