Tag: Credential stuffing
Overview Blackguard Infostealer is a malware strain that was first discovered infecting Windows devices at the start of 2022. Other security researchers have already documented how the malware operates and its dissemination via underground Russian crimeware forums., This article aims to expand on existing research by exploring its data exfiltration capabilities in greater detail. Blackguard…
Read MoreIntroduction In part one of this two-part series, we define digital identity and explore the attack vectors cybercriminals use at each stage in the identity lifecycle. Everything that we do as individuals has found its way into the digital world. From communicating with friends to purchasing good or services—even getting an education and managing investments…
Read MoreWhat Is Credential Stuffing? Credential stuffing occurs when a cybercriminal obtains a large number of stolen or leaked login credentials—username and password pairs—for one website and tests them on the login pages of other websites. The attacker’s goal is to gain unauthorized access to as many user accounts as possible and then carry out other…
Read MoreWelcome back to the Sensor Intelligence Series, our recurring monthly summary of vulnerability intelligence based on distributed passive sensor data. We’ll start off this month’s analysis with a look at some activity from the August dataset, which demonstrates some of the oddities we occasionally see, and then dig into the changes we saw in September…
Read MoreFrom January to April 2023, Healthcare had the highest levels of unwanted Web automation. However, this automation saw a significant decrease in May 2023 before rebounding in June. The Hospitality industry has seen a steady increase in automation starting off as the eighth most targeted industry in January 2023 with 11.7% automation. This peaked in…
Read MoreIn contrast, identity providers in media, retail, and travel tended to see higher overlap, particularly among bot traffic in the travel industry. (High overlaps for aggregators in media and retail are skewed by a comparatively miniscule number of accounts submitted.) The technology industry showed narrow distributions for all three categories, which partly reflects the fact…
Read MoreIntroduction Much of the activity on the internet is automated, and quite a lot of it is specifically due to bots. Bots can be used for many purposes, but in this series of articles we’ll be looking at bots that create and use fake accounts. This first article looks at the motivations behind fake account…
Read MoreWelcome to the dedicated Executive Summary for our 2023 Identity Threat Report. Here we’ve brought together the bullet-list style summary that opens the full report, as well as a few curated selections and charts to get immediately to the “what do I need to know” of it all. And of course, if you want to…
Read MoreOverall Scanning Traffic Changes Lest the downward trend shown in Figure 2 makes it seem like overall scanning traffic may be abating, it’s important to note that the volume of scanning we observed has remained relatively constant, at least over the last three months, increasing by approximately 5.1% from August to September, then falling approximately…
Read MoreIn part two of this multi-part series on fake account creation bots, we look at why automation is used to create fake accounts and how they impact businesses. What is a Fake Account Creation Bot? A fake account creation bot is an automated computer program designed to create large numbers of fake accounts inside online…
Read More