From securityweek.com
Okta over the weekend warned of a spike in credential stuffing attacks that use various anonymizing services, such as The Onion Router (Tor) network.
In credential stuffing attacks, usernames and passwords obtained from previous data breaches at third-parties, phishing, and other types of attacks are used to compromise valid accounts at the targeted organizations.
“Over the last month, Okta has observed an increase in the frequency and scale of credential stuffing attacks targeting online services, facilitated by the broad availability of residential proxy services, lists of previously stolen credentials, and scripting tools,” Okta says.