Home Cyber Crime Internet registry RIPE NCC warns of credential stuffing attack

Internet registry RIPE NCC warns of credential stuffing attack

26
0



Jessica Haworth

19 February 2021 at 13:24 UTC

Up to date: 19 February 2021 at 13:25 UTC

Malicious hackers focused the group’s members by SSO service

Internet registry RIPE NCC warns of credential stuffing attack

Web registry RIPE NCC has introduced it was the sufferer of a credential stuffing attack affecting its single-sign-on (SSO) platform.

The RIPE Community Coordination Centre is the regional web registry for Europe, the Center East, and Central Asia.

Yesterday (February 18), the non-profit group warned it had develop into the sufferer of a focused assault on the RIPE NCC Entry device, which precipitated its networks to be knocked offline.

The middle mentioned it has no proof that any SSO accounts have been compromised however is constant to research the incident.

BACKGROUND Credential stuffing attacks: How to protect your accounts from being compromised

A statement reads: “We mitigated the assault, and we at the moment are taking steps to make sure that our providers are higher protected in opposition to such threats sooner or later.”

RIPE NCC has urged any account holders to make use of two-factor authentication, in the event that they haven’t carried out so already, and to tell them of any suspicious exercise.

As an web registry, RIPE NCC is accountable for offering international web sources and associated providers, corresponding to IPv4, IPv6, and AS Quantity sources, to members in its service area.

Its members consist primarily of web service suppliers, telecommunications organizations, and enormous firms throughout the 75 nations.

Unauthorized entry

Credential stuffing attacks happen when malicious hackers use login data stolen from information breaches to entry their victims’ accounts.

Username/password pairs stolen from one web site are mechanically fed into the login pages of different net purposes.

Leveraging the precept of trial and error, attackers use specialised software program to ‘stuff’ an infinite quantity of credential mixtures into sign-in pages at excessive velocity in a bid to compromise accounts.

YOU MAY ALSO LIKE Centreon downplays reports of backdoor software vulnerabilities



Source link