Credential Stuffing is an attack where credentials stolen from one or more sites is used at other sites, in the hope that the same credentials were used by users on multiple sites. This post discusses some of the steps consumers and services providers can take to prevent these attacks.
Tag Archive: Apps
“Shift left” is the concept of implementing security from the very beginning and continuously validating that the product is secure. This article is about how to shift security left, based on my experience with very large commercial payment applications and how I helped secure them.
Inherent weaknesses in penetration tests and why you should not rely only on them for security.
What we know and don’t know about the security implemented by Skype and whether Skype calls can be intercepted.
The reason Chain-of-Trust is important for software vendors when providing updates and patches.