In this article, we cover the details of a heavily distributed credential-stuffing attack that targeted a major US financial service company (spoiler: there were some pretty clear signs of device spoofing, as you’ll see below). By the end of the bot attack, which lasted 6 days, Castle blocked
The post Anatomy of a 6-day Credential Stuffing Attack From 2.2M Residential IPs appeared first on Security Boulevard.