Hello and welcome to the Monday, April 29th, 2004 edition of the Sands and at Storms Center's

Stormcast. My name is Johannes Ulrich and today I'm recording from Jacksonville, Florida.

Octa did release an advisory stating that they are seeing a search in credential stuffing attacks. Credential stuffing is notoriously difficult to defend against

because, well, it uses leaked credentials, so it's not like classic brute forcing. Aarne

attacker needs to send lots and lots of requests. It requires much less requests than you have something classic

brute forcing. Also, Octa states that they observed this credential stuffing originating from

anonymizing proxies. They're a media coincidence here, but Octa also came out with a feature to block anonymizing proxies.

Credential stuffing itself has been an ongoing issue.

Cisco alerted of it a month ago.

I remember last year, Cisco also released another advisory about these kind of credential stuffing brute force attack.

It's definitely something that you need to be ready for.

Blocking anonymizing proxies may help a little bit,

but in the end, two-factor off the occasion,

or you'll likely fall for it at some point.

And police in Japan has come up with an interesting trick to hopefully disrupt some of the

sort of small-scale ransomware and help desk scams that are in particular targeting elderly

people. What it is that in convenience stores that often sell gift cards, they did offer

specific gift cards that are labeled as a virus, Trojan Horse removal fee payment card or

unpaid charges, delinquent charges payment cards. So essentially they're labeled in such a way that someone

who has been infected by some fake malware or fake anti-malware in some cases may be tempted to

buy these cards in order to pay the fee of some kind of help desk scam.

Interestingly, this has apparently worked.

...