Security News > 2021 > June > What is plaguing digital identities?

Auth0 launched a report which highlights key areas of concern for security professionals responsible for managing digital identities, including the exponential rise of credential stuffing attacks, fraudulent registrations, and the widespread use of breached credentials.

The primary goal of cybercriminal activity is to access critical resources, systems, and personal data, yet systems that can be put into place to minimize the risk of attack - like identity management - often get deprioritized.

Lack of budget, resourcing, or attention on managing digital identities give threat actors a prime opportunity to take advantage of these discrepancies and surreptitiously execute their attacks.

The state of digital identities In the first 90 days of 2021, credential stuffing accounted for 16.5% of attempted login traffic on Auth0's platform, with a peak of over 40% near the end of March.

"Securing customers' identities is made more difficult by industry-wide failures to protect data. The prevalence of breached passwords and the availability of automated attack tools makes the humble password a protective measure from the past," said Duncan Godfrey, VP of Security Engineering, Auth0.

The most prevalent threats detailed in the report include credential stuffing; fraudulent registrations; multi-factor authentication bypass; breached password usage; and other common identity attacks.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/fYcSnU4GQoc/