Data Breaches and Credential Stuffing: Don’t Get TKOd

Share and earn Cybytes
Facebook Twitter LinkedIn Email

It has been a very rough month for the information security community.  It feels like we’ve been on the losing end of a championship fight against Floyd Mayweather.

The body shots started with Equifax and continued with attacks on the US Government. The assault included a couple of combination shots as Equifax expanded the scope of their breach by adding millions of additional impacted accounts and as reports emerged that this was not the first breach for Equifax in 2017.

Then came a left hook when Yahoo updated users that the previously described breach impacting only ~ 1 billion users in fact impacted all ~3 billion Yahoo accounts.  It should be noted that Yahoo suffered several breaches, but this week’s announcement is not a fresh breach.  Rather, Yahoo’s investigation has concluded that the previous breaches were larger than previously suspected and they are disclosing those details.

Yahoo’s disclosures have explained that the billions of user passwords were hashed with MD5 and apparently were not salted, making it much easier and less expensive for an adversary to recover in plain text.

Read the rest of the blog here >

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Akamai Technologies
If you've ever shopped online, downloaded music, watched a web video or connected to work remotely, you've probably used Akamai's cloud platform. Akamai helps businesses connect the hyperconnected, empowering them to transform and reinvent their business online. We remove the complexities of technology so you can focus on driving your business faster forward – enabling you to embrace trends like cloud, mobile and media, while overcoming the challenges presented by security threats and the need to reach users globally. Customers trust our cloud platform to securely deliver high-performing user experiences to any device, anywhere. Reaching globally and delivers locally, The Akamai Intelligent Platform™, provides customers with unmatched reliability, security, and visibility into their online businesses.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?