The Rise of Synthetic Passwords in Botnet and Attack Operations
This is the write-up of a talk I gave at PasswordsCon, which runs as a track inside BSides Las Vegas. It was my first time in Vegas and my first talk at a conference that size, so if the recording has me talking slightly too fast, that is why. The short version: attackers are starting to throw passwords at login systems that were never meant to work, and that breaks an assumption a lot of defensive tooling is quietly built on. ...