1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Sentry MBA makes credential stuffing attacks easy and cheap

Discussion in 'CSO' started by RSS, Mar 17, 2016.

  1. RSS

    RSS New Member Member

    A new report released by Shape Security yesterday details how the Sentry MBA tool makes credential stuffing attacks more widely available to cybercriminals.

    The traditional "brute force" method of breaking into a user account requires the attacker to try numerous combinations of login ID and password. It's a difficult, time-consuming process. Plus, defending organizations have learned to stop these kinds of attacks by blocking multiple attempts to log into the same account, or multiple login attempts from the same IP address.

    A credential stuffing attack increases the attackers success rate and reduces the time it takes to break into accounts by using stolen lists of working login IDs and passwords from other sites, since many people use the same email addresses and passwords as their credentials in multiple locations.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page