🏠 Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeiträge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden Überblick über die wichtigsten Aspekte der IT-Sicherheit in einer sich ständig verändernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch übersetzen, erst Englisch auswählen dann wieder Deutsch!

Google Android Playstore Download Button für Team IT Security

800+ IT News als RSS Feed abonnieren

Thema auswählen:

📚 HackerOne: 2020-10-09 Credential Stuffing Attack

🕛 Zeit seit Veröffentlichung: 1271 Tage, 5 Stunden 34 Minuten
📆 Veröffentlicht am: 13.10.2020 um 21:28 Uhr
💡 Newskategorie: Sicherheitslücken
🔗 Quelle: vulners.com

Executive summary On October 4, 2020 and October 5, 2020, an attacker launched two credential stuffing attacks against HackerOne.com. On October 9, 2020, HackerOne’s Security team noticed the attack during their weekly audit of anomalies in their log aggregation platform, leading to the Incident Response team starting an investigation. The Incident Response team identified that a number of accounts had valid authentication attempts, of which some were blocked due to two-factor authentication. One account in particular had user activity from an unauthorized party, which viewed a number of report titles. After an investigation, the Incident Response team concluded that report contents hadn’t been accessed. On October 9, 2020, HackerOne immediately locked all affected accounts that had their credentials compromised. After the accounts were locked, HackerOne reached out to the account holders to notify them with instructions how to unlock their account and advice regarding their credentials. In the abundance of caution, programs of which report titles were viewed received a notification from HackerOne as well. Incident timeline | Date | Time (PDT) | What happened? | |---|---|---| | 2020-10-04 | 12:00p | Credential stuffing attack... ...

Sharing is caring on Social Media

Join the Team IT Security Community

📌 Over two billion credential were stolen in 2017 and contributed to the complex problem of credential spills, credential stuffing and account takeover fraud.

🕛 2086 Tage, 7 Stunden 28 Minuten
📆 21.07.2018 um 18:41 Uhr
📈 48.35 Punkte