What is Credential Stuffing and Why Should I Care?

You should know by now that using common passwords is a bad idea. And you may have heard of recent password breaches and that you should change passwords on breached sites. But there is an additional threat: credential stuffing. Whenever there is a breach where usernames or email addresses are disclosed and can be matched […]
Read More ›

How Password Spraying Could be an Attack Vector Into Your Organization

There are two common ways the bad guys might try to break into a building: spend lots of effort on one door or window, or try each door and window to see if one is easier to enter than the others. The same is true for attackers trying to compromise systems and networks (and penetration […]
Read More ›

How I Was Wrong About Kerberos

Microsoft’s Active Directory includes a version of Kerberos that has had a bad reputation. There were problems several years ago, but the criticisms are now outdated. What was the problem, and how has it been fixed? Origins of Active Directory Windows 2000 was originally going to be called Windows NT 5.0. It was released in […]
Read More ›

Using SSH for IoT Authentication

In a previous post, I wrote about attackers using default passwords in FTP and Telnet to compromise devices (especially IoT ones such as cameras). The compromised devices were then used to attack other devices on the Internet. I suggested users change passwords on the devices where possible but acknowledged that some were not changeable. I […]
Read More ›

The Next Big Thing in Biometric Authentication: Ephemeral Biometrics

A device like a FitBit may soon greatly improve user authentication. The key to this will be ephemeral biometrics. We talk about biometric authentication in some of Learning Tree’s cyber security courses, including the System and Network Security Introduction course and the CompTIA Security+ test-prep course. But how are ephemeral biometrics different? Biometrics Today Biometric authentication […]
Read More ›

Type to search blog.learningtree.com

Do you mean "" ?

Sorry, no results were found for your query.

Please check your spelling and try your search again.