1. Verify Login Credentials to Protect against Credential-Stuffing Attacks

    Verify Login Credentials to Protect against Credential-Stuffing Attacks

    Users to Verify Their Login Credentials to Protect against Credential-Stuffing Attacks Checking credentials against leaked login information is an important safeguard to protect against credential stuffing attacks, as it helps prevent the use of stolen credentials. When users check their credentials on a platform that matches whether the data has been leaked in the past, they can determine whether their credentials may have already fallen into the hands of attackers. If so, they should change their password as soon as possible and, if necessary, consider other security measures such as enabling two-factor authentication.

    Reading Time:
    8 min
    Published:
    :
    Rene Neff
  2. Risks to Users and Operators of Online Platforms from Credential-Stuffing Attacks

    Risks to Users and Operators of Online Platforms from Credential-Stuffing Attacks

    Risks to Users of Online Platforms from Credential-Stuffing Attacks Credential stuffing attacks pose a high risk for users of online platforms. Criminals’ access to online accounts can lead to financial damage, for example when purchasing goods with stolen credit cards or by exploiting access data to paid offers. Credential-stuffing attacks also pose a risk of identity theft, as attackers may have access to personal information and documents when they access an account.

    Reading Time:
    4 min
    Published:
    :
    Rene Neff
  3. Credential Stuffing: A Threat to Online Platforms and Their Users

    Credential Stuffing: A Threat to Online Platforms and Their Users

    Credential stuffing attacks are a cyber attack type in which attackers attempt to use credentials obtained through data leaks and other means on various online platforms. In these attacks, automated scripts are used to try out the credentials at high speed on many of these portals. If credentials are correct, attackers can usually fully access and abuse a legitimate user’s account. The stolen credentials are often gathered in so-called collections and traded by criminals on the dark and deep web.

    Reading Time:
    2 min
    Published:
    :
    Rene Neff
  4. A screenshot of the command `git log`. One can see three commit messages: '💚 Adopt hadolint suggestions', '🚀 Pull base images on build', '⬆️  Upgrade dependencies'

    Fast and User Friendly: Our Alternative to Gitmoji

    In the world of software development, it is important to document changes to projects quickly and efficiently. One way to do this is to add emojis to commit messages to quickly identify the nature of the changes. A well-known and popular tool that we like to use at Identeco is gitmoji. But what if you’re a programmer and want to work even faster and realize the meaning of emojis more quickly in the context of Semantic Versioning?

    Reading Time:
    3 min
    Published:
    :
    Pascua Theus
  5. How often should you change your passwords?

    How often should you change your passwords?

    Always and nearly everywhere you are told how to choose a secure password: Upper and lower case letters, numbers and special characters, no variations of already existing passwords and in no case use a password more than once. After you have chosen your password appropriately, the only question that remains is: how often you should change your passwords. Originally, a regular password change several times a year was recommended, often every three months.

    Reading Time:
    4 min
    Published:
    :
    Aura Pop & Rene Neff
  6. Phishing, What Is It All About? (Part 2)

    Phishing, What Is It All About? (Part 2)

    It is well known that the number of phishing attacks continues to increase. Just like the fact that Germany is one of the countries most affected. The first part of “Phishing, What Is It All About?” covered e-mail phishing, baiting and search engine phishing and explained how to protect yourself from these types of phishing. In this part, CEO Fraud, Corporate Phishing and Angler are presented. CEO Fraud Also known as Business Email Compromise (BEC), this is when email addresses of key people within a company, such as the CEO, have been captured.

    Reading Time:
    4 min
    Published:
    :
    Aura Pop & Rene Neff
  7. Phishing, What Is It All About? (Part 1)

    Phishing, What Is It All About? (Part 1)

    The number of phishing attacks increased by 29% in 2021 compared to the previous year, and Germany was the third most attacked country. But what exactly is “phishing”? In phishing, someone poses as a reputable and trustworthy person or company and, by manipulating the victim, achieves that the latter clicks on or opens a file, link or similar. This usually then leads to personal information being stolen or malware being installed.

    Reading Time:
    3 min
    Published:
    :
    Aura Pop & Rene Neff
  8. A Ransomware Secure Backup Strategy

    A Ransomware Secure Backup Strategy

    We provide you with information about ransomware attacks, the attackers and their consequences. Based on this, you will receive requirements for a ransomware secure backup strategy and how you can implement this with BorgBackup to best protect yourself from an attack. Ransomware is currently a real, serious threat […] which can also attract a lot of media attention. The probability that your company/agency will also be hit is currently high and realistic – BSI Catalogue of Measures for Ransomware.

    Reading Time:
    5 min
    Published:
    :
    Leo Schmidt
  9. Speed up Rust CI pipelines that use Tarpaulin

    Speed up Rust CI pipelines that use Tarpaulin

    Rust is an awesome language. Not only does it provide you with runtime performance that is on par with languages like C and C++, but it also prevents you from shooting yourself in the foot thanks to a lot of compile time checks. This however means that the compiler has to do a lot more work compared to some other languages: Borrow checker, Types, Generics, Macros, LLVM Optimization… While those features do result in a better product, no one wants to sit around 30 minutes just to discover that a single test failed due to a typo.

    Reading Time:
    5 min
    Published:
    :
    Fabian Odenthal
  10. We're starting the Identeco Blog

    We're starting the Identeco Blog

    At Identeco, we learn new things every day. This is true for our developers, but also for our colleagues in sales and marketing as well as for our management. Since our society and the economy are changing continuously, we must enjoy constantly expanding our knowledge. Digitalization is a huge factor in rapid change. We want to play a part in ensuring that these changes don’t catch you cold. Because we believe that it is essential living an open culture of information and knowledge sharing when working with our customers.