Tag: Brute force attack
This is the full-spectrum, director’s cut version of the Application Protection Report, untrammeled by petty concerns like brevity or toner prices (for the shorter version, please see our Summary). This report pulls together the various threats, data sources, and patterns in the episodes into a unified line of inquiry that began in early 2019, picking…
Read MoreCredential Stuffing Causes Outages It’s not hard for attackers to find poorly defended web logins. Many sites often have only a basic web application firewall (WAF), or nothing at all. Many WAFs do not detect or defend against credential stuffing attacks. In general, WAFs are designed to block application attacks, malformed requests, and web exploits.…
Read MoreThe sight of empty supermarket shelves during the COVID-19 pandemic brought home the fragility of our food supply chain. We can all see the importance of ensuring the security of the farming and agriculture industry. However, farming is becoming increasingly automated. This means new cybersecurity risks are emerging to stand alongside traditional risks like the…
Read MoreDuring this period, a campaign of blackmail attempts claimed to be from the Russian advanced attacker Fancy Bear. Their attack opened with a small DDoS attack as a demonstration, followed by a payment demand for hundreds of thousands of dollars. Pay up or they will “make sure your services will remain offline until you pay.”…
Read MoreWherever there is Internet, there are businesses looking to take advantage of the twenty-first century gold rush: data collection. Cybercrime is no exception. Attackers focus on breaching applications to collect data on Internet users and then monetize that data in darknetAn encrypted network that runs on the Internet, enables users to remain anonymous, and requires…
Read MoreIdentifying Trends in Recent Cyberattacks Web attacks vary quite a lot—by target, technique, objective, and attacker—which makes it difficult for a system owner to assess the instantaneous risk to their particular combination of systems until they’re attacked. To help defenders anticipate the risks they face, we analyzed several months’ worth of global honeypot traffic from…
Read MoreIn the fall of 2020, many countries began to require that travelers test negative for the new coronavirus before crossing their borders. As with anything of value, a black market soon emerged. Travelers could illicitly purchase forged negative COVID-19 test results and try to fake their way through the checkpoint. Goodness knows, we’ve already seen…
Read MoreReasons for Credential Spills In some of the incidents, organizations were willing and able to disclose the reason credentials were compromised. While every incident is a little different, we’ve highlighted a few here that are particularly instructive (or just frustrating). In short, there’s no shortage of opportunity, even for unsophisticated threats. A Breach from Beyond…
Read MoreAccounting for the slight dip in 2019, password login attacks account for 32% of all reported SIRT incidents over the past three years. We also saw how they jumped in 2020, so we did a deeper dive into how these kinds of cyberattacks ramped up during the pandemic. Credential Stuffing Attacks at Financial Services Organizations…
Read More
APIs and Sectors As more APIs are published, both by large enterprises who want to make their data more available (such as Google) and by smaller, industry-specific organizations hoping to generate value, some interesting industry patterns are also emerging. Of the organizations for which we had sector information, social networking organizations made up the largest…
Read More