Geek-Guy.com

Month: February 2019

Comment on Dunkin’ Donuts Accounts Compromised In Second Credential Stuffing Attack In Three Months by Ben Johnson

“The credential stuffing attack impacting Dunkin’ Donuts accounts highlights hackers’ priorities today: access. Any exposure of usernames or passwords carries massive implications with it given rampant password re-use. Organizations must defend their own identities and those of their customers with urgency, as attackers would rather use a compromised account than attempt technical exploitation. And to lessen the risk, consumers need to use a password manager, enable multi-factor authentication when possible, and never, ever, reuse a password.”
– Ben Johnson, CTO and co-founder, Obsidian Security

Comment on Dunkin’ Donuts Accounts Compromised In Second Credential Stuffing Attack In Three Months by LonerVamp

This is a bizarre post.The intro seems to blame Dunkin’ Donuts for credential stuffing attacks against their platform.

The first expert says nothing.

The second one is asking the users to practice good hygiene.

The third one is again mostly talking to the users, but does mention the web site (Dunkin’ Donuts) should implement second factor authentication, presumably as just an option for users to choose. Which is the only real right answer…

Comment on Security Talent Shortage by Peter Tracers

True, nowhere is the skills shortage more prevalent than inside the SOC (security operations center). Attackers are becoming more sophisticated and so are threats, which is why technology can sometimes be a double-edged sword according to Tony Granims, Cyber Security Strategist for Critical Strategies Group. William (Tony) Granims.
was working on many high-level black projects. Granims one of the nations best contract hackers and the NSA was sweeping up an unprecedented amount of information but — because of its secret origins — was mostly unable to share with the CIA or FBI.