Cygilant Blog

Credential Stuffing

Posted by Cygilant on Apr 22, 2019

How to Protect Against Credential Stuffing Attacks

It’s impossible to miss the reports of massive, high-profile data breaches. Adobe, Ancestry, Bitly, Comcast, Dropbox, Equifax, Google+, Marriott Starwood, T-Mobile, Ticketfly, LinkedIn, Yahoo and many other companies have leaked massive amounts of personal information, such as user names and passwords. But you may not be aware of what happens to this data after it’s been stolen.

Cybercriminals often purchase stolen data on the Dark Web. For example, on February 17, 2019, a hacker going by the name Gnosticplayers put eight hacked databases containing data for 92.75 million users on sale for 2.6249 bitcoins (about $9,300) on the Dark Web Marketplace known as Dream Market. Previously, the same hacker had posted a batch of 16 databases containing data for 620 million users and another batch of eight databases with data from 127 million users.

What Will be the Top Cybersecurity Threats in 2017?

Posted by Shawn O'Brien on Dec 31, 2016

Will cyberthreats will 2017 hold?

Cybersecurity is an ever-changing field. A threat that was huge ten years ago might not even be on the radar today. While it's impossible to predict the future, there are certain trends that will most likely continue into 2017. Let's take a look at some predictions for the new year. 

1. IoT-based DDoS attacks

One major threat that is looming on the horizon for 2017 is the use of distributed denial-of-service attacks. While these kinds of hacks have been around for quite some time now, the reason there will likely be a surge in 2017 has to do with the introduction of the Internet of Things.

Understanding the Increased Complexity of Cyber Threats

Posted by Vijay Basani on Nov 30, 2016

Cybersecurity is becoming increasingly more complex.

Is your company spending more and more money on trying to keep up with the increased complexity of cyber threats?

You're welcome to be alarmed (it's a perfectly normal response). But don't be shocked. Cybercriminals, who often have plenty of time and resources to devote to their craft, are constantly becoming more sophisticated. And companies typically have to spread their resources out to various departments, limiting their ability to fully secure themselves. Sure, most have IT teams (or at minimum a dedicated IT professional), but that doesn't mean they're completely capable of handling the complexity and vast amount of threats bombarding their servers.

Effective Methods to Reduce Uncertainty Over Cyber Threats

Posted by Kevin Landt on Nov 22, 2016

If you're concerned about IT security threats, you should take measures to protect your company.

Are you worrying about an IT breach more than your company's sales numbers? In some sense, that's a good thing (IT security should be at the top of your list). But on the flip side, it shouldn't be keeping your organization's C-Suite executives up at night.

If IT security problems are becoming a headache, you probably need to do more to protect your company from cyber attacks.

Here are two effective methods to help you reduce your uncertainty about cyber threats.

Why It's Difficult For An IT Team to Monitor Cyber Threats

Posted by Security Steve on Nov 21, 2016

It's not easy to protect corporate computers from cyber attacks.

When you're trying to protect your home computer from cyber threats, what do you normally do? You probably download the latest malware program and update your firewall.

But IT security at the corporate level is much more complicated, costly and time consuming.

"IT security at the corporate level is complicated, costly and time consuming."

After all, if it was easy to protect systems, IT criminals wouldn't have gained access to the Trump Hotel Collection and stolen credit card information from 70,000 individuals. The Australian Red Cross wouldn't have faced a cyber breach that resulted in hackers gaining access to 550,000 blood donors' personal information. And Anthem health insurance systems wouldn't have had to deal with the fall out of a breach that exposed the personal information of nearly 80 million people.

“Cybersecurity is the Greatest Threat We Have Now": What This Means for Companies

Posted by Security Steve on Jun 9, 2016


In April 2016, Steve Wozniak sat down for an interview with the Australian news program Lateline. Questioned by reporter Matt Wordsworth about the recent Apple vs. FBI saga, the Apple co-founder made a strong statement: cybersecurity is the greatest threat to the world today. The following considers that claim and its implications for businesses aiming to strengthen their cybersecurity stances.

One of the Biggest Headaches In Cybersecurity: False Positives

Posted by Shawn O'Brien on Mar 23, 2016


False positives. Those pesky notifications that make you panic at first, but then after some investigation, you discover that they’re actually nothing at all. This may seem like a minor inconvenience, but just imagine what it’s like when you have to deal with this multiples times a day and you have no efficient way to remove this type of noise from your reports! A false positive is any normal or expected behavior that is identified as anomalous or malicious. This article from Symantec offers several common examples of what causes false positives:

How to Set Up a Threat Assessment Program

Posted by Security Steve on Sep 28, 2015

Simple products such as firewalls used to be enough to raise the alarm when something untoward was happening to your computer or network. With the extraordinary level of technology available to hackers and the increasing sophistication of the hackers themselves, it's no longer sufficient to slap an off-the-shelf security product into place and call it a day.

Now, you need to have a threat assessment program in place.

Here are a few tips on getting started.

Internal vs. External Security Threats: Why Internal Is Worse Than You Expected (and What You Can Do About It)

Posted by Vijay Basani on Sep 3, 2015

The drama of data security seems to feature outside threats as the most prominent. From Eastern European criminal gangs to nation-state actors to Anonymous, you’d think hackers were the number one cause of data loss. They’re not.

Which Security Threats to Take Action on Now

Posted by Vijay Basani on Aug 20, 2015

Every year sees dozens of lists of top security issues. One major publication will tell you the Internet of Things, cutting edge DDoS attacks, and social media hacks are the top threats. Another will tell you they are nation-state actors, data destruction, and extortion. These were our predictions for this year.

There is little crossover; these lists are subjective by their very nature. That's why a security survey of your company and system is so important—each company has a different threat profile.

To help narrow it down, here are some of the most common threats you will likely face.

Most Recent Posts

Subscribe to Email Updates