Credential Stuffing is an attack where credentials stolen from one or more sites is used at other sites, in the hope that the same credentials were used by users on multiple sites. This post discusses some of the steps consumers and services providers can take to prevent these attacks.
Tag Archive: Privacy
Should you implement HTTP Public Key Pinning (HPKP) for your site? Some reasons I don’t like it in its present form and when it can be acceptable.
The top ten most used passwords on Ashley Madison shows that people have not learned much about using strong passwords, even with all the data breaches that have occurred recently.
What we know and don’t know about the security implemented by Skype and whether Skype calls can be intercepted.
Major credit card breach has been reported involving Global Payments Inc, possibly involving several million accounts.