CINXE.COM

<!DOCTYPE html> <html lang="en" xml:lang="en" dir="ltr" xmlns="http://www.w3.org/1999/xhtml" data-edition="asean" data-brand="cso"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <style>:root { --advertisement-label-text: "Advertisement"; }</style> <meta name="category" content="Application Security, Cyberattacks, Security, Vulnerabilities"> <link rel="profile" href="https://gmpg.org/xfn/11"> <meta name='robots' content='max-image-preview:large, index,follow' /> <script> window._sp_analytics = { config: { accountId: 146, events: { onDetectionComplete: function() { console.log('onMessageReady'); } }, } }; </script>  <title>APIs are becoming a major target for credential stuffing attacks | CSO Online</title> <meta name="twitter:label1" content="Written by" /> <meta name="twitter:data1" content="lconstantin" /> <meta name="twitter:label2" content="Est. reading time" /> <meta name="twitter:data2" content="6 minutes" />  <link rel='dns-prefetch' href='//cdn.onthe.io' /> <link rel='dns-prefetch' href='//cdnjs.cloudflare.com' /> <link rel='dns-prefetch' href='//stats.wp.com' /> <link rel="alternate" type="application/rss+xml" title="CSO Online » Feed" href="https://www.csoonline.com/feed/" /> <link rel="alternate" type="application/rss+xml" title="CSO Online » Comments Feed" href="https://www.csoonline.com/comments/feed/" /> <link rel='stylesheet' id='wp-block-library-css' href='https://www.csoonline.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2' media='all' /> <style id='wp-block-library-inline-css'> .has-text-align-justify{text-align:justify;} </style> <style id='co-authors-plus-coauthors-style-inline-css'> .wp-block-co-authors-plus-coauthors.is-layout-flow [class*=wp-block-co-authors-plus]{display:inline} </style> <style id='co-authors-plus-avatar-style-inline-css'> .wp-block-co-authors-plus-avatar :where(img){height:auto;max-width:100%;vertical-align:bottom}.wp-block-co-authors-plus-coauthors.is-layout-flow .wp-block-co-authors-plus-avatar :where(img){vertical-align:middle}.wp-block-co-authors-plus-avatar:is(.alignleft,.alignright){display:table}.wp-block-co-authors-plus-avatar.aligncenter{display:table;margin-inline:auto} </style> <style id='co-authors-plus-image-style-inline-css'> .wp-block-co-authors-plus-image{margin-bottom:0}.wp-block-co-authors-plus-image :where(img){height:auto;max-width:100%;vertical-align:bottom}.wp-block-co-authors-plus-coauthors.is-layout-flow .wp-block-co-authors-plus-image :where(img){vertical-align:middle}.wp-block-co-authors-plus-image:is(.alignfull,.alignwide) :where(img){width:100%}.wp-block-co-authors-plus-image:is(.alignleft,.alignright){display:table}.wp-block-co-authors-plus-image.aligncenter{display:table;margin-inline:auto} </style> <link rel='stylesheet' id='mediaelement-css' href='https://www.csoonline.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17' media='all' /> <link rel='stylesheet' id='wp-mediaelement-css' href='https://www.csoonline.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.6.2' media='all' /> <style id='elasticpress-facet-style-inline-css'> .widget_ep-facet input[type=search],.wp-block-elasticpress-facet input[type=search]{margin-bottom:1rem}.widget_ep-facet .searchable .inner,.wp-block-elasticpress-facet .searchable .inner{max-height:20em;overflow:scroll}.widget_ep-facet .term.hide,.wp-block-elasticpress-facet .term.hide{display:none}.widget_ep-facet .empty-term,.wp-block-elasticpress-facet .empty-term{opacity:.5;position:relative}.widget_ep-facet .empty-term:after,.wp-block-elasticpress-facet .empty-term:after{bottom:0;content:" ";display:block;left:0;position:absolute;right:0;top:0;width:100%;z-index:2}.widget_ep-facet .level-1,.wp-block-elasticpress-facet .level-1{padding-left:20px}.widget_ep-facet .level-2,.wp-block-elasticpress-facet .level-2{padding-left:40px}.widget_ep-facet .level-3,.wp-block-elasticpress-facet .level-3{padding-left:60px}.widget_ep-facet .level-4,.wp-block-elasticpress-facet .level-4{padding-left:5pc}.widget_ep-facet .level-5,.wp-block-elasticpress-facet .level-5{padding-left:75pt}.widget_ep-facet input[disabled],.wp-block-elasticpress-facet input[disabled]{cursor:pointer;opacity:1}.widget_ep-facet .term a,.wp-block-elasticpress-facet .term a{-webkit-box-align:center;-ms-flex-align:center;align-items:center;display:-webkit-box;display:-ms-flexbox;display:flex;position:relative}.widget_ep-facet .term a:hover .ep-checkbox,.wp-block-elasticpress-facet .term a:hover .ep-checkbox{background-color:#ccc}.ep-checkbox{-webkit-box-align:center;-ms-flex-align:center;-ms-flex-negative:0;-webkit-box-pack:center;-ms-flex-pack:center;align-items:center;background-color:#eee;display:-webkit-box;display:-ms-flexbox;display:flex;flex-shrink:0;height:1em;justify-content:center;margin-right:.25em;width:1em}.ep-checkbox:after{border:solid #fff;border-width:0 .125em .125em 0;content:"";display:none;height:.5em;-webkit-transform:rotate(45deg);transform:rotate(45deg);width:.25em}.ep-checkbox.checked{background-color:#5e5e5e}.ep-checkbox.checked:after{display:block} </style> <link rel='stylesheet' id='elasticpress-related-posts-block-css' href='https://www.csoonline.com/wp-content/mu-plugins/search/elasticpress/dist/css/related-posts-block-styles.min.css?ver=4.2.2' media='all' /> <style id='classic-theme-styles-inline-css'> /*! This file is auto-generated */ .wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none} </style> <style id='global-styles-inline-css'> :root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}:where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;} :where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;} :where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;} :root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;} </style> <link rel='stylesheet' id='editions-desktop-css' href='https://www.csoonline.com/wp-content/client-mu-plugins/idg-editions/dist/styles/main.css?ver=0.1.0' media='all' /> <link rel='stylesheet' id='third-party-integrations-style-css' href='https://www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/styles/index.css?ver=1739768936' media='all' /> <link rel='stylesheet' id='frontend-jwplayer-styles-css' href='https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/jwplayer.css?ver=1739768936' media='all' /> <link rel='stylesheet' id='frontend-shared-styles-css' href='https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/shared.css?ver=1739768936' media='all' /> <link rel='stylesheet' id='frontend-styles-css' href='https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/styles/bundle.css?ver=1739768936' media='all' /> <link rel='stylesheet' id='cso-amp-styles-css' href='https://www.csoonline.com/wp-content/themes/cso-b2b-child-theme/dist/styles/amp.css?ver=1739768936' media='all' /> <link rel='stylesheet' id='jetpack_css-css' href='https://www.csoonline.com/wp-content/mu-plugins/jetpack-12.8/css/jetpack.css?ver=12.8.2' media='all' /> <script type="text/javascript" src="https://www.csoonline.com/wp-includes/js/dist/hooks.min.js?m=1739294314g" ></script><script src="https://www.csoonline.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6" id="wp-i18n-js"></script> <script id="wp-i18n-js-after"> wp.i18n.setLocaleData( { 'text direction\u0004ltr': [ 'ltr' ] } ); </script> <script type="text/javascript" src="https://www.csoonline.com/wp-content/client-mu-plugins/idg-editions/dist/scripts/editions-front.js?m=1739768936g" ></script><script id="third-party-integrations-script-js-extra"> var IDG = {"settings":{"cmp":{"account":{"id":"146","base_endpoint":"https:\/\/cmpv2.csoonline.com","href":"https:\/\/www.csoonline.com","is_cp_multi_campaign_enabled":true},"gdpr":{"script":"https:\/\/cmpv2.csoonline.com\/unified\/wrapperMessagingWithoutDetection.js","privacy_manager_id":"1096030","property_id":"9219","privacy_manager_id_amp":"1096030","href_amp":"https:\/\/amp.csoonline.com"},"ccpa":{"script":"https:\/\/ccpa.sp-prod.net\/ccpa.js","origin":"https:\/\/ccpa-service.sp-prod.net","privacy_manager_id":"1096053","privacy_manager_uuid":"5dfa75f712068b42714ed7b8","property_id":"16073","href_amp":"https:\/\/ccpa.amp.csoonline.com"}},"gtm":{"account":{"id":"GTM-5JGZ3LH","amp_id":"","ua_number":"UA-300704-9"}},"gpt":{"consent":{"vendor_id":"5e74df5ff443bb795772df9c"},"config":{"prefix":"\/8456\/IDG.G_B2B_CSOOnline.com\/","threshold":"0.7","slots":[{"name":"gpt-leaderboard","template":"banner","disabled":false,"sticky_duration":"12","pos":"ATF1","size":"728x90","size_definitions":[{"breakpoint":"970","sizes":"728x90"},{"breakpoint":"728","sizes":"728x90"},{"breakpoint":"320","sizes":"300x50,320x50"}],"insert_after_p":"1"},{"name":"gpt-leaderboardmainbod","template":"article","disabled":false,"refresh_interval":"15","refresh_amount":"6","size":"300x50","pos":"BTF{{count}}","size_definitions":[{"breakpoint":"970","sizes":"970x250,728x90,300x250"},{"breakpoint":"728","sizes":"728x90,300x250"},{"breakpoint":"320","sizes":"300x50,320x50,300x250,300x240"}],"page_template":[{"custom_template":"Homepage","desktop":"3,10","mobile":"3,10","feed_v2_articlelisting":[{"feed_v2":"Feed-V2","desktop":"3,5,9","mobile":"3,5,9","block_name":"feed_v2"}]},{"custom_template":"Article","desktop":"3,6,9,12,15,18,21,24,27,30,33,36,40","mobile":"3,6,9,12,15,18,21,24,27,30,33,36,40","feed_v2_articlelisting":[{"feed_v2":"Feed-V2","desktop":"3,5,9","mobile":"3,5,9","block_name":"feed_v2"}]},{"custom_template":"Archive","desktop":"0","mobile":"0","feed_v2_articlelisting":[{"feed_v2":"Feed-V2","desktop":"3,5,9","mobile":"3,5,9","block_name":"feed_v2"}]}],"insert_after_p":"1"},{"name":"gpt-rightrail","template":"right_rail","disabled":false,"size":"120x600","section":"Sidebardfpatf{{count}}","pos":"BTF{{count}}","size_definitions":[{"breakpoint":"970","sizes":"300x250,300x600,160x600,120x600"},{"breakpoint":"728","sizes":""},{"breakpoint":"320","sizes":""}],"insert_after_p":"1"},{"name":"gpt-oc_ad_1","template":"oc_ad_1","disabled":false,"size":"7x7","pos":"ATF1","size_definitions":[{"breakpoint":"970","sizes":"7x7,1x2"},{"breakpoint":"728","sizes":"7x7"},{"breakpoint":"320","sizes":"7x7"}],"insert_after_p":"1"},{"name":"gpt-topimu","template":"topimu","disabled":false,"size":"300x50","pos":"ATF1","size_definitions":[{"breakpoint":"970","sizes":"300x250,300x600,160x600,120x600"},{"breakpoint":"728","sizes":""},{"breakpoint":"320","sizes":""}],"insert_after_p":"1"},{"name":"gpt-bottomleaderboard1","template":"bottomleaderboard1","disabled":false,"size":"300x50","pos":"BTF","size_definitions":[{"breakpoint":"970","sizes":"970x90,970x250,728x90"},{"breakpoint":"728","sizes":"728x90,468x60"},{"breakpoint":"320","sizes":"300x50,320x50"}],"insert_after_p":"1"},{"name":"gpt-bottomleaderboard2","template":"bottomleaderboard2","disabled":false,"size":"300x50","pos":"BTF","size_definitions":[{"breakpoint":"970","sizes":"970x90,970x250,728x90"},{"breakpoint":"728","sizes":"728x90,468x60"},{"breakpoint":"320","sizes":"300x50,320x50"}],"insert_after_p":"1"},{"name":"gpt-overlay","template":"overlay","disabled":false,"size":"640x480","pos":"gpt-overlay","size_definitions":[{"breakpoint":"970","sizes":"640x480"},{"breakpoint":"728","sizes":"640x480"},{"breakpoint":"320","sizes":""}],"insert_after_p":"1"},{"name":"gpt-skin","template":"skin","disabled":false,"size":"1x1","pos":"gpt-skin","size_definitions":[{"breakpoint":"970","sizes":"1x1"},{"breakpoint":"728","sizes":""},{"breakpoint":"320","sizes":""}],"insert_after_p":"1"},{"name":"gpt-inread","template":"inread","disabled":false,"size":"2x1","pos":"inread","size_definitions":[{"breakpoint":"970","sizes":"2x1"},{"breakpoint":"728","sizes":"2x1"},{"breakpoint":"320","sizes":"2x1"}],"insert_after_p":"1"}],"aps_pub_id":"0"}},"index_exchange":{"config":{"id":""}},"permutive":{"account":{"workspace_id":"f5b3be27-f789-4ef1-8867-37c67da5b361","api_key":"84c7e805-5ce9-41f4-b988-3529488bab1c"}},"outbrain":[],"nativo":{"config":{"script":"https:\/\/s.ntv.io\/serve\/load.js","page_template":[{"custom_template":"Homepage","desktop":"5,8,13","mobile":"5,8,13"},{"custom_template":"Article","desktop":"22,32,37","mobile":"22,32,37"},{"custom_template":"Archive","desktop":"3","mobile":"3"}],"relatedcontent":[{"related_content_block":"Related Content","desktop":"3","block_name":"related_content"}],"populartopic":[{"nativopopulartopic":"Popular Topics","desktop":"2","mobile":"2","block_name":"popular_topics"}],"herov2":[{"nativoherov2":"Hero V2","desktop":"2","mobile":"2","block_name":"hero_v2","variant":[{"variant_name":"Default","desktop":"3,5","mobile":"3,5","Variant_value":"default"},{"variant_name":"Card 4 By 4","desktop":"4","mobile":"4","Variant_value":"fourByFour"},{"variant_name":"Card Small 4 By 4","desktop":"4","mobile":"4","Variant_value":"oneByThree"}]}],"variouscontentlisting":[{"various_content_listing":"Various content listings","desktop":"3,5,9","mobile":"3,5,9","block_name":"various_content_listing"}]}},"newsletter_register_para_details":{"nrp_info":{"paracount":"0"}},"newsletter_subscribe_btn_redirect_url":[],"subscribers":{"config":{"id":"eedeabb0-9a59-4b6b-9df3-e55745819adf","script":"https:\/\/cdn.subscribers.com\/assets\/subscribers.js"}},"jw_player":{"config":{"insert_after_p":"4","insert_after_article":"","player_library_id":"8yHZorDV","amp_player_library_id":"euFYK9mW","floating_player_playlist_id":"wR2C0OJz","adscheduleid":"LxK3nuOJ","floating_player_adscheduleid":"LxK3nuOJ","description_url":"http:\/\/www.csoonline.com","sz":"640x480|640x360","ciu_szs":"300x250,728x90","amp_insert_after_p":"4","floating_player_delay":"5"}},"io_script":{"config":{"id":"q5tUUoVcbkVv","io_amp_id":"45619"}}},"GPT":{"ad_slot_name":"application-security_section","prefix":"\/8456\/IDG.G_B2B_CSOOnline.com\/","targeting":{"articleId":"568967","author":"lconstantin","browser":"Mozilla\/4.0(compatible;MSIE7.0;WindowsNT6.0;SLCC1;.NETCLR2.0.50727;.NETCLR3.0.04506;.NETCLR3.5.21022;.NETCLR1.0.3705;.NETCLR1.1.4322)","templateType":"article","categorySlugs":"cyberattacks,cybercrime,security,vulnerabilities,application-security","tags":"","categoryIds":"2151,2150,2144,2221,2145","env":null,"productId":"","goldenIds":"945,944,941,942,962","channel":"cyberattacks","fireplace":"false","type":"newsanalysis","typeId":"30","sponsored":"false","video-autoplay":"true","manufactuer":"hp","url":"https:\/\/www.csoonline.com\/article\/568967\/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html","zone":"news-analysis-article\/cyberattacks","wpsponsorshipId":""}},"geolocation":"SG","suppress_monetization":{},"supressBb2bRightrail":"","products":[],"vendor_pricing":{"amazon":[]},"APS":[],"isB2B":"1","isSingle":"1","isEuVisitor":""}; </script> <script id="third-party-integrations-script-js-before"> window.dataLayer = window.dataLayer || []; window.dataLayer.push({"adBlockerEnabled":true,"arenaId":"","audience":"enterprise","ccpaOptedOut":"false","environment":"wp_production","sessionNumber":"@TODO","firstSessionDate":"@TODO","lastSessionDate":"@TODO","timestamp":1739786919,"url":"https:\/\/www.csoonline.com\/article\/568967\/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html","triblioPixelCode":"","prodIds":"","prodCategories":"","prodManufacturers":"","prodNames":"","prodVendors":"","categories":"cyberattacks, cybercrime, security, vulnerabilities, application security","categoryIds":"2151, 2150, 2144, 2221, 2145","categoriesSlugs":"cyberattacks, cybercrime, security, vulnerabilities, application-security","channel":"cyberattacks","primaryCategory":"cyberattacks","primaryAncestorCategoryList":"cyberattacks, cybercrime, security","primaryAncestorCategoryListSlugs":"cyberattacks, cybercrime, security","ancestorGoldenCategories":"cyberattacks, cybercrime, security, vulnerabilities, application-security","goldenTaxonomyIdPrimary":"945","gtaxPrimaryIdsList":"945, 944, 941","gtaxPrimarySlugsList":"cyberattacks, cybercrime, security","gtaxIdList":"945, 944, 941, 942, 962","gtaxList":"cyberattacks, cybercrime, security, vulnerabilities, application security","bcGtaxIdList":[945,944,941,942,962],"bcGtaxList":["cyberattacks","cybercrime","security","vulnerabilities","application security"],"language":"English","author":"lconstantin","translation":"no","translationOriginalArticleId":"","translationOriginalPublication":"","translationOriginalLanguage":"","translationOriginalBrand":"","articleId":"568967","articleTitle":"APIs are becoming a major target for credential stuffing attacks","articleType":"default","isBlog":"false","blogname":"","blogId":"","brandpost":"false","content_type":"News Analysis","datePublished":"2020-02-19","dateUpdate":"2020-02-19","dateTimePublished":"2020-02-19T06:24:00-05:00","dateTimeUpdate":"2020-02-19T06:24:00-05:00","dateFirstPublished":false,"dateFirstTimePublished":false,"daysSincePublished":"","daysSinceUpdated":"1825","description":"New research shows that attackers use APIs to automate credential stuffing attacks. The financial sector is particularly vulnerable.","displayType":"article","fireplace":"false","pageNumber":"1","page_type":"article","platform":"web","podcastSponsored":"false","property":"cso online","source":"csoonline","sponsorName":"","sponsorshipId":"","tags":[],"legacyCmsId":"3527858","edition":"asean","articleLocale":"global","isInsiderContent":"false","insiderSignedIn":"true","adSuppression":"false","BCUID":"","legacyCmsName":"Onecms","idgAppID":{"SITE_TYPE":[{"type":"delivery","site":"csoonline.com","sourcecms":"onecms","connectedhub":"b2b","staff":"CSO Staff","brand":"CSO"}],"IDG_APP_ID":6902}}); // GDPR Stub function _typeof(t){return(_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}!function(){for(var t,e,o=[],n=window,r=n;r;){try{if(r.frames.__tcfapiLocator){t=r;break}}catch(t){}if(r===n.top)break;r=n.parent}t||(function t(){var e=n.document,o=!!n.frames.__tcfapiLocator;if(!o)if(e.body){var r=e.createElement("iframe");r.style.cssText="display:none",r.name="__tcfapiLocator",e.body.appendChild(r)}else setTimeout(t,5);return!o}(),n.__tcfapi=function(){for(var t=arguments.length,n=new Array(t),r=0;r<t;r++)n[r]=arguments[r];if(!n.length)return o;"setGdprApplies"===n[0]?n.length>3&&2===parseInt(n[1],10)&&"boolean"==typeof n[3]&&(e=n[3],"function"==typeof n[2]&&n[2]("set",!0)):"ping"===n[0]?"function"==typeof n[2]&&n[2]({gdprApplies:e,cmpLoaded:!1,cmpStatus:"stub"}):o.push(n)},n.addEventListener("message",(function(t){var e="string"==typeof t.data,o={};if(e)try{o=JSON.parse(t.data)}catch(t){}else o=t.data;var n="object"===_typeof(o)?o.__tcfapiCall:null;n&&window.__tcfapi(n.command,n.version,(function(o,r){var a={__tcfapiReturn:{returnValue:o,success:r,callId:n.callId}};t&&t.source&&t.source.postMessage&&t.source.postMessage(e?JSON.stringify(a):a,"*")}),n.parameter)}),!1))}(); window.__gpp_addFrame=function(e){if(!window.frames[e])if(document.body){var t=document.createElement("iframe");t.style.cssText="display:none",t.name=e,document.body.appendChild(t)}else window.setTimeout(window.__gpp_addFrame,10,e)},window.__gpp_stub=function(){var e=arguments;if(__gpp.queue=__gpp.queue||[],__gpp.events=__gpp.events||[],!e.length||1==e.length&&"queue"==e[0])return __gpp.queue;if(1==e.length&&"events"==e[0])return __gpp.events;var t=e[0],p=e.length>1?e[1]:null,s=e.length>2?e[2]:null;if("ping"===t)p({gppVersion:"1.1",cmpStatus:"stub",cmpDisplayStatus:"hidden",signalStatus:"not ready",supportedAPIs:["2:tcfeuv2","5:tcfcav1","6:uspv1","7:usnatv1","8:uscav1","9:usvav1","10:uscov1","11:usutv1","12:usctv1"],cmpId:0,sectionList:[],applicableSections:[],gppString:"",parsedSections:{}},!0);else if("addEventListener"===t){"lastId"in __gpp||(__gpp.lastId=0),__gpp.lastId++;var n=__gpp.lastId;__gpp.events.push({id:n,callback:p,parameter:s}),p({eventName:"listenerRegistered",listenerId:n,data:!0,pingData:{gppVersion:"1.1",cmpStatus:"stub",cmpDisplayStatus:"hidden",signalStatus:"not ready",supportedAPIs:["2:tcfeuv2","5:tcfcav1","6:uspv1","7:usnatv1","8:uscav1","9:usvav1","10:uscov1","11:usutv1","12:usctv1"],cmpId:0,sectionList:[],applicableSections:[],gppString:"",parsedSections:{}}},!0)}else if("removeEventListener"===t){for(var a=!1,i=0;i<__gpp.events.length;i++)if(__gpp.events[i].id==s){__gpp.events.splice(i,1),a=!0;break}p({eventName:"listenerRemoved",listenerId:s,data:a,pingData:{gppVersion:"1.1",cmpStatus:"stub",cmpDisplayStatus:"hidden",signalStatus:"not ready",supportedAPIs:["2:tcfeuv2","5:tcfcav1","6:uspv1","7:usnatv1","8:uscav1","9:usvav1","10:uscov1","11:usutv1","12:usctv1"],cmpId:0,sectionList:[],applicableSections:[],gppString:"",parsedSections:{}}},!0)}else"hasSection"===t?p(!1,!0):"getSection"===t||"getField"===t?p(null,!0):__gpp.queue.push([].slice.apply(e))},window.__gpp_msghandler=function(e){var t="string"==typeof e.data;try{var p=t?JSON.parse(e.data):e.data}catch(e){p=null}if("object"==typeof p&&null!==p&&"__gppCall"in p){var s=p.__gppCall;window.__gpp(s.command,(function(p,n){var a={__gppReturn:{returnValue:p,success:n,callId:s.callId}};e.source.postMessage(t?JSON.stringify(a):a,"*")}),"parameter"in s?s.parameter:null,"version"in s?s.version:"1.1")}},"__gpp"in window&&"function"==typeof window.__gpp||(window.__gpp=window.__gpp_stub,window.addEventListener("message",window.__gpp_msghandler,!1),window.__gpp_addFrame("__gppLocator")); // CCPA Stub (function () { var e = false; var c = window; var t = document; function r() { if (!c.frames["__uspapiLocator"]) { if (t.body) { var a = t.body; var e = t.createElement("iframe"); e.style.cssText = "display:none"; e.name = "__uspapiLocator"; a.appendChild(e) } else { setTimeout(r, 5) } } } r(); function p() { var a = arguments; __uspapi.a = __uspapi.a || []; if (!a.length) { return __uspapi.a } else if (a[0] === "ping") { a[2]({ gdprAppliesGlobally: e, cmpLoaded: false }, true) } else { __uspapi.a.push([].slice.apply(a)) } } function l(t) { var r = typeof t.data === "string"; try { var a = r ? JSON.parse(t.data) : t.data; if (a.__cmpCall) { var n = a.__cmpCall; c.__uspapi(n.command, n.parameter, function (a, e) { var c = { __cmpReturn: { returnValue: a, success: e, callId: n.callId } }; t.source.postMessage(r ? JSON.stringify(c) : c, "*") }) } } catch (a) { } } if (typeof __uspapi !== "function") { c.__uspapi = p; __uspapi.msgHandler = l; c.addEventListener("message", l, false) } })(); // Google Tag Manager (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-5JGZ3LH'); // Permutive Stub !function(n,e,i){if(!n){n=n||{},window.permutive=n,n.q=[],n.config={}||{},n.config.apiKey=e,n.config.environment=n.config.environment||"production";for(var o=["addon","identify","track","trigger","query","segment","segments","ready","on","once","user","consent"],r=0;r<o.length;r++){var t=o[r];n[t]=function(e){return function(){var i=Array.prototype.slice.call(arguments,0);n.q.push({functionName:e,arguments:i})}}(t)}}}( window.permutive, '84c7e805-5ce9-41f4-b988-3529488bab1c' ); window.googletag=window.googletag||{},window.googletag.cmd=window.googletag.cmd||[],window.googletag.cmd.push(function(){if(0===window.googletag.pubads().getTargeting("permutive").length){var g=window.localStorage.getItem("_pdfps");window.googletag.pubads().setTargeting("permutive",g?JSON.parse(g):[])}}); let categorySlug = 'cyberattacks'; const stripOutIllegal = s => s.replace(/[~'"=!+#;^()<>&[]]/g,''); window.ntvConfig = window.ntvConfig || {} ; window.ntvConfig.keyValues = window.ntvConfig.keyValues || {}; const segs = localStorage.getItem('_pnativo'); if (segs) { window.ntvConfig.keyValues.permutive = JSON.parse(segs).join(","); } const metaKeywordsTag = document.querySelector("meta[name='keywords']"); if ( metaKeywordsTag && (metaKeywordsTag.hasAttribute('content')) ) { const kwds = metaKeywordsTag.content.split(',').filter(kw => kw.length <= 40); window.ntvConfig.keyValues.contextual = stripOutIllegal(kwds.join(',')); } [categorySlug].forEach(function(val) { if (val.length !== 0) { window.ntvConfig.keyValues.channel = stripOutIllegal(val); } }); if (typeof(window.ntvConfig.keyValues.channel) === "undefined") { window.ntvConfig.keyValues.channel = ""; } const DoSomething = () => { const boxes = document.querySelectorAll('.nativo-loading'); boxes.forEach(box => { box.classList.remove('nativo-loading'); }); } var ntv=ntv||{};ntv.cmd=ntv.cmd||[]; // setup command queue ntv.cmd.push(function(){ setTimeout(DoSomething, 1000) }); </script> <script> window._io_config = window?._io_config || {}; window._io_config["0.2.0"] = window?._io_config["0.2.0"] || []; window._io_config["0.2.0"].push({"page_url":"https:\/\/www.csoonline.com\/article\/568967\/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html","page_url_canonical":"https:\/\/www.csoonline.com\/article\/568967\/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html","page_title":"APIs are becoming a major target for credential stuffing attacks | CSO Online","page_type":"article","page_language":"en","article_authors":["lconstantin"],"article_type":"News Analysis","article_publication_date":"Wed, 19 Feb 2020 6:24:00 EST"}); </script> <script src="https://www.csoonline.com/wp-content/client-mu-plugins/idg-third-party/dist/scripts/index.js?ver=1739768936" id="third-party-integrations-script-js"></script> <script type="text/javascript" src="https://www.csoonline.com/_static/??-eJydzFEKgzAMANALLQtD0PVjeJbaFJfSdiGJSG+vZ9jX+3t4CqRf99wdU+UbaAdIPXbuhkw7+JeVQKL6QGJztKQsblhOqXFkfRZ74P+NaN6YIJLd0do+r2UKy/wO01wuaKc58A==" ></script><script async src="https://cdn.onthe.io/io.js/q5tUUoVcbkVv?ver=1" id="io_script_code-js"></script> <script type="text/javascript" src="https://www.csoonline.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraG5saWRpYmxoUkWAK+cIiM=" ></script><script src="https://cdnjs.cloudflare.com/ajax/libs/jquery.colorbox/1.6.4/jquery.colorbox-min.js?ver=1.6.4" id="idg-legacy-colorbox-script-js"></script> <script type="text/javascript" src="https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/dist/scripts/custom-multiselect.js?m=1739768936g" ></script><link rel="alternate" type="text/html" media="only screen and (max-width: 640px)" href="https://www.csoonline.com/article/568967/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html/amp/"> <style>img#wpstats{display:none}</style> <script type="application/ld+json">[{"@context":"https:\/\/schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.csoonline.com\/asean\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.csoonline.com\/asean\/security\/"},{"@type":"ListItem","position":3,"name":"APIs are becoming a major target for credential stuffing attacks","item":""}]},{"@context":"https:\/\/schema.org","@type":"Article","url":"https:\/\/www.csoonline.com\/article\/568967\/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html","publisher":{"@type":"Organization","name":"CSO Online","url":"https:\/\/www.csoonline.com","logo":{"@type":"ImageObject"}},"author":{"@type":"Person","name":"lconstantin","jobTitle":"CSO Senior Writer","url":"https:\/\/www.csoonline.com\/profile\/lucian-constantin\/"},"name":"APIs are becoming a major target for credential stuffing attacks","headline":"APIs are becoming a major target for credential stuffing attacks","articleBody":"New data from security and content delivery company Akamai shows that one in every five attempts to gain unauthorized access to user accounts is now done through application programming interfaces (APIs) instead of user-facing login pages. This trend is even more pronounced in the financial services industry where the use of APIs is widespread and in part fueled by regulatory requirements.According to a report released today, between December 2017 and November 2019, Akamai observed 85.4 billion credential abuse attacks against companies worldwide that use its services. Of those attacks, around 16.5 billion, or nearly 20%, targeted hostnames that were clearly identified as API endpoints. However, in the financial industry, the percentage of attacks that targeted APIs rose sharply between May and September 2019, at times reaching 75%.\"API usage and widespread adoption have enabled criminals to automate their attacks,\" the company said in its report. \"This is why the volume of credential stuffing incidents has continued to grow year over year, and why such attacks remain a steady and constant risk across all market segments.\"The credential stuffing problemCredential stuffing, a type of brute-force attack where criminals use lists of leaked username and password combinations to gain access to accounts, has become a major problem in recent years. This is a consequence of the large number of data breaches over the past decade that have resulted in billions of stolen credentials being released publicly on the internet or sold on underground markets as commodities.Knowing that users reuse passwords across various websites, attackers have used the credentials exposed in data breaches to build so-called combo lists. These lists of username and password combinations are then loaded into botnets or automated tools and are used to flood websites with login requests in an attempt to gain access.However, once access is gained, extracting information from the affected services by crawling the customer pages requires some effort and customization, whereas requesting and extracting information through APIs is standardized and well suited for automation. After all, the very purpose of an API is to facilitate applications talking to each other and exchanging data automatically.\"When it comes to credential stuffing, the APIs we\u2019re examining use REST [representational state transfer] and SOAP [Simple Object Access Protocol] to access resources,\" the Akamai researchers said. \"This includes account summary pages with personal information, account records, and balances, as well as other tools or services within the platform. While they\u2019re not directly comparable, both REST and SOAP are essentially methods of communication between applications. REST can be implemented in different ways, depending on the project. SOAP is a standard for data exchange.\"The financial industry under attackWhile APIs have always been around, inside operating systems and other places, web API usage has seen a huge growth over the past decade. This has been in part fueled by the mobile ecosystem because mobile apps talk to back-end services through APIs. It\u2019s also driven by the adoption of cloud infrastructure and the shift towards a service-oriented architecture where traditional self-sufficient monolithic apps are being replaced by containerized microservices that handle individual functionalities and talk to each other through APIs.The innovation in the financial technology -- fintech -- space has also put pressure on financial institutions to make their customer data and services available through APIs. In fact, the revised Payments Services Directive (PSD2) that went into effect in the European Union (EU) in September was designed to push the concept and principles of open banking.PSD2 requires banks and other financial institutions that hold customer accounts to make it possible for third-party services to check the availability of funds, initiate payments or access account data if the account owners give their consent. The most common way of complying with that request is through the development of web APIs and most banks started implementing such APIs well in advance of PSD2's deadline.Even if no similar regulatory requirements exist in non-EU countries, market forces are pushing financial institutions in the same direction since they need to innovate and keep up with the competition. Security experts have long expressed concerns that implementation errors in banking APIs and the lack of a common development standard could increase the risk of data breaches.On top of widespread API adoption, the data available to financial industry services has always been of high interest to cybercriminals who can monetize it in various ways. Financial data is more valuable than information that could be extracted from other types of services, so it makes financial industry APIs a more attractive target.\"Criminals are still buying, selling and trading bank cards, financial credentials, compromised gift card balances, and online banking accounts at a rapid clip, because demand for such things remains high,\" the Akamai researchers said. \"Some compromised assets are being exchanged for cash, while others are being exchanged for more product in a direct swap between criminals, such as someone who trades valid banking accounts with balances for credit card accounts in Europe.\"In addition to credential stuffing and API abuse, criminals also try other types of attacks to get access to financial data. Over the analyzed 24-month period, Akamai observed 473 million credential stuffing attacks against the financial sector, but also 662 million other web application attacks. The top type of web application attack against the financial services sector was local file inclusion (LFI), with 47%, followed by SQL injection (SQLi) with 36%, and cross-site scripting (XSS) with 7.7%. Other observed attack types included PHP injection, command injection, remote file inclusion, OGNL Injection and malicious file uploads.LFI attacks target script files written in various web programming languages, primarily PHP, but also ASP, JSP and others, and they often result in the disclosure of sensitive information.Lack of API protectionsThe Akamai researchers identified several problems with API development that makes it easier for attackers to abuse them. For example, some APIs don't have rate limiting for authentication attempts, which allows hackers to perform tens of thousands of password guesses every minute. Throttling authentication requests is good practice, but this alone is not a complete defense against credential stuffing attacks, because attackers can configure their scripts to perform requests at a lower rate and avoid getting blocked.Another issue is with the error responses given by APIs for failed login attempts. This can often leak information about whether a username exists on the service or not and criminals take advantage of this to validate, tweak and sort their credential lists making their future attacks harder to detect because the triggered error rates will be lower.\"It isn\u2019t just financial services; everyone is being targeted by criminals who use and abuse stolen credentials to fuel their criminal enterprises,\" the Akamai researchers said. \"One of the tools to fight this continued assault is zero trust. As adoption of this framework spreads, it will become more difficult for criminals to use passive attacks, like credential stuffing, to gain a foothold on a given network. It will be harder for them to leverage phishing or custom command and control servers, since DNS can be blocked at the source.\"","wordCount":1172,"image":["https:\/\/www.csoonline.com\/wp-content\/uploads\/2023\/06\/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?quality=50&strip=all"],"datePublished":"2020-02-19T06:24:00-05:00","dateModified":"2020-02-19T06:24:00-05:00","keywords":"Cyberattacks,Vulnerabilities,Security,Application Security","mainEntityOfPage":"https:\/\/www.csoonline.com\/article\/568967\/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html"}]</script> <style> :root { --nativo-loader-color: #424a45; --sponsored-links--border-bottom-color: #9d9490; --sponsored-container--background-color: #fff } </style> <link rel="shortcut icon" href="https://www.csoonline.com/wp-content/themes/cso-b2b-child-theme/src/static/img/favicon.ico" type="image/x-icon"/> <style> :root { /*Host Speaker Profile*/ --host-speaker-profile-heading-color: #141414; --host-speaker-profile-heading-font-family: inherit; --host-speaker-profile-title-description-font-family: inherit; --host-speaker-title-color: #808080; --host-speaker-description-color: #141414; --host-speaker-label-color: #AAA; --host-speaker-remove-link-color: #c30e0e; --host-speaker-horizontal-line-color: #DEDEDE; --host-speaker-company-name-font-color: #75757A; /* Agenda Block */ --agenda-heading-event-name-color: #141414; --agenda-heading-font-family: inherit; --agenda-event-name-font-family: inherit; --agenda-horizontal-block-divider-color: #dedede; --agenda-event-month-day-date-color: #322a2a; --agenda-event-month-date-color: #969696; --agenda-start-end-time-color: #75757a; --agenda-error-msg-color: #FF0000; --agenda-day-time-text-shadow-color: #808080; --agenda-note-text-color: #808080; --agenda-label-text-color: #111; --agenda-multi-day-button-background-color: #000; --agenda-multi-day-button-text-color: #fff; --agenda-heading-label-color: #AAA; --agenda-details-link-color: #327F7C; --agenda-block-mobile-background-color: #f5f5f5; /*event content block */ --event-register-btn-bg-color: #ed1b24; --event-register-btn-color: #fff; --event-share-icons-color: white; --event-share-icons-color-fb: #3b5998; --event-share-icons-color-twitter: #00acee; --event-share-icons-color-linkedin: #2867b2; --event-description-top-border: #d8dad8; --event-details-label-color: #B30000; --event-details-text-color: #141414; --event-logo-label: inherit, sans-serif; --event-description-text-color: #322a2a; --who-should-attend-heading: inherit; --who-should-attend-text: inherit, sans-serif; /* Event Index Page */ --border-color: #75757a; --filter-background-color: #F6F6F6; --base-font-color: #322a2a; --index-more-events-title-color: #141414; --myraid-font-family: inherit; --myriad-regular: 400; --myriad-bold: 700; --base--global-white-color: #fff; --base--global-black-color: #000; --index-events-title-font-hover-color: #B30000; /* Image Credit */ --image-credit-font-color: #555; --image-credit-text: "Credit: "; --event-hero-block-heading-color: #fff;--event-hero-dynamic-background-image: none; } </style> <style> :root { /* FAQ*/ --faq-heading-seprator-color: #d8d8d8; --faq-input-box-border-color: #757575; --faq-remove-link-color: #c30e0e; --faq-heading-color: #141414; --faq-heading-font-family: inherit; --faq-title-description-font-family: inherit; --faq-label-color: #AAA; --faq-company-name-font-color: #75757A; --faq-horizontal-line-color: #DEDEDE; --faq-head-title--font-family: "graphik", sans-serif; } </style> <style> :root { --nav-menu-error: #b32d2e; --promo-unit-hr: #d55d5d; --promo-unit-title-after: #d04949; --promo-unit-title: #322a2a; --promo-unit-before-one: #e42e22; --promo-unit-before-two: #f3f5f6; --promo-unit-item-bg: #000; /* Deals Collection Block */ --deal-collection-productIndex-border-color: #12C7F1; --deal-collection-deal-header-color: #000; --deal-collection-deal--view-button--background-color: #21873A; --deal-collection-deal-price-color: #CD0912; --site-primary: #3399cc; --view-button--green: #3e873a; /* Jobs Collection Block */ --job-collection-productIndex-border-color: #12C7F1; --job-collection-job-header-color: #000; --job-collection-job--view-button--background-color: #21873A; --job-collection-job-price-color: #CD0912; /* Publication list pop-up pn edit edition page */ --publication-list-container-bg: rgba(255, 255, 255, 1); --publication-list-container-border: #111; --publication-list-container-bs: #222; --publication-list-bg:rgba(100, 100, 100, .6); --publication-list-popup-header-border: #ddd; --publication-list-popup-header-bg: #e9e9e9; /*Lineup Element*/ --lineup-element-error-font-color: #cd423b; --lineup-element-disabled-button-background-color: #ddd; --lineup-element-disabled-button-font-color: #eee; --lineup-element-button-tooltip-background-color: #757575; --lineup-element-button-tooltip-font-color: #fff; --lineup-element-note-font-color: #757575; --lineup-element-button-disabled: hsla(0,0%,100%,.4); /* LineUp Popover.*/ --lineup-popover-a-color: white; --lineup-popover-err-color: red; --lineup-popover-th-color: #d4d4d4; --lineup-popover-tr-color: #f2f2f2; --lineup-popover-paginate-a-active-color: #ddd; --lineup-popover-paginate-a-non-active-color: #006ba1; /* Slotting settings */ --slotting-settings-taxonomy-help-text-color: #808080; /* Author section top */ --sponsorship-brandpost-divider-line-color: #D8D8D8; /* Author Archive Page */ --author-archive-title: rgba(0, 0, 0, .87); --author-job-title: #000; --author-share-icons-divider-color: #D8D8D8; --author-share-icon-fill-color: #111; /* Sponsors index Page */ --sponsored-index-page-slug-background-color: #eee; --sponsorship-brandpost--title: 28px; --sponsorship-title--line-height: 32px; --uppercase-text: uppercase; --sponsor-eyebrow--font-color: #75757A; --sponsor-tooltip-learn-more--font-color: #111111; --sponsorship-brandpost--title-color: #111111; /* How to - at a glance block */ --how-to-at-glance-text-font-family: "canada-type-gibson", sans-serif; --how-to--step-heading--font-family: "regis", serif; --how-to--step-border--divider-color: #B6AEAA; --how-to--at-a-glance--background-color: #E6DCD5; /* Sponsorship Header. */ --sponsorship-header--font-color: #4d4d4d; /* fonts */ --fira-sans-semibold: 700; /* responsive table gradient */ --core-table--gradient--border-color: #C5C5C5; --core-table--gradient--alpha--border-color: #faf6f445; /* headings */ --heading-three: 24px; --heading-four: 20px; --heading-three-line-height: 30px; /* Insider Popover.*/ --insider-popover-background-color: white; --insider-popover-box-shadow-color: rgba(0, 0, 0, .31); --insider-popover-help-text-color: #4a4a4a; --insiderPopover-link-color: #322a2a; --insider-popover-signing-button-text-color: white; --insider-popover-signin-button-background: #4a3d3d; --insider-popover-signout-button-background: #b43017; --insiderPopover-welcome-font-color: #141414; /* Listing Button */ --insider-listing-primary-button-background : #4e4242; --insiderPopover-link-hover-color:#3c807c; --mercury-form--insider-color: #6eae00; } </style> <meta name="displaytype" content="article" /> <meta name="source" content="https://www.csoonline.com/article/568967/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html" /> <link rel="canonical" href="https://www.csoonline.com/article/568967/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html" /> <meta name="date" content="February 19, 2020" /> <meta property="og:type" content="article" /> <meta property="og:url" content="https://www.csoonline.com/article/568967/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html" /> <meta property="og:site_name" content="CSO Online" /> <meta property="og:title" content="APIs are becoming a major target for credential stuffing attacks" /> <meta property="og:description" content="New research shows that attackers use APIs to automate credential stuffing attacks. The financial sector is particularly vulnerable." /> <meta property="og:image" content="https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?quality=50&strip=all&w=1024" /> <meta property="og:image:width" content="1024" /> <meta property="og:image:height" content="683" /> <meta property="twitter:card" content="summary_large_image" /> <meta property="twitter:url" content="https://www.csoonline.com/article/568967/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html" /> <meta property="twitter:site" content="CSO Online" /> <meta property="twitter:title" content="APIs are becoming a major target for credential stuffing attacks" /> <meta property="twitter:description" content="New research shows that attackers use APIs to automate credential stuffing attacks. The financial sector is particularly vulnerable." /> <meta property="twitter:image" content="https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?quality=50&strip=all&w=1024" /> <meta name="description" content="New research shows that attackers use APIs to automate credential stuffing attacks. The financial sector is particularly vulnerable." /> <link rel="icon" href="https://www.csoonline.com/wp-content/uploads/2023/06/cropped-CSO-favicon-1-1.png?w=32" sizes="32x32" /> <link rel="icon" href="https://www.csoonline.com/wp-content/uploads/2023/06/cropped-CSO-favicon-1-1.png?w=192" sizes="192x192" /> <link rel="apple-touch-icon" href="https://www.csoonline.com/wp-content/uploads/2023/06/cropped-CSO-favicon-1-1.png?w=180" /> <meta name="msapplication-TileImage" content="https://www.csoonline.com/wp-content/uploads/2023/06/cropped-CSO-favicon-1-1.png?w=270" /> </head> <body class="post-template-default single single-post postid-568967 single-format-standard static-header theme-cso"> <div class="advert"> <div class="container advert__container"> <div class="advert__content"><div class="ad page-ad ad-oc_ad_1 tophat-ad" data-ad-template="oc_ad_1" data-ofp="false"></div></div></div></div> <div id="page" class="site"> <header class="header header--bg-cso-gray"> <div id="primaryNav" class="container header__container"> <div class="header__logo-container"> <a href="https://www.csoonline.com/asean/" aria-label="Home page"> <svg width="101" height="55" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 199 108"><defs><style>.cls-1{fill:none;}</style></defs><g id="Layer_2" data-name="Layer 2"><g id="Layer_1-2" data-name="Layer 1"><rect class="cls-1" width="199" height="108"/> <path d="M37,94c13.77,0,24.19-7.36,30.13-21.28L67.93,71,62,67.7,61.1,70C57,80.88,50.22,86,39.7,86,26.13,86,16.11,74,15.13,57.18c-.05-.89-.09-1.79-.09-2.7,0-22.84,9.87-33.06,19.66-33.06,15.19,0,21.77,13.71,24.34,21.9l.47,1.48h5.1v-.06L64.12,14.4H58.7L56,19.76A30.2,30.2,0,0,0,39.49,14.4C17.79,14.4.79,32.19.79,54.9c0,1,.06,2,.11,2.93.53,10.22,3.82,19,9.66,25.34C17,90.27,26.2,94,37,94"/><path d="M75.71,93.5,78.81,88A33,33,0,0,0,96.9,93.71c11.07,0,22.8-7.95,23.43-22.69,0-.41.06-.81.06-1.23,0-12.6-7.16-17-16.52-21.48-2.29-1.12-4.35-2-6.34-2.84-2.64-1.12-5.14-2.18-8.25-3.82-4.79-2.56-6.92-5.07-7.5-9.12a17.58,17.58,0,0,1-.19-2.61c0-5.32,4.19-9,10.2-9,9.71,0,15.16,5.52,20.1,20.34l.48,1.46h5.3l-.62-28.28h-5.14l-3,5.46C104.58,17,98.45,14.4,92.64,14.4,80.69,14.4,72,23.21,72,35.34c0,.84.07,1.61.13,2.39.65,8.48,4.81,14.13,13.33,18,5,2.3,7.46,3.34,10.89,4.79l4.79,2C106.92,65.06,110,69.34,110,75c0,.57-.07,1.09-.12,1.63-.6,6.82-5,10.59-12.53,10.59-10.08,0-16.44-6-21.92-20.83L74.88,65H69.72l.87,28.34v.16Z"/><path d="M159.94,20.35c14.82,0,24,12.83,24,33.49,0,.27,0,.52,0,.79-.22,20.68-9.15,33-24,33a20.87,20.87,0,0,1-17.72-9.11c-3.69-5.2-5.8-12.26-6.22-20.52-.05-1-.09-2-.09-3,0-21.7,9-34.66,24-34.66M159.51,94c10.88,0,20.12-3.72,27.44-11s11-16.53,11.21-28.16c0-.44.05-.85.05-1.3,0-10.77-4-21.41-10.3-27.76-8.14-8-17-11.79-28-11.79a37.59,37.59,0,0,0-27,11.16h0c-7.46,7.58-11.25,17.57-11.25,29.67,0,.9.07,1.77.12,2.65a37.58,37.58,0,0,0,11.48,25.77A37.15,37.15,0,0,0,159.51,94"/></g></g> </svg> </a> </div> <nav class="header__nav"> <div class="header__nav-left"> <ol class="header__nav-items"> <li class="header__nav-item"> <button class="header__nav-link" type="button" aria-label="Open topics menu" data-menu-trigger="topics"> <span> <i class="icon-layer-group"> <svg><use xlink:href="#icon-layer-group"></use></svg> </i> Topics </span> </button> </li> <li class='header__nav-item'><a class='header__nav-link' href='https://www.csoonline.com/asean/artificial-intelligence/'>Spotlight: Prioritizing your AI investments</a></li><li class='header__nav-item'><a class='header__nav-link' href='https://www.csoonline.com/asean/events/'>Events</a></li><li class='header__nav-item'><a class='header__nav-link' href='https://www.csoonline.com/asean/newsletters/signup/'>Newsletters</a></li><li class='header__nav-item'><a class='header__nav-link' href='https://asean.resources.csoonline.com/'>Resources</a></li><li class='header__nav-item'><a class='header__nav-link' href='https://www.csoonline.com/asean/community/'>Community</a></li> </ol> </div>  <div class="header__nav-right"> <button class="header__icon-button" type="button" aria-label="Open location menu" data-menu-trigger="location" > <svg class="icon icon--lg" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" > <use xlink:href="#icon-globe"></use> </svg> </button> <button class="header__icon-button" type="button" aria-label="Open search" data-menu-trigger="search" > <svg class="icon icon--lg" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" > <use xlink:href="#icon-magnifying-glass"></use> </svg> </button> <button class="header__main-menu-button header__main-menu-button--mobile" type="button" aria-label="Open main menu" data-menu-trigger="main-mobile"> <svg class="icon icon--lg" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-circle-bars"></use> </svg> </button> <button class="header__main-menu-button" type="button" aria-label="Open main menu" data-menu-trigger="main"> <svg class="icon icon--lg" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-circle-bars"></use> </svg> </button> </div>  <div class="header__menu" data-menu="main"> <div class="container container--no-padding header__menu-container"> <button class="header__menu-close-main-button" type="button" aria-label="Close main menu" data-menu-close="main"> <svg class="icon icon--lg" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-circle-xmark"></use> </svg> </button> <div class="container grid header__menu-content"><div class="col-12 col-3@lg"><h2 class="header__menu-title header__menu-title--large">About</h2><ul class="header__menu-items"><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/about-us/">About Us</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://foundryco.com/our-brands/cso/">Advertise</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/contact-us/">Contact Us</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://foundryco.com/work-here/">Foundry Careers</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/contact-us/#republication-permissions">Reprints</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/newsletters/signup/">Newsletters</a></li></ul></div><div class="col-12 col-3@lg"><h2 class="header__menu-title header__menu-title--large">Policies</h2><ul class="header__menu-items"><li class="header__menu-item"><a class="header__menu-link" href="https://foundryco.com/terms-of-service-agreement/">Terms of Service</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/privacy-policy/">Privacy Policy</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/cookie-policy/">Cookie Policy</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/member-preferences/">Member Preferences</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/about-adchoices/">About AdChoices</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/affiliates/">E-commerce Links</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/your-california-privacy-rights/">Your California Privacy Rights</a></li></ul></div><div class="col-12 col-3@lg"><h2 class="header__menu-title header__menu-title--large">Our Network</h2><ul class="header__menu-items"><li class="header__menu-item"><a class="header__menu-link" href="https://www.cio.com/">CIO</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.computerworld.com/">Computerworld</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.infoworld.com/">InfoWorld</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.networkworld.com">Network World</a></li></ul></div><div class="col-12 col-3@lg"><h2 class="header__menu-title header__menu-title--large">More</h2><ul class="header__menu-items"><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/awards/">Awards</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/blogs/">Blogs</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/brandposts/">BrandPosts</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/events/">Events</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/podcasts/">Podcasts</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/videos/">Videos</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/enterprise-buyers-guide/">Enterprise Buyer鈥檚 Guides</a></li></div> </div> </div> </nav> </div> <div class="header__menu" data-menu="topics"> <div class="container container--no-padding header__menu-container"> <div class="container grid header__menu-content"> <div class="header__menu-close-button"> <button class="button button--quaternary" type="button" data-menu-close="topics" aria-label="Close topics menu"> <span>Close</span> <span> <svg class="icon" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-circle-xmark"></use> </svg> </span> </button> </div> <div class='col-12 col-6@lg'> <ul class='header__menu-items header__menu-items--large'><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/artificial-intelligence/'>Artificial Intelligence</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/generative-ai/'>Generative AI</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/business-operations/'>Business Operations</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/careers/'>Careers</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/industry/'>Industry</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/it-leadership/'>IT Leadership</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/compliance/'>Compliance</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/security/'>Security</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/application-security/'>Application Security</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/business-continuity/'>Business Continuity</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/cloud-security/'>Cloud Security</a></li></ul></div><div class='col-12 col-6@lg'> <ul class='header__menu-items header__menu-items--large'><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/critical-infrastructure/'>Critical Infrastructure</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/cybercrime/'>Cybercrime</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/identity-and-access-management/'>Identity and Access Management</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/network-security/'>Network Security</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/physical-security/'>Physical Security</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/privacy/'>Privacy</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/risk-management/'>Risk Management</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/security-infrastructure/'>Security Infrastructure</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/vulnerabilities/'>Vulnerabilities</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/software-development/'>Software Development</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/enterprise-buyers-guide/'>Enterprise Buyer鈥檚 Guides</a></li></ul></div> </div> </div> </div> <div class="header__menu" data-menu="location"> <div class="container container--no-padding header__menu-container"> <div class="header__menu-back-button"> <button class="button button--quaternary" type="button" data-menu-trigger="main-mobile" aria-label="Back to main menu"> <span> <svg class="icon" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-circle-chevron-left"></use> </svg> </span> <span>Back</span> </button> </div> <div class="container grid header__menu-content"> <div class="header__menu-close-button"> <button class="button button--quaternary" type="button" data-menu-close="location" aria-label="Close location menu"> <span>Close</span> <span> <svg class="icon" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-circle-xmark"></use> </svg> </span> </button> </div> <div class="col-12 col-2@lg"> <h2 class="header__menu-title">Americas</h2> <ul class="header__menu-items header__menu-items--small header__menu-items--divider"> <li class="header__menu-item edition-item"> <a class="header__menu-link" href="https://www.csoonline.com" data-slug="us">United States</a> </li> </ul> </div> <div class="col-12 col-2@lg"> <h2 class="header__menu-title">Asia</h2> <ul class="header__menu-items header__menu-items--small header__menu-items--divider"> <li class="header__menu-item edition-item"> <span class="header__menu-link header__menu-link--active">ASEAN</span> </li> <li class="header__menu-item edition-item"> <a class="header__menu-link" href="https://www.csoonline.com/in/" data-slug="in">India</a> </li> </ul> </div> <div class="col-12 col-2@lg"> <h2 class="header__menu-title">Europe</h2> <ul class="header__menu-items header__menu-items--small header__menu-items--divider"> <li class="header__menu-item edition-item"> <a class="header__menu-link" href="https://www.csoonline.com/de/" data-slug="de">Deutschland (Germany)</a> </li> <li class="header__menu-item edition-item"> <a class="header__menu-link" href="https://www.csoonline.com/uk/" data-slug="uk">United Kingdom</a> </li> </ul> </div> <div class="col-12 col-2@lg"> <h2 class="header__menu-title">Oceania</h2> <ul class="header__menu-items header__menu-items--small header__menu-items--divider"> <li class="header__menu-item edition-item"> <a class="header__menu-link" href="https://www.csoonline.com/au/" data-slug="au">Australia</a> </li> </ul> </div> </div> </div> </div> <div class="header__menu header__menu--inverted" data-menu="search"> <div class="header__menu-container"> <div class="header__menu-back-button"> <button class="button button--quaternary" type="button" data-menu-trigger="main-mobile" aria-label="Back to main menu"> <span> <svg class="icon" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-circle-chevron-left"></use> </svg> </span> <span>Back</span> </button> </div> <div class="container header__menu-content"> <div class="header__menu-close-button"> <button class="button button--quaternary" type="button" data-menu-close="search" aria-label="Close search"> <span>Close</span> <span> <svg class="icon" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-circle-xmark"></use> </svg> </span> </button> </div> <div class="google-programmable-search"> <div class="google-programmable-search__searchbox"> <div class="gcse-searchbox-only" data-resultsUrl="https://www.csoonline.com/search"></div> </div> <div class="grid google-programmable-search__popular-topics-container"> <div class="col-12 google-programmable-search__popular-topics-title"> Popular Topics </div> <div class="col-12 col-6@lg"> </div> </div> </div> </div> </div> </div> <div id="primaryNav" class="header__menu" data-menu="main-mobile"> <div class="container container--no-padding header__menu-container"> <button class="header__menu-close-main-button" type="button" aria-label="Close main menu" data-menu-close="main-mobile"> <svg class="icon icon--lg" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-circle-xmark"></use> </svg> </button> <div class="container grid header__menu-content"> <div class="col-12"> <ul class="header__menu-items header__menu-items--small"> <li class="header__menu-item"> <button class="header__menu-link" type="button" aria-label="Open search" data-menu-trigger="search"> <span> <svg class="icon icon--sm" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-magnifying-glass"></use> </svg> </span> <span>Search</span> </button> </li> <li class="header__menu-item"> <button class="header__menu-link" type="button" aria-label="Open location menu" data-menu-trigger="location"> <span> <svg class="icon icon--sm" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-globe"></use> </svg> </span> <span> ASEAN-EN </span> </button> </li> </ul> </div> <div class="col-12"> <ul class="header__menu-items"> <li class="header__menu-item"> <button class="header__menu-link" type="button" aria-label="Open topics menu" data-menu-trigger="topics-mobile"> <span>Topics</span> <span> <svg class="icon icon--sm" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-layer-group"></use> </svg> </span> </button> </li> <li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/artificial-intelligence/'>Spotlight: Prioritizing your AI investments</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/events/'>Events</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/newsletters/signup/'>Newsletters</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://asean.resources.csoonline.com/'>Resources</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/community/'>Community</a></li><li class='header__menu-item'><button class='header__menu-link' type='button' data-menu-trigger='hamburger-100010399'>About</button><li class='header__menu-item'><button class='header__menu-link' type='button' data-menu-trigger='hamburger-100010406'>Policies</button><li class='header__menu-item'><button class='header__menu-link' type='button' data-menu-trigger='hamburger-100010413'>Our Network</button><li class='header__menu-item'><button class='header__menu-link' type='button' data-menu-trigger='hamburger-100010418'>More</button> </ul> </div> </div> </div> </div> <div class="header__menu" data-menu="topics-mobile"> <div class="container container--no-padding header__menu-container"> <div class="header__menu-back-button"> <button class="button button--quaternary" type="button" data-menu-trigger="main-mobile" aria-label="Back to main menu"> <span> <svg class="icon" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-circle-chevron-left"></use> </svg> </span> <span>Back</span> </button> </div> <div class="container grid header__menu-content"> <div class="col-12"> <h2 class="header__menu-title"> <span>Topics</span> <svg class="icon icon--sm" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-layer-group"></use> </svg> </h2> <ul class="header__menu-items header__menu-items--small header__menu-items--divider"> <li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/artificial-intelligence/'>Artificial Intelligence</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/generative-ai/'>Generative AI</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/business-operations/'>Business Operations</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/careers/'>Careers</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/industry/'>Industry</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/it-leadership/'>IT Leadership</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/compliance/'>Compliance</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/security/'>Security</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/application-security/'>Application Security</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/business-continuity/'>Business Continuity</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/cloud-security/'>Cloud Security</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/critical-infrastructure/'>Critical Infrastructure</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/cybercrime/'>Cybercrime</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/identity-and-access-management/'>Identity and Access Management</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/network-security/'>Network Security</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/physical-security/'>Physical Security</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/privacy/'>Privacy</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/risk-management/'>Risk Management</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/security-infrastructure/'>Security Infrastructure</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/vulnerabilities/'>Vulnerabilities</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/software-development/'>Software Development</a></li><li class='header__menu-item'><a class='header__menu-link' href='https://www.csoonline.com/asean/enterprise-buyers-guide/'>Enterprise Buyer鈥檚 Guides</a></li> </ul> </div> </div> </div> </div>  <div class="header__menu" data-menu="hamburger-100010399"> <div class="container header__menu-container"> <button class="button button--quaternary header__menu-back-button" type="button" data-menu-trigger="main-mobile" aria-label="Back to main menu"> <svg class="icon icon--sm" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <circle cx="12" cy="12" r="9" stroke="currentColor" /> <path d="m9.976 11.22.312.39-.312-.39Zm4.336 4.39-4.024-3.22-.624.781 4.024 3.22.624-.781Zm-4.024-4 4.024-3.22-.624-.78-4.024 3.219.624.78Zm0 .78a.5.5 0 0 1 0-.78l-.624-.781a1.5 1.5 0 0 0 0 2.342l.624-.78Z" fill="currentColor" /> </svg> Back </button> <div class="grid header__menu-content"> <button class="header__menu-close-button" type="button" aria-label="Close hamburger menu" data-menu-close="hamburger"> <svg class="icon icon--sm" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <path stroke="currentColor" stroke-width="2" d="M1.293 22.506 22.506 1.293M1.707 1.293 22.92 22.506" /> </svg> </button> <div class="col-12 col-2@lg"><h2 class="header__menu-title">About</h2><ul class="header__menu-items header__menu-items--small header__menu-items--divider"><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/about-us/">About Us</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://foundryco.com/our-brands/cso/">Advertise</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/contact-us/">Contact Us</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://foundryco.com/work-here/">Foundry Careers</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/contact-us/#republication-permissions">Reprints</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/newsletters/signup/">Newsletters</a></li></ul></div> </div> </div> </div> <div class="header__menu" data-menu="hamburger-100010406"> <div class="container header__menu-container"> <button class="button button--quaternary header__menu-back-button" type="button" data-menu-trigger="main-mobile" aria-label="Back to main menu"> <svg class="icon icon--sm" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <circle cx="12" cy="12" r="9" stroke="currentColor" /> <path d="m9.976 11.22.312.39-.312-.39Zm4.336 4.39-4.024-3.22-.624.781 4.024 3.22.624-.781Zm-4.024-4 4.024-3.22-.624-.78-4.024 3.219.624.78Zm0 .78a.5.5 0 0 1 0-.78l-.624-.781a1.5 1.5 0 0 0 0 2.342l.624-.78Z" fill="currentColor" /> </svg> Back </button> <div class="grid header__menu-content"> <button class="header__menu-close-button" type="button" aria-label="Close hamburger menu" data-menu-close="hamburger"> <svg class="icon icon--sm" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <path stroke="currentColor" stroke-width="2" d="M1.293 22.506 22.506 1.293M1.707 1.293 22.92 22.506" /> </svg> </button> <div class="col-12 col-2@lg"><h2 class="header__menu-title">Policies</h2><ul class="header__menu-items header__menu-items--small header__menu-items--divider"><li class="header__menu-item"><a class="header__menu-link" href="https://foundryco.com/terms-of-service-agreement/">Terms of Service</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/privacy-policy/">Privacy Policy</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/cookie-policy/">Cookie Policy</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/member-preferences/">Member Preferences</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/about-adchoices/">About AdChoices</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/affiliates/">E-commerce Links</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/your-california-privacy-rights/">Your California Privacy Rights</a></li></ul></div> </div> </div> </div> <div class="header__menu" data-menu="hamburger-100010413"> <div class="container header__menu-container"> <button class="button button--quaternary header__menu-back-button" type="button" data-menu-trigger="main-mobile" aria-label="Back to main menu"> <svg class="icon icon--sm" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <circle cx="12" cy="12" r="9" stroke="currentColor" /> <path d="m9.976 11.22.312.39-.312-.39Zm4.336 4.39-4.024-3.22-.624.781 4.024 3.22.624-.781Zm-4.024-4 4.024-3.22-.624-.78-4.024 3.219.624.78Zm0 .78a.5.5 0 0 1 0-.78l-.624-.781a1.5 1.5 0 0 0 0 2.342l.624-.78Z" fill="currentColor" /> </svg> Back </button> <div class="grid header__menu-content"> <button class="header__menu-close-button" type="button" aria-label="Close hamburger menu" data-menu-close="hamburger"> <svg class="icon icon--sm" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <path stroke="currentColor" stroke-width="2" d="M1.293 22.506 22.506 1.293M1.707 1.293 22.92 22.506" /> </svg> </button> <div class="col-12 col-2@lg"><h2 class="header__menu-title">Our Network</h2><ul class="header__menu-items header__menu-items--small header__menu-items--divider"><li class="header__menu-item"><a class="header__menu-link" href="https://www.cio.com/">CIO</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.computerworld.com/">Computerworld</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.infoworld.com/">InfoWorld</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.networkworld.com">Network World</a></li></ul></div> </div> </div> </div> <div class="header__menu" data-menu="hamburger-100010418"> <div class="container header__menu-container"> <button class="button button--quaternary header__menu-back-button" type="button" data-menu-trigger="main-mobile" aria-label="Back to main menu"> <svg class="icon icon--sm" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <circle cx="12" cy="12" r="9" stroke="currentColor" /> <path d="m9.976 11.22.312.39-.312-.39Zm4.336 4.39-4.024-3.22-.624.781 4.024 3.22.624-.781Zm-4.024-4 4.024-3.22-.624-.78-4.024 3.219.624.78Zm0 .78a.5.5 0 0 1 0-.78l-.624-.781a1.5 1.5 0 0 0 0 2.342l.624-.78Z" fill="currentColor" /> </svg> Back </button> <div class="grid header__menu-content"> <button class="header__menu-close-button" type="button" aria-label="Close hamburger menu" data-menu-close="hamburger"> <svg class="icon icon--sm" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <path stroke="currentColor" stroke-width="2" d="M1.293 22.506 22.506 1.293M1.707 1.293 22.92 22.506" /> </svg> </button> <div class="col-12 col-2@lg"><h2 class="header__menu-title">More</h2><ul class="header__menu-items header__menu-items--small header__menu-items--divider"><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/awards/">Awards</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/blogs/">Blogs</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/brandposts/">BrandPosts</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/events/">Events</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/podcasts/">Podcasts</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/asean/videos/">Videos</a></li><li class="header__menu-item"><a class="header__menu-link" href="https://www.csoonline.com/enterprise-buyers-guide/">Enterprise Buyer鈥檚 Guides</a></li> </header> <div class="advert-sticky ad ad-banner has-ad-prefix is-sticky page-ad advert--bg-cso-gray" data-ad-template="banner" data-ofp="false"></div><div class="advert"> <div class="container advert__container"> <div class="advert__content"><div class="ad ad-overlay" data-ad-template="overlay" data-ofp="true"></div></div></div></div><main id="primary"> <div class="article-hero"> <div class="container"> <nav class="breadcrumbs-nav" aria-label="Breadcrumb"> <ol class="breadcrumb-list" itemprop="breadcrumb" itemscope itemtype="https://schema.org/BreadcrumbList"> <li class="breadcrumb-item" itemprop="itemListElement" itemscope itemtype="https://schema.org/ListItem"> <a itemprop="item" href="https://www.csoonline.com/asean/"> <span itemprop="name">Home</span> </a> <meta itemprop="position" content="1"> </li><li class="breadcrumb-item" itemprop="itemListElement" itemscope itemtype="https://schema.org/ListItem"> <a itemprop="item" href="https://www.csoonline.com/asean/security/"> <span itemprop="name">Security</span> </a> <meta itemprop="position" content="2"> </li><li class="breadcrumb-item" itemprop="itemListElement" itemscope itemtype="https://schema.org/ListItem"> <span itemprop="name" aria-current="page">APIs are becoming a major target for credential stuffing attacks</span> <meta itemprop="position" content="3"> </li> </ol> </nav> <div class="grid article-hero__top"> <div class="col-12 col-8@md col-6@lg col-start-3@lg"> <div class="author" itemscope itemtype="http://schema.org/Person"> <div class="author__image"> <div class="image image--rounded image--aspect-ratio-1-1" itemprop="image"> <img data-hero alt="lconstantin" src="https://www.csoonline.com/wp-content/uploads/2025/02/945-0-13101500-1739779282-lucian_constantin-100942616-orig.png?w=150" class="author_photo" height="150" width="150" /> </div> </div> <div class="author__content"> <div class="author__name" itemprop="name"> by <a href="https://www.csoonline.com/profile/lucian-constantin/" itemprop="url">Lucian Constantin</a> </div> <div class="author__info"> <span itemprop="jobTitle">CSO Senior Writer</span> </div> </div> </div> </div> <div class="col-12 col-4@md"> <div class="article-hero__social"> <div class="social-share-menu"> <ul class="social-share-menu__buttons"><li class="social-share-menu__button"> <button class="social-share-button" type="button" data-platform="linkedin" aria-label="Share on LinkedIn"> <i class="icon-linkedin"><svg><use xlink:href="#icon-linkedin"></use></svg></i> </button> </li><li class="social-share-menu__button"> <button class="social-share-button" type="button" data-platform="x" aria-label="Share on X"> <i class="icon-x"><svg><use xlink:href="#icon-x"></use></svg></i> </button> </li><li class="social-share-menu__button"> <button class="social-share-button" type="button" data-platform="facebook" aria-label="Share on Facebook"> <i class="icon-facebook"><svg><use xlink:href="#icon-facebook"></use></svg></i> </button> </li><li class="social-share-menu__button"> <button class="social-share-button" type="button" data-platform="reddit" aria-label="Share on Reddit"> <i class="icon-reddit"><svg><use xlink:href="#icon-reddit"></use></svg></i> </button> </li><li class="social-share-menu__button"> <button class="social-share-button" type="button" data-platform="email" aria-label="Share via Email"> <i class="icon-email"><svg><use xlink:href="#icon-email"></use></svg></i> </button> </li><li class="social-share-menu__button"> <button class="social-share-button" type="button" data-platform="print" aria-label="Print"> <i class="icon-print"><svg><use xlink:href="#icon-print"></use></svg></i> </button> </li></ul> </div> </div> </div> </div> <div class="grid article-hero__main"> <div class="col-12 col-9@lg col-start-3@lg"> <h1 class="article-hero__title">APIs are becoming a major target for credential stuffing attacks</h1><div class="card"> <div class="card__info"><span class="card_story">News Analysis</span></div><div class="card__info card__info--light"> <span>19 Feb 2020</span><span>6 mins</span></div><div class="card__tags"><span class="card__tag"><a href="https://www.csoonline.com/asean/application-security/" class="tag">Application Security</a></span><span class="card__tag"><span class="tag">Cyberattacks</span></span><span class="card__tag"><a href="https://www.csoonline.com/asean/vulnerabilities/" class="tag">Vulnerabilities</a></span></div></div> <div class="article-hero__social"> <div class="social-share-menu"> <ul class="social-share-menu__buttons"> <li class="social-share-menu__button"> <button class="social-share-button" type="button" data-platform="linkedin" aria-label="Share on LinkedIn"> <i class="icon-linkedin"><svg aria-hidden="true"><use xlink:href="#icon-linkedin"></use></svg></i> </button> </li><li class="social-share-menu__button"> <button class="social-share-button" type="button" data-platform="x" aria-label="Share on X"> <i class="icon-x"><svg aria-hidden="true"><use xlink:href="#icon-x"></use></svg></i> </button> </li><li class="social-share-menu__button"> <button class="social-share-button" type="button" data-platform="facebook" aria-label="Share on Facebook"> <i class="icon-facebook"><svg aria-hidden="true"><use xlink:href="#icon-facebook"></use></svg></i> </button> </li><li class="social-share-menu__button"> <button class="social-share-button" type="button" data-platform="reddit" aria-label="Share on Reddit"> <i class="icon-reddit"><svg aria-hidden="true"><use xlink:href="#icon-reddit"></use></svg></i> </button> </li><li class="social-share-menu__button"> <button class="social-share-button" type="button" data-platform="email" aria-label="Share via Email"> <i class="icon-email"><svg aria-hidden="true"><use xlink:href="#icon-email"></use></svg></i> </button> </li><li class="social-share-menu__button"> <button class="social-share-button" type="button" data-platform="print" aria-label="Print"> <i class="icon-print"><svg aria-hidden="true"><use xlink:href="#icon-print"></use></svg></i> </button> </li> </ul> </div> </div> </div> </div> </div> </div> <aside class="social-share-sticky-menu is-collapsed "> <div class="social-share-sticky-menu__wrapper"> <ol class="social-share-sticky-menu__buttons"> <li class="social-share-sticky-menu__button"> <button class="social-share-button reset-button" type="button" data-platform="linkedin" aria-label="Share on LinkedIn"> <i class="icon-linkedin"><svg aria-hidden="true"> <use xlink:href="#icon-linkedin"></use> </svg></i> </button> </li> <li class="social-share-sticky-menu__button"> <button class="social-share-button reset-button" type="button" data-platform="x" aria-label="Share on X"> <i class="icon-x"><svg aria-hidden="true"> <use xlink:href="#icon-x"></use> </svg></i> </button> </li> <li class="social-share-sticky-menu__button"> <button class="social-share-button reset-button" type="button" data-platform="facebook" aria-label="Share on Facebook"> <i class="icon-facebook"><svg aria-hidden="true"> <use xlink:href="#icon-facebook"></use> </svg></i> </button> </li> <li class="social-share-sticky-menu__button"> <button class="social-share-button reset-button" type="button" data-platform="reddit" aria-label="Share on Reddit"> <i class="icon-reddit"><svg aria-hidden="true"> <use xlink:href="#icon-reddit"></use> </svg></i> </button> </li> <li class="social-share-sticky-menu__button"> <button class="social-share-button reset-button" type="button" data-platform="email" aria-label="Share via Email"> <i class="icon-email"><svg aria-hidden="true"> <use xlink:href="#icon-email"></use> </svg></i> </button> </li> <li class="social-share-sticky-menu__button"> <button class="social-share-button reset-button" type="button" data-platform="print" aria-label="Print this page"> <i class="icon-print"><svg aria-hidden="true"> <use xlink:href="#icon-print"></use> </svg></i> </button> </li> </ol> <button type="button" aria-label="Expand/Collapse" class="social-share-sticky-menu__toggle-button"> <div class="social-share-sticky-menu__toggle-button-icon"> <i class="icon-chevron-down"><svg aria-hidden="true"> <use xlink:href="#icon-chevron-down"></use> </svg></i> </div> </button> </div> </aside> <article id="post-568967" class="post-legacy post-568967 post type-post status-publish format-standard has-post-thumbnail category-application-security category-cyberattacks category-security category-vulnerabilities languages-en editions-global publication-csoonline publication-us-default story_types-newsanalysis article_type-default origin-onecms"> <section class="article"> <div class="container grid entry-content "> <div class="col-12 col-10@md col-8@lg"> <div class="core"> <div class="article__main"> <div class="grid grid--cols-10@md grid--cols-8@lg article-column"> <div class="col-12 col-10@md col-6@lg col-start-3@lg "> <div class="article-column__content"> <div class="core"> <h2 class="content-subheadline"> New research shows that attackers use APIs to automate credential stuffing attacks. The financial sector is particularly vulnerable. </h2> <p></p> </div> <div class="media-with-label"> <div class="image"> <img width="1024" height="683" src="https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?quality=50&strip=all&w=1024" class="attachment-post-thumbnail size-post-thumbnail wp-post-image" alt="Many keys, one lock > Brute-force credential stuffing." data-hero="" loading="eager" decoding="async" fetchpriority="high" srcset="https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?quality=50&strip=all 2400w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=300%2C200&quality=50&strip=all 300w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=768%2C512&quality=50&strip=all 768w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=1024%2C683&quality=50&strip=all 1024w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=1536%2C1024&quality=50&strip=all 1536w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=2048%2C1365&quality=50&strip=all 2048w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=1240%2C826&quality=50&strip=all 1240w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=150%2C100&quality=50&strip=all 150w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=1046%2C697&quality=50&strip=all 1046w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=252%2C168&quality=50&strip=all 252w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=126%2C84&quality=50&strip=all 126w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=720%2C480&quality=50&strip=all 720w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=540%2C360&quality=50&strip=all 540w, https://www.csoonline.com/wp-content/uploads/2023/06/cso_many_keys_one_lock_by_petr_bonek_gettyimages-872739656_2400x1600-100815712-orig.jpg?resize=375%2C250&quality=50&strip=all 375w" sizes="(max-width: 1024px) 100vw, 1024px" /> </div> <div class="media-with-label__label">Credit: Petr Bonek / Getty Images</div> </div> </div> </div> </div> <div id="remove_no_follow"> <div class="grid grid--cols-10@md grid--cols-8@lg article-column"> <div class="col-12 col-10@md col-6@lg col-start-3@lg"> <div class="article-column__content"> <section class="wp-block-bigbite-multi-title"><div class="container"></div></section> <p>New data from security and content delivery company Akamai shows that one in every five attempts to gain unauthorized access to user accounts is now done through application programming interfaces (APIs) instead of user-facing login pages. This trend is even more pronounced in the financial services industry where the use of APIs is widespread and in part fueled by regulatory requirements.</p><p>According to <a href="https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/soti-security-financial-services-hostile-takeover-attempts-report-2020.pdf" rel="noopener nofollow" target="_blank">a report</a> released today, between December 2017 and November 2019, Akamai observed 85.4 billion credential abuse attacks against companies worldwide that use its services. Of those attacks, around 16.5 billion, or nearly 20%, targeted hostnames that were clearly identified as API endpoints. However, in the financial industry, the percentage of attacks that targeted APIs rose sharply between May and September 2019, at times reaching 75%.</p><p>“API usage and widespread adoption have enabled criminals to automate their attacks,” the company said in its report. “This is why the volume of credential stuffing incidents has continued to grow year over year, and why such attacks remain a steady and constant risk across all market segments.”</p><div class="show@md"> <div class="grid grid--cols-10@md grid--cols-8@lg"> <div class="col-12 col-10@md col-6@lg col-start-3@lg"> <div class="advert advert--bleed-right"> <div class="advert__container"> <div class="advert__content"> <div class="ad page-ad has-ad-prefix ad-article" data-ad-template="article" data-ofp="false"></div> </div> </div> </div> </div> </div> </div><h2 id="the-credential-stuffing-problem">The credential stuffing problem</h2><p><a href="https://www.csoonline.com/article/567905/credential-stuffing-explained-how-to-prevent-detect-and-defend-against-it.html" target="_blank">Credential stuffing</a>, a type of brute-force attack where criminals use lists of leaked username and password combinations to gain access to accounts, has become a major problem in recent years. This is a consequence of the large number of data breaches over the past decade that have resulted in billions of stolen credentials being released publicly on the internet or sold on underground markets as commodities.<aside class="jwPlayer--floatingContainer" role="complementary" data-nosnippet> <div id="jwplayer--floatingVideo" class="jwplayer" data-media-id="wR2C0OJz"> </div> </aside></p><p>Knowing that users reuse passwords across various websites, attackers have used the credentials exposed in data breaches to build so-called combo lists. These lists of username and password combinations are then loaded into botnets or automated tools and are used to flood websites with login requests in an attempt to gain access.</p><p>However, once access is gained, extracting information from the affected services by crawling the customer pages requires some effort and customization, whereas requesting and extracting information through APIs is standardized and well suited for automation. After all, the very purpose of an API is to facilitate applications talking to each other and exchanging data automatically.</p><div class="show@md"> <div class="grid grid--cols-10@md grid--cols-8@lg"> <div class="col-12 col-10@md col-6@lg col-start-3@lg"> <div class="advert advert--bleed-right"> <div class="advert__container"> <div class="advert__content"> <div class="ad page-ad has-ad-prefix ad-article" data-ad-template="article" data-ofp="false"></div> </div> </div> </div> </div> </div> </div><p>“When it comes to credential stuffing, the APIs we’re examining use REST [representational state transfer] and SOAP [Simple Object Access Protocol] to access resources,” the Akamai researchers said. “This includes account summary pages with personal information, account records, and balances, as well as other tools or services within the platform. While they’re not directly comparable, both REST and SOAP are essentially methods of communication between applications. REST can be implemented in different ways, depending on the project. SOAP is a standard for data exchange.”</p><h2 id="the-financial-industry-under-attack">The financial industry under attack</h2><p>While APIs have always been around, inside operating systems and other places, web API usage has seen a huge growth over the past decade. This has been in part fueled by the mobile ecosystem because mobile apps talk to back-end services through APIs. It’s also driven by the adoption of cloud infrastructure and the shift towards a service-oriented architecture where traditional self-sufficient monolithic apps are being replaced by containerized microservices that handle individual functionalities and talk to each other through APIs.</p><p>The innovation in the financial technology — fintech — space has also put pressure on financial institutions to make their customer data and services available through APIs. In fact, <a href="https://www.csoonline.com/article/567171/what-is-psd2-and-how-it-will-impact-the-payments-processing-industry.html" target="_blank">the revised Payments Services Directive (PSD2)</a> that went into effect in the European Union (EU) in September was designed to push the concept and principles of open banking.</p><div class="show@md"> <div class="grid grid--cols-10@md grid--cols-8@lg"> <div class="col-12 col-10@md col-6@lg col-start-3@lg"> <div class="advert advert--bleed-right"> <div class="advert__container"> <div class="advert__content"> <div class="ad page-ad has-ad-prefix ad-article" data-ad-template="article" data-ofp="false"></div> </div> </div> </div> </div> </div> </div><p>PSD2 requires banks and other financial institutions that hold customer accounts to make it possible for third-party services to check the availability of funds, initiate payments or access account data if the account owners give their consent. The most common way of complying with that request is through the development of web APIs and most banks started implementing such APIs well in advance of PSD2’s deadline.</p><p>Even if no similar regulatory requirements exist in non-EU countries, market forces are pushing financial institutions in the same direction since they need to innovate and keep up with the competition. Security experts have long expressed concerns that implementation errors in banking APIs and the lack of a common development standard could increase the risk of data breaches.</p><p>On top of widespread API adoption, the data available to financial industry services has always been of high interest to cybercriminals who can monetize it in various ways. Financial data is more valuable than information that could be extracted from other types of services, so it makes financial industry APIs a more attractive target.</p><div class="show@md"> <div class="grid grid--cols-10@md grid--cols-8@lg"> <div class="col-12 col-10@md col-6@lg col-start-3@lg"> <div class="advert advert--bleed-right"> <div class="advert__container"> <div class="advert__content"> <div class="ad page-ad has-ad-prefix ad-article" data-ad-template="article" data-ofp="false"></div> </div> </div> </div> </div> </div> </div><p>“Criminals are still buying, selling and trading bank cards, financial credentials, compromised gift card balances, and online banking accounts at a rapid clip, because demand for such things remains high,” the Akamai researchers said. “Some compromised assets are being exchanged for cash, while others are being exchanged for more product in a direct swap between criminals, such as someone who trades valid banking accounts with balances for credit card accounts in Europe.”</p><p>In addition to credential stuffing and API abuse, criminals also try other types of attacks to get access to financial data. Over the analyzed 24-month period, Akamai observed 473 million credential stuffing attacks against the financial sector, but also 662 million other web application attacks. The top type of web application attack against the financial services sector was local file inclusion (LFI), with 47%, followed by SQL injection (SQLi) with 36%, and cross-site scripting (XSS) with 7.7%. Other observed attack types included PHP injection, command injection, remote file inclusion, OGNL Injection and malicious file uploads.</p><p>LFI attacks target script files written in various web programming languages, primarily PHP, but also ASP, JSP and others, and they often result in the disclosure of sensitive information.</p><div class="show@md"> <div class="grid grid--cols-10@md grid--cols-8@lg"> <div class="col-12 col-10@md col-6@lg col-start-3@lg"> <div class="advert advert--bleed-right"> <div class="advert__container"> <div class="advert__content"> <div class="ad page-ad has-ad-prefix ad-article" data-ad-template="article" data-ofp="false"></div> </div> </div> </div> </div> </div> </div><h2 id="lack-of-api-protections">Lack of API protections</h2><p>The Akamai researchers identified several problems with API development that makes it easier for attackers to abuse them. For example, some APIs don’t have rate limiting for authentication attempts, which allows hackers to perform tens of thousands of password guesses every minute. Throttling authentication requests is good practice, but this alone is not a complete defense against credential stuffing attacks, because attackers can configure their scripts to perform requests at a lower rate and avoid getting blocked.</p><p>Another issue is with the error responses given by APIs for failed login attempts. This can often leak information about whether a username exists on the service or not and criminals take advantage of this to validate, tweak and sort their credential lists making their future attacks harder to detect because the triggered error rates will be lower.</p><p>“It isn’t just financial services; everyone is being targeted by criminals who use and abuse stolen credentials to fuel their criminal enterprises,” the Akamai researchers said. “One of the tools to fight this continued assault is <a href="https://www.csoonline.com/article/564201/what-is-zero-trust-a-model-for-more-effective-security.html" target="_blank">zero trust</a>. As adoption of this framework spreads, it will become more difficult for criminals to use passive attacks, like credential stuffing, to gain a foothold on a given network. It will be harder for them to leverage phishing or custom command and control servers, since DNS can be blocked at the source.”</p><div class="show@md"> <div class="grid grid--cols-10@md grid--cols-8@lg"> <div class="col-12 col-10@md col-6@lg col-start-3@lg"> <div class="advert advert--bleed-right"> <div class="advert__container"> <div class="advert__content"> <div class="ad page-ad has-ad-prefix ad-article" data-ad-template="article" data-ofp="false"></div> </div> </div> </div> </div> </div> </div></div></div></div></div> </div> </div> </div>  <div id="rightrail-wrapper" class="col-12 col-10@md col-3@lg col-start-10@lg"> <div class="article__side"> <div class="show@lg rightTrailAd"> <div class="advert advert--bleed-left"> <div class="advert__container"> <div class="advert__content"> <div class="ad has-rendered has-loaded"> <div class="ad page-ad ad-topimu" data-ad-template="topimu" data-ofp="false"></div> </div> </div> </div> </div> </div> <aside class="related-content-small"> <h2 class="related-content-small__title">Related content</h2> <div class="related-content-small__cards"> <div id="nativocardrightrail-1" class="nativo"></div> <article class="related-content-small__card" role="article" itemscope itemtype="https://schema.org/Article" aria-labelledby="related-content-3819136"> <a class="card" href="https://www.csoonline.com/article/3819136/how-to-evaluate-and-mitigate-risks-to-the-global-supply-chain.html" rel="noreferrer" aria-label="Read more: How to evaluate and mitigate risks to the global supply chain"> <header class="card__header"> <span class="card__content-type">Feature</span> </header> <h3 class="card__title" id="related-content-3819136" itemprop="headline">How to evaluate and mitigate risks to the global supply chain</h3> <section class="card__info"> <span itemprop="author" itemscope itemtype="https://schema.org/Person"> By <span itemprop="name">Jaikumar Vijayan</span> </span> </section> <section class="card__info card__info--light"> <span itemprop="datePublished" content="2025-02-17T00:00:00+00:00"> 17 Feb 2025 </span> <span> <span>7 mins</span> </span> </section> <footer class="card__tags"> <span class="card__tag"><span class="tag" itemprop="keywords"> Cyberattacks </span></span> <span class="card__tag"><span class="tag" itemprop="keywords"> Risk Management </span></span> <span class="card__tag"><span class="tag" itemprop="keywords"> Supply Chain </span></span> </footer> </a> </article> <article class="related-content-small__card" role="article" itemscope itemtype="https://schema.org/Article" aria-labelledby="related-content-3825372"> <a class="card" href="https://www.networkworld.com/article/3825364/palo-alto-networks-firewall-bug-being-exploited-by-threat-actors-report.html" rel="noreferrer" aria-label="Read more: Palo Alto Networks firewall bug being exploited by threat actors: Report"> <header class="card__header"> <span class="card__content-type">News</span> </header> <h3 class="card__title" id="related-content-3825372" itemprop="headline">Palo Alto Networks firewall bug being exploited by threat actors: Report</h3> <section class="card__info"> <span itemprop="author" itemscope itemtype="https://schema.org/Person"> By <span itemprop="name">Howard Solomon</span> </span> </section> <section class="card__info card__info--light"> <span itemprop="datePublished" content="2025-02-14T00:00:00+00:00"> 14 Feb 2025 </span> <span> <span>1 min</span> </span> </section> <footer class="card__tags"> <span class="card__tag"><span class="tag" itemprop="keywords"> Network Security </span></span> <span class="card__tag"><span class="tag" itemprop="keywords"> Vulnerabilities </span></span> <span class="card__tag"><span class="tag" itemprop="keywords"> Zero-day vulnerability </span></span> </footer> </a> </article> <article class="related-content-small__card" role="article" itemscope itemtype="https://schema.org/Article" aria-labelledby="related-content-3825098"> <a class="card" href="https://www.csoonline.com/article/3825098/whoami-name-confusion-attacks-can-hack-into-aws-accounts-for-code-execution.html" rel="noreferrer" aria-label="Read more: whoAMI name confusion attacks can expose AWS accounts to malicious code execution"> <header class="card__header"> <span class="card__content-type">News</span> </header> <h3 class="card__title" id="related-content-3825098" itemprop="headline">whoAMI name confusion attacks can expose AWS accounts to malicious code execution</h3> <section class="card__info"> <span itemprop="author" itemscope itemtype="https://schema.org/Person"> By <span itemprop="name">Shweta Sharma</span> </span> </section> <section class="card__info card__info--light"> <span itemprop="datePublished" content="2025-02-14T00:00:00+00:00"> 14 Feb 2025 </span> <span> <span>3 mins</span> </span> </section> <footer class="card__tags"> <span class="card__tag"><span class="tag" itemprop="keywords"> Cloud Security </span></span> <span class="card__tag"><span class="tag" itemprop="keywords"> Cyberattacks </span></span> <span class="card__tag"><span class="tag" itemprop="keywords"> Security </span></span> </footer> </a> </article> <article class="related-content-small__card" role="article" itemscope itemtype="https://schema.org/Article" aria-labelledby="related-content-3824564"> <a class="card" href="https://www.csoonline.com/article/3824564/postgresql-patches-sqli-vulnerability-likely-exploited-in-beyondtrust-attacks.html" rel="noreferrer" aria-label="Read more: PostgreSQL patches SQLi vulnerability likely exploited in BeyondTrust attacks"> <header class="card__header"> <span class="card__content-type">News Analysis</span> </header> <h3 class="card__title" id="related-content-3824564" itemprop="headline">PostgreSQL patches SQLi vulnerability likely exploited in BeyondTrust attacks</h3> <section class="card__info"> <span itemprop="author" itemscope itemtype="https://schema.org/Person"> By <span itemprop="name">Lucian Constantin</span> </span> </section> <section class="card__info card__info--light"> <span itemprop="datePublished" content="2025-02-13T00:00:00+00:00"> 13 Feb 2025 </span> <span> <span>5 mins</span> </span> </section> <footer class="card__tags"> <span class="card__tag"><span class="tag" itemprop="keywords"> Data and Information Security </span></span> <span class="card__tag"><span class="tag" itemprop="keywords"> Vulnerabilities </span></span> <span class="card__tag"><span class="tag" itemprop="keywords"> Zero-day vulnerability </span></span> </footer> </a> </article> </div> <nav aria-labelledby="related-content-nav"> <h2 id="related-content-nav" class="sr-only">Other Sections</h2> <ul class="related-content-small__link-items"> <li class="related-content-small__link-item"> <a class="related-content-small__link" href="https://www.csoonline.com/asean/podcasts/" aria-label="PODCASTS"> PODCASTS </a> </li> <li class="related-content-small__link-item"> <a class="related-content-small__link" href="https://www.csoonline.com/asean/vidoes/" aria-label="VIDEOS"> VIDEOS </a> </li> <li class="related-content-small__link-item"> <a class="related-content-small__link" href="https://asean.resources.csoonline.com" aria-label="RESOURCES"> RESOURCES </a> </li> <li class="related-content-small__link-item"> <a class="related-content-small__link" href="https://www.csoonline.com/asean/events/" aria-label="EVENTS"> EVENTS </a> </li> <li class="related-content-small__link-item"> <a class="related-content-small__link" href="https://www.csoonline.com/asean/artificial-intelligence/" aria-label="SPOTLIGHT: PRIORITIZING YOUR AI INVESTMENTS"> SPOTLIGHT: PRIORITIZING YOUR AI INVESTMENTS </a> </li> </ul> </nav> </aside> <div class="show@lg rightTrailAd"> <div class="advert advert--bleed-left"> <div class="advert__container"> <div class="advert__content"> <div class="ad has-rendered has-loaded"> <div class="ad page-ad ad-topimu" data-ad-template="topimu" data-ofp="false"></div> </div> </div> </div> </div> </div> <div class="newsletter-subscription-small"> <div class="newsletter-subscription-small__sub-title">SUBSCRIBE TO OUR NEWSLETTER </div> <h3 class="newsletter-subscription-small__title"> From our editors straight to your inbox </h3> <div class="newsletter-subscription-small__text"> Get started by entering your email address below. </div> <div class="newsletter-subscription-small__input-container"> <form method="post" id="rr-single-nl-form"> <input type="hidden" id="newsletter_signup_nonce" name="newsletter_signup_nonce" value="f45325d530" /><input type="hidden" name="_wp_http_referer" value="/article/568967/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html" /> <div class="newsletter-subscription-small__input"> <div class="email-field"> <input type="email" class="email-field__input" id="rr_nl_user_email" name="rr_nl_user_email" placeholder="Enter your email here" /> <div class="email-field__error-message"> <span>Please enter a valid email address</span> </div> </div> </div> <div class="newsletter-subscription-small__button"> <button class="button" id="rr-single-nl-submit" type="submit" disabled>Subscribe</button> </div> </form> </div> </div> </div> </div>  </div> </section> </article> <div class="author-bio"> <div class="container grid"> <div class="col-12 col-8@md author-bio__content"> <div class="grid grid--cols-8@md author-bio__author"> <div class="col-12 col-8@md col-2@lg"> <div class="author-bio__image"> <div class="image image--rounded image--aspect-ratio-2-3"> <img data-hero alt="lconstantin" src="https://www.csoonline.com/wp-content/uploads/2025/02/945-0-13101500-1739779282-lucian_constantin-100942616-orig.png?w=250" class="author_photo" height="250" width="250" /> </div> </div> </div> <div class="col-12 col-8@md col-6@lg"> <div class="author-bio__details" itemscope itemtype="http://schema.org/Person"> <div class="author-bio__details-top"> <div class="author-bio__author"> <div class="author"> <div class="author__content"> <div class="author__name" itemprop="name"> by <a href="https://www.csoonline.com/profile/lucian-constantin/" itemprop="url" aria-label="Author profile"> Lucian Constantin </a> </div> <div class="author__info"> <span itemprop="jobTitle">CSO Senior Writer</span> </div> </div> </div> </div> <div class="author-bio__social"> <ol> <li><a href="https://www.twitter.com/lconstantin" aria-label="Follow Lucian Constantin on X" target="_blank" rel="noreferrer noopener"> <i class="icon-x"><svg aria-hidden="true"><use xlink:href="#icon-x"></use></svg></i> <span class="sr-only">Follow Lucian Constantin on X</span> </a></li><li><a href="https://www.linkedin.com/in/lconstantin" aria-label="Follow Lucian Constantin on LinkedIn" target="_blank" rel="noreferrer noopener"> <i class="icon-linkedin"><svg aria-hidden="true"><use xlink:href="#icon-linkedin"></use></svg></i> <span class="sr-only">Follow Lucian Constantin on LinkedIn</span> </a></li> </ol> </div> </div> <div class="author-bio__bio"> <p itemprop="description">Lucian Constantin writes about information security, privacy, and data protection for CSO.</p> </div> <details class="accordion" data-accordion-enabled="mobile,desktop" data-accordion-expanded=""> <summary data-accordion-summary class="accordion__summary"> <div class="accordion__title"> <h2 class="author-bio__cards-title">More from this author</h2> </div> <div class="accordion__icon"> <svg class="icon" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"> <use xlink:href="#icon-circle-chevron-down"></use> </svg> </div> </summary> <div class="accordion__content" data-accordion-content> <div class="author-bio__cards-container"> <ul class="author-bio__cards"><li class="author-bio__card"><a class="card" href="https://www.csoonline.com/article/3825444/ransomware-gangs-extort-victims-17-hours-after-intrusion-on-average.html" rel="noreferrer" aria-label="Go to content" itemprop="url"><div class="card__header"><span class="card__content-type">news</span></div><h3 class="card__title"><span>Ransomware gangs extort victims 17 hours after intrusion on average</span></h3> <div class="card__info card__info--light"><span>17 Feb 2025 </span><span>5 mins</span></div></a></li><li class="author-bio__card"><a class="card" href="https://www.csoonline.com/article/3824177/unusual-attack-linked-to-chinese-apt-group-combines-espionage-and-ransomware.html" rel="noreferrer" aria-label="Go to content" itemprop="url"><div class="card__header"><span class="card__content-type">news analysis</span></div><h3 class="card__title"><span>Unusual attack linked to Chinese APT group combines espionage and ransomware</span></h3> <div class="card__info card__info--light"><span>13 Feb 2025 </span><span>6 mins</span></div></a></li><li class="author-bio__card"><a class="card" href="https://www.csoonline.com/article/3822338/authorities-seize-phobos-and-8base-ransomware-servers-arrest-4-suspects.html" rel="noreferrer" aria-label="Go to content" itemprop="url"><div class="card__header"><span class="card__content-type">news</span></div><h3 class="card__title"><span>Authorities seize Phobos and 8Base ransomware servers, arrest 4 suspects</span></h3> <div class="card__info card__info--light"><span>11 Feb 2025 </span><span>3 mins</span></div></a></li><li class="author-bio__card"><a class="card" href="https://www.csoonline.com/article/3819920/attackers-hide-malicious-code-in-hugging-face-ai-model-pickle-files.html" rel="noreferrer" aria-label="Go to content" itemprop="url"><div class="card__header"><span class="card__content-type">news</span></div><h3 class="card__title"><span>Attackers hide malicious code in Hugging Face AI model Pickle files</span></h3> <div class="card__info card__info--light"><span>07 Feb 2025 </span><span>5 mins</span></div></a></li><li class="author-bio__card"><a class="card" href="https://www.csoonline.com/article/3816939/abandoned-aws-s3-buckets-open-door-to-remote-code-execution-and-supply-chain-compromises.html" rel="noreferrer" aria-label="Go to content" itemprop="url"><div class="card__header"><span class="card__content-type">news analysis</span></div><h3 class="card__title"><span>Abandoned AWS S3 buckets open door to remote code execution, supply-chain compromises</span></h3> <div class="card__info card__info--light"><span>04 Feb 2025 </span><span>9 mins</span></div></a></li><li class="author-bio__card"><a class="card" href="https://www.csoonline.com/article/3814810/backdoor-in-chinese-made-healthcare-monitoring-device-leaks-patient-data.html" rel="noreferrer" aria-label="Go to content" itemprop="url"><div class="card__header"><span class="card__content-type">news</span></div><h3 class="card__title"><span>Backdoor in Chinese-made healthcare monitoring device leaks patient data</span></h3> <div class="card__info card__info--light"><span>31 Jan 2025 </span><span>5 mins</span></div></a></li><li class="author-bio__card"><a class="card" href="https://www.csoonline.com/article/3813642/north-korean-hackers-impersonated-recruiters-to-steal-credentials-from-over-1500-developer-systems.html" rel="noreferrer" aria-label="Go to content" itemprop="url"><div class="card__header"><span class="card__content-type">news analysis</span></div><h3 class="card__title"><span>North Korean hackers impersonated recruiters to steal credentials from over 1,500 developer systems</span></h3> <div class="card__info card__info--light"><span>30 Jan 2025 </span><span>4 mins</span></div></a></li><li class="author-bio__card"><a class="card" href="https://www.csoonline.com/article/3811814/cisa-warns-of-critical-high-risk-flaws-in-ics-products-from-four-vendors.html" rel="noreferrer" aria-label="Go to content" itemprop="url"><div class="card__header"><span class="card__content-type">news</span></div><h3 class="card__title"><span>CISA warns of critical, high-risk flaws in ICS products from four vendors</span></h3> <div class="card__info card__info--light"><span>28 Jan 2025 </span><span>4 mins</span></div></a></li></ul> </div> </div> </details> </div> </div> </div> </div> </div> </div> <script> function redirectURL(redirecturl) { if (redirecturl) { window.location = redirecturl; } } </script> <div class="ad ad-bottomleaderboard advert--bg-cso-gray" data-ad-template="bottomleaderboard" data-ofp="false"></div><section class="suggested-content-various"><div class="container"><div class="grid suggested-content-various__content"><div class="col-12 col-3@lg"> <h2 class="suggested-content-various__title">Show me more</h2><div class="suggested-content-various__filters"><span class="suggested-content-various__filter"><button class="chip chip--filter chip--active" type="button" data-filter-key="latest">Popular</button></span><span class="suggested-content-various__filter"><button class="chip chip--filter" type="button" data-filter-key="article">Articles</button></span><span class="suggested-content-various__filter"><button class="chip chip--filter" type="button" data-filter-key="podcast">Podcasts</button></span><span class="suggested-content-various__filter"><button class="chip chip--filter" type="button" data-filter-key="video">Videos</button></span></div> </div><div class="col-12 col-9@lg suggested-content-various__items-wrap"><div class="grid grid--cols-9@lg suggested-content-various__items"><div class="col-4@md col-3@lg suggested-content-various__item suggested-content-various__item--active" data-filter-value=" latest,article"><a class="suggested-content-various__link" href="https://www.csoonline.com/article/3825425/ciso-success-story-how-la-county-trains-and-retrains-workers-to-fight-phishing.html" aria-label="Go to content"><div class="card"> <div class="card__header"> <span class="card__content-type">brandpost</span> <span class="card__sponsor-text">Sponsored by Tanium</span></div> <h3 class="card__title">CISO success story: How LA County trains (and retrains) workers to fight phishing</h3> <div class="card__info"><span>By David Rand</span></div><div class="card__info card__info--light"> <span>14 Feb 2025</span><span>9 mins</span></div> <div class="card__tags"><span class="card__tag"><span class="tag">Security</span></span></div></div> <div class="image"><img src="https://www.csoonline.com/wp-content/uploads/2025/02/3825425-0-18921300-1739572882-shutterstock_2463474777.jpg?quality=50&strip=all&w=375" alt="Image" /></div> </a> </div><div class="col-4@md col-3@lg suggested-content-various__item suggested-content-various__item--active" data-filter-value=" article"><a class="suggested-content-various__link" href="https://www.csoonline.com/article/3822459/what-is-anomaly-detection-behavior-based-analysis-for-cyber-threats.html" aria-label="Go to content"><div class="card"> <div class="card__header"> <span class="card__content-type">feature</span> </div> <h3 class="card__title">What is anomaly detection? Behavior-based analysis for cyber threats</h3> <div class="card__info"><span>By Cynthia Brumfield</span></div><div class="card__info card__info--light"> <span>14 Feb 2025</span><span>8 mins</span></div> <div class="card__tags"><span class="card__tag"><span class="tag">Incident Response</span></span><span class="card__tag"><span class="tag">Intrusion Detection Software</span></span><span class="card__tag"><span class="tag">Threat and Vulnerability Management</span></span></div></div> <div class="image"><img src="https://www.csoonline.com/wp-content/uploads/2025/02/3822459-0-16729000-1739553437-shutterstock_2136788219.jpg?quality=50&strip=all&w=444" alt="Image" /></div> </a> </div><div class="col-4@md col-3@lg suggested-content-various__item suggested-content-various__item--active" data-filter-value=" article"><a class="suggested-content-various__link" href="https://www.csoonline.com/article/3824422/dlp-solutions-vs-todays-cyberthreats-the-urgent-need-for-modern-solutions.html" aria-label="Go to content"><div class="card"> <div class="card__header"> <span class="card__content-type">brandpost</span> <span class="card__sponsor-text">Sponsored by Fortinet</span></div> <h3 class="card__title">DLP solutions vs today’s cyberthreats: The urgent need for modern solutions</h3> <div class="card__info"><span>By David Lorti, Director of Product Marketing, Fortinet</span></div><div class="card__info card__info--light"> <span>13 Feb 2025</span><span>7 mins</span></div> <div class="card__tags"><span class="card__tag"><span class="tag">Security</span></span></div></div> <div class="image"><img src="https://www.csoonline.com/wp-content/uploads/2025/02/3824422-0-68429400-1739487510-shutterstock_2418299973-1.jpg?quality=50&strip=all&w=444" alt="Image" /></div> </a> </div><div class="col-4@md col-3@lg suggested-content-various__item suggested-content-various__item--active" data-filter-value=" latest,podcast"><a class="suggested-content-various__link" href="https://www.csoonline.com/podcast/3823540/cso-executive-sessions-how-cybersecurity-impacts-company-ratings-a-fey-factor-for-investors-and-consumers.html" aria-label="Go to content"><div class="card"> <div class="card__header"> <span class="card__content-type">podcast</span> </div> <h3 class="card__title">CSO Executive Sessions: How cybersecurity impacts company ratings - A fey factor for investors and consumers</h3> <div class="card__info"><span></span></div><div class="card__info card__info--light"> <span>12 Feb 2025</span><span>27 mins</span></div> <div class="card__tags"><span class="card__tag"><span class="tag">Security</span></span></div></div> <div class="image"><img src="https://www.csoonline.com/wp-content/uploads/2025/02/0-79893900-1739420575-martin-thumb-16x9-1.jpg?quality=50&strip=all&w=444" alt="Image" /></div> </a> </div><div class="col-4@md col-3@lg suggested-content-various__item suggested-content-various__item--active" data-filter-value=" podcast"><a class="suggested-content-various__link" href="https://www.csoonline.com/podcast/3484298/cso-executive-sessions-guardians-of-the-games-how-to-keep-the-olympics-and-other-major-events-cyber-safe.html" aria-label="Go to content"><div class="card"> <div class="card__header"> <span class="card__content-type">podcast</span> </div> <h3 class="card__title">CSO Executive Sessions: Guardians of the Games - How to keep the Olympics and other major events cyber safe</h3> <div class="card__info"><span></span></div><div class="card__info card__info--light"> <span>07 Aug 2024</span><span>17 mins</span></div> <div class="card__tags"><span class="card__tag"><span class="tag">CSO and CISO</span></span></div></div> <div class="image"><img src="https://www.csoonline.com/wp-content/uploads/2024/08/0-17938700-1723054243-bryan-thumb-16x9-1.jpg?quality=50&strip=all&w=444" alt="Image" /></div> </a> </div><div class="col-4@md col-3@lg suggested-content-various__item suggested-content-various__item--active" data-filter-value=" podcast"><a class="suggested-content-various__link" href="https://www.csoonline.com/podcast/2518505/cso-executive-session-india-with-dr-susil-kumar-meher-head-health-it-aiims-new-delhi.html" aria-label="Go to content"><div class="card"> <div class="card__header"> <span class="card__content-type">podcast</span> </div> <h3 class="card__title">CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi)</h3> <div class="card__info"><span></span></div><div class="card__info card__info--light"> <span>17 Jul 2024</span><span>17 mins</span></div> <div class="card__tags"><span class="card__tag"><span class="tag">CSO and CISO</span></span></div></div> <div class="image"><img src="https://www.csoonline.com/wp-content/uploads/2024/07/0-24154400-1721221590-CSO_ExecSessions_India_Susil-Meher.jpg?quality=50&strip=all&w=444" alt="Image" /></div> </a> </div><div class="col-4@md col-3@lg suggested-content-various__item suggested-content-various__item--active" data-filter-value=" latest,video"><a class="suggested-content-various__link" href="https://www.csoonline.com/video/3823524/cso-executive-sessions-how-cybersecurity-impacts-company-ratings-a-fey-factor-for-investors-and-consumers.html" aria-label="Go to content"><div class="card"> <div class="card__header"> <span class="card__content-type">video</span> </div> <h3 class="card__title">CSO Executive Sessions: How cybersecurity impacts company ratings - A fey factor for investors and consumers</h3> <div class="card__info"><span></span></div><div class="card__info card__info--light"> <span>12 Feb 2025</span><span>27 mins</span></div> <div class="card__tags"><span class="card__tag"><span class="tag">Security</span></span></div></div> <div class="image"><img src="https://www.csoonline.com/wp-content/uploads/2025/02/3823524-0-28652000-1739418932-martin-thumb-16x9-1.jpg?quality=50&strip=all&w=444" alt="Image" /></div> </a> </div><div class="col-4@md col-3@lg suggested-content-various__item suggested-content-various__item--active" data-filter-value=" video"><a class="suggested-content-various__link" href="https://www.csoonline.com/video/3810004/cso-executive-sessions-how-should-software-solution-providers-keep-themselves-and-their-enterprise-clients-safe.html" aria-label="Go to content"><div class="card"> <div class="card__header"> <span class="card__content-type">video</span> </div> <h3 class="card__title">CSO Executive Sessions: How should software solution providers keep themselves and their enterprise clients safe?</h3> <div class="card__info"><span></span></div><div class="card__info card__info--light"> <span>26 Jan 2025</span><span>18 mins</span></div> <div class="card__tags"><span class="card__tag"><span class="tag">Security</span></span></div></div> <div class="image"><img src="https://www.csoonline.com/wp-content/uploads/2025/01/3810004-0-29038100-1737952377-CSO-John-Qian-thumb-16x9-1.jpg?quality=50&strip=all&w=444" alt="Image" /></div> </a> </div><div class="col-4@md col-3@lg suggested-content-various__item suggested-content-various__item--active" data-filter-value=" video"><a class="suggested-content-various__link" href="https://www.csoonline.com/video/3604971/cso-executive-sessions-open-source-institutes-eric-nguyen-on-supply-chain-risks-to-critical-infrastructure-part-2.html" aria-label="Go to content"><div class="card"> <div class="card__header"> <span class="card__content-type">video</span> </div> <h3 class="card__title">CSO Executive Sessions: Open Source Institute鈥檚 Eric Nguyen on supply chain risks to critical infrastructure (Part 2)</h3> <div class="card__info"><span></span></div><div class="card__info card__info--light"> <span>14 Nov 2024</span><span>15 mins</span></div> <div class="card__tags"><span class="card__tag"><span class="tag">Critical Infrastructure</span></span><span class="card__tag"><span class="tag">IT Governance</span></span><span class="card__tag"><span class="tag">Supply Chain</span></span></div></div> <div class="image"><img src="https://www.csoonline.com/wp-content/uploads/2024/11/3604971-0-56447300-1731573422-eric-thumb-16x9-1.jpg?quality=50&strip=all&w=444" alt="Image" /></div> </a> </div></div></div></div></div></section> </main> <div class="OUTBRAIN" data-src="https://www.csoonline.com/article/568967/apis-are-becoming-a-major-target-for-credential-stuffing-attacks.html" data-widget-id=""></div><svg style="position: absolute; width: 0; height: 0; overflow: hidden;" aria-hidden="true" xmlns="http://www.w3.org/2000/svg"> <defs> <symbol id="logo-foundry" viewBox="0 0 156 57"> <path d="M1.367 47.258v7.355h.912v-3.31h2.646v-.735H2.28v-2.62h3.376v-.69H1.367ZM6.113 51.99V51.9c0-1.61 1.14-2.758 2.646-2.758 1.505 0 2.646 1.149 2.646 2.758v.092c0 1.654-1.14 2.758-2.646 2.758-1.551-.046-2.646-1.196-2.646-2.758Zm4.38 0V51.9c0-1.241-.685-2.069-1.734-2.069-1.095 0-1.733.828-1.733 2.069v.092c0 1.24.684 2.022 1.733 2.022s1.733-.827 1.733-2.022ZM12.727 49.233h.866v.965c.32-.598.821-1.011 1.78-1.057v.827c-1.096.046-1.78.414-1.78 1.747v2.988h-.866v-5.47ZM16.557 49.233h.867v.827c.228-.506.821-.92 1.596-.92.685 0 1.278.276 1.551 1.012.365-.69 1.186-1.011 1.825-1.011.958 0 1.825.597 1.825 2.16v3.356h-.867v-3.402c0-.965-.41-1.333-1.14-1.333-.685 0-1.415.46-1.415 1.425v3.31h-.866v-3.402c0-.965-.41-1.333-1.14-1.333-.685 0-1.415.46-1.415 1.425v3.31h-.866v-5.424h.045ZM25.5 51.99V51.9c0-1.655 1.05-2.758 2.509-2.758 1.231 0 2.417.735 2.417 2.666v.276h-4.06c.046 1.24.64 1.93 1.734 1.93.821 0 1.323-.322 1.414-.92h.867c-.183 1.104-1.095 1.656-2.281 1.656-1.505-.046-2.6-1.104-2.6-2.758Zm4.06-.597c-.092-1.103-.639-1.563-1.551-1.563-.867 0-1.46.598-1.597 1.563h3.148ZM31.746 49.233h.867v.965c.32-.598.82-1.011 1.779-1.057v.827c-1.095.046-1.78.414-1.78 1.747v2.988h-.866v-5.47ZM36.492 46.61h-.867v7.998h.867v-7.999ZM39.731 54.061l-2.098-4.827h.912l1.642 3.862 1.46-3.862h.867l-2.965 7.263h-.822l1.004-2.436ZM47.483 47.258h-.913v7.4h.913v-7.4ZM49.355 47.258h1.962c2.509 0 3.695 1.563 3.695 3.631v.092c0 2.069-1.186 3.678-3.74 3.678h-1.916v-7.401Zm1.916 6.62c1.87 0 2.828-1.15 2.828-2.943v-.092c0-1.7-.82-2.896-2.828-2.896h-1.003v5.93h1.003ZM56.152 50.978v-.092c0-2.16 1.46-3.769 3.558-3.769 1.46 0 2.783.69 2.965 2.345h-.912c-.228-1.196-1.004-1.655-2.053-1.655-1.688 0-2.645 1.24-2.645 3.034v.091c0 1.84.912 3.034 2.645 3.034 1.597 0 2.28-1.057 2.327-2.344h-2.144v-.736h3.01v.552c0 2.16-1.323 3.264-3.193 3.264-2.235 0-3.558-1.563-3.558-3.724ZM66.734 50.978v-.092c0-2.206 1.46-3.769 3.467-3.769 1.55 0 2.828.828 2.965 2.437h-.867c-.182-1.15-.82-1.701-2.098-1.701-1.505 0-2.554 1.195-2.554 3.033v.092c0 1.885.957 3.034 2.508 3.034 1.186 0 2.053-.597 2.236-1.792h.82c-.273 1.7-1.413 2.528-3.056 2.528-2.098-.046-3.42-1.517-3.42-3.77ZM74.031 51.99V51.9c0-1.61 1.14-2.758 2.646-2.758 1.505 0 2.645 1.149 2.645 2.758v.092c0 1.654-1.14 2.758-2.645 2.758-1.551-.046-2.646-1.196-2.646-2.758Zm4.425 0V51.9c0-1.241-.684-2.069-1.734-2.069-1.094 0-1.733.828-1.733 2.069v.092c0 1.24.684 2.022 1.733 2.022 1.05 0 1.734-.827 1.734-2.022ZM80.647 49.233h.867v.827c.228-.506.82-.92 1.596-.92.684 0 1.278.276 1.551 1.012.365-.69 1.186-1.011 1.825-1.011.958 0 1.824.597 1.824 2.16v3.356h-.866v-3.402c0-.965-.41-1.333-1.14-1.333-.685 0-1.415.46-1.415 1.425v3.31h-.866v-3.402c0-.965-.41-1.333-1.14-1.333-.685 0-1.415.46-1.415 1.425v3.31h-.866v-5.424h.045ZM89.995 49.233h.867v.827c.228-.506.82-.92 1.596-.92.684 0 1.277.276 1.55 1.012.366-.69 1.187-1.011 1.825-1.011.958 0 1.825.597 1.825 2.16v3.356h-.867v-3.402c0-.965-.41-1.333-1.14-1.333-.684 0-1.414.46-1.414 1.425v3.31h-.867v-3.402c0-.965-.41-1.333-1.14-1.333-.684 0-1.414.46-1.414 1.425v3.31h-.867v-5.424h.046ZM99.258 52.636v-3.402h.866v3.402c0 .965.411 1.379 1.232 1.379.776 0 1.46-.506 1.46-1.47V49.28h.866v5.425h-.866v-.92c-.228.506-.821.966-1.688.966-1.049-.046-1.87-.598-1.87-2.115ZM105.413 49.233h.866v.873c.229-.506.822-.965 1.734-.965 1.095 0 1.87.597 1.87 2.16v3.31h-.867v-3.402c0-.965-.41-1.379-1.277-1.379-.775 0-1.505.506-1.505 1.471v3.264h-.867v-5.332h.046ZM111.434 46.567c0-.322.273-.551.547-.551.319 0 .547.275.547.551a.556.556 0 0 1-.547.552.529.529 0 0 1-.547-.552Zm.136 2.666h.867v5.425h-.867v-5.425ZM113.762 51.99V51.9c0-1.655 1.186-2.758 2.6-2.758 1.14 0 2.144.505 2.326 1.884h-.821c-.137-.873-.73-1.195-1.505-1.195-.958 0-1.734.782-1.734 2.069v.092c0 1.333.73 2.022 1.734 2.022.775 0 1.459-.46 1.551-1.333h.775c-.091 1.15-1.049 2.023-2.326 2.023-1.46 0-2.6-1.058-2.6-2.712ZM119.602 53.139c0-1.241 1.322-1.655 2.691-1.655h.775v-.414c0-.873-.319-1.24-1.14-1.24-.73 0-1.14.321-1.232.965h-.866c.091-1.242 1.094-1.701 2.143-1.701 1.05 0 1.962.413 1.962 1.93v3.586h-.867v-.69c-.41.506-.866.782-1.687.782-1.004 0-1.779-.46-1.779-1.563Zm3.466-.414v-.69h-.73c-1.094 0-1.87.277-1.87 1.058 0 .552.274.92 1.004.92.866.045 1.596-.46 1.596-1.288ZM125.76 53.279v-3.31h-.776v-.736h.776v-1.24h.866v1.24h1.232v.736h-1.232v3.264c0 .505.229.781.685.781.273 0 .456-.046.638-.092v.736a2.563 2.563 0 0 1-.73.091c-1.003-.046-1.459-.643-1.459-1.47ZM129.086 46.567c0-.322.274-.551.547-.551.274 0 .548.275.548.551a.557.557 0 0 1-.548.552.557.557 0 0 1-.547-.552Zm.137 2.666h.866v5.425h-.866v-5.425ZM131.414 51.99V51.9c0-1.61 1.14-2.758 2.646-2.758 1.505 0 2.645 1.149 2.645 2.758v.092c0 1.654-1.14 2.758-2.645 2.758-1.551-.046-2.646-1.196-2.646-2.758Zm4.425 0V51.9c0-1.241-.685-2.069-1.734-2.069-1.094 0-1.733.828-1.733 2.069v.092c0 1.24.684 2.022 1.733 2.022s1.734-.827 1.734-2.022ZM138.03 49.233h.867v.873c.228-.506.821-.965 1.733-.965 1.095 0 1.87.597 1.87 2.16v3.31h-.867v-3.402c0-.965-.41-1.379-1.277-1.379-.775 0-1.505.506-1.505 1.471v3.264h-.867v-5.332h.046ZM143.73 52.955h.822c.045.644.41 1.057 1.277 1.057.821 0 1.186-.276 1.186-.873 0-.552-.411-.736-1.232-.92-1.414-.275-1.87-.643-1.87-1.608 0-1.012.958-1.517 1.824-1.517.958 0 1.779.413 1.962 1.563h-.821c-.137-.598-.456-.828-1.141-.828-.593 0-1.003.322-1.003.782 0 .505.274.69 1.232.873 1.094.184 1.87.46 1.87 1.609 0 .965-.684 1.655-1.962 1.655-1.322-.046-2.098-.69-2.144-1.793ZM77.225.508c2.874 0 4.562 1.884 4.562 4.597 0 2.666-1.688 4.596-4.562 4.596-2.873 0-4.56-1.93-4.56-4.596 0-2.713 1.641-4.597 4.56-4.597ZM65.047 12.227h-6.25V26.43c0 1.103-.09 2.022-.364 2.758-.639 1.517-2.098 2.114-3.376 2.114-1.505 0-2.919-.551-3.558-2.114-.319-.736-.364-1.655-.364-2.758V12.227H44.84v14.571c0 1.885.182 3.54.775 4.873 1.551 3.585 4.835 5.47 9.442 5.47 4.425 0 7.71-1.885 9.26-5.47.593-1.38.776-2.988.776-4.873V12.227h-.046ZM86.756 17.149c-1.55-3.586-4.835-5.516-9.533-5.516-4.698 0-7.983 1.93-9.534 5.516-.592 1.379-.775 2.988-.775 4.872v14.664h6.25V22.527c0-1.103.09-2.022.364-2.758.639-1.517 2.098-2.252 3.695-2.252 1.596 0 3.01.69 3.695 2.252.319.736.364 1.655.364 2.758v14.204h6.25V22.067c0-1.884-.183-3.539-.776-4.918ZM137.802 12.227h-6.888l8.621 15.858v8.596h6.386v-8.596l8.712-15.858h-6.614l-5.154 9.56-5.063-9.56ZM18.746 12.227H1.367V36.68h6.25v-8.274H17.97v-5.654H7.616v-4.826h11.13v-5.7ZM125.893 36.681h6.66l-3.74-9.01c2.28-1.47 3.603-3.906 3.603-7.124 0-5.195-3.466-8.32-8.119-8.32h-11.586V36.68h6.249V28.96h3.923l3.01 7.722Zm-3.01-19.03c2.326 0 3.33 1.195 3.33 2.896 0 1.838-1.004 2.942-3.33 2.942h-3.923V17.65h3.923ZM99.03 36.681c7.982 0 12.087-4.734 12.087-12.227 0-7.4-4.607-12.227-12.498-12.227h-8.986V36.68h9.396Zm-3.148-18.938h2.6c4.06 0 6.249 2.344 6.249 6.711 0 4.459-2.189 6.711-6.25 6.711h-2.6V17.743ZM19.797 24.452c0 7.355 4.379 12.733 11.677 12.733 7.162 0 11.632-5.24 11.632-12.733 0-7.31-4.334-12.733-11.632-12.733-7.116 0-11.677 5.332-11.677 12.733Zm6.386-.184c0-4.137 2.098-6.803 5.474-6.803 3.101 0 5.2 2.712 5.2 7.17 0 4.046-2.099 6.804-5.383 6.804-3.239 0-5.291-2.758-5.291-7.171Z" fill="currentColor" /> </symbol> <symbol id="icon-video" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="M4 6.5h16a.5.5 0 0 1 .5.5v10a.5.5 0 0 1-.5.5H4a.5.5 0 0 1-.5-.5V7a.5.5 0 0 1 .5-.5ZM2 7a2 2 0 0 1 2-2h16a2 2 0 0 1 2 2v10a2 2 0 0 1-2 2H4a2 2 0 0 1-2-2V7Zm11.57 5.857L10 15V9l3.57 2.143a1 1 0 0 1 0 1.714Z" fill="currentColor" /> </symbol> <symbol id="icon-user" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="M12 4.5c.925 0 1.512.293 1.87.66.363.375.63.974.63 1.84 0 .84-.264 1.444-.634 1.829-.363.375-.952.671-1.866.671-.914 0-1.503-.296-1.866-.671C9.764 8.444 9.5 7.84 9.5 7c0-.877.263-1.474.62-1.844.348-.36.93-.656 1.88-.656ZM12 3c2.52 0 4 1.64 4 4 0 2.32-1.48 4-4 4S8 9.32 8 7c0-2.36 1.44-4 4-4Zm4.814 13.275C15.772 15.203 14.184 14.5 12 14.5c-2.23 0-3.812.706-4.84 1.771C6.123 17.346 5.5 18.943 5.5 21H4c0-4.72 2.88-8 8-8 5.04 0 8 3.28 8 8h-1.5c0-2.046-.637-3.645-1.686-4.725Z" fill="currentColor" /> </symbol> <symbol id="icon-apple-podcasts" viewBox="0 0 24 24"> <path d="M11.432 20.546c-.681-.244-.827-.575-1.107-2.515-.324-2.255-.395-3.65-.207-4.093.25-.586.927-.919 1.873-.922.94-.004 1.624.332 1.874.922.189.441.118 1.838-.207 4.093-.221 1.575-.342 1.974-.647 2.241-.418.37-1.012.473-1.575.274h-.004Zm-2.91-2.314c-2.351-1.157-3.858-3.114-4.406-5.718-.137-.673-.16-2.275-.03-2.893.342-1.655.997-2.95 2.085-4.094C7.739 3.874 9.756 3 12 3c2.222 0 4.231.858 5.761 2.461 1.164 1.21 1.819 2.491 2.154 4.179.114.561.114 2.092.007 2.724a8.091 8.091 0 0 1-3.082 5.04c-.58.437-1.994 1.2-2.222 1.2-.084 0-.092-.087-.053-.438.068-.563.136-.68.456-.814.51-.213 1.378-.831 1.91-1.366a7.27 7.27 0 0 0 1.91-3.363c.198-.784.176-2.527-.044-3.334-.695-2.567-2.787-4.56-5.351-5.093-.746-.153-2.101-.153-2.855 0-2.595.532-4.741 2.625-5.397 5.258-.175.714-.175 2.459 0 3.174.434 1.743 1.561 3.341 3.037 4.293.25.167.512.317.784.449.32.137.388.25.448.814.038.342.03.441-.053.441-.053 0-.441-.167-.852-.365l-.036-.028Zm.031-3.095c-.792-.632-1.491-1.752-1.78-2.851-.176-.664-.176-1.926.007-2.587.48-1.787 1.796-3.172 3.622-3.823.625-.22 2.008-.268 2.778-.1 2.648.588 4.529 3.24 4.165 5.871-.145 1.06-.51 1.931-1.157 2.74-.32.409-1.096 1.095-1.233 1.095-.022 0-.044-.26-.044-.575v-.573l.396-.472c1.492-1.787 1.385-4.282-.244-5.921-.631-.637-1.362-1.012-2.306-1.185-.609-.113-.738-.113-1.377-.007-.97.158-1.722.535-2.39 1.194-1.64 1.618-1.746 4.129-.254 5.917l.393.474v.58c0 .32-.026.58-.057.58-.031 0-.251-.152-.487-.343l-.032-.014Zm2.64-3.107c-.676-.316-1.042-.91-1.05-1.685 0-.696.389-1.304 1.058-1.66.427-.222 1.18-.222 1.606 0 .473.256.828.686.99 1.199.441 1.5-1.15 2.816-2.588 2.144l-.015.002Z" fill="currentColor" /> <path d="M12.114 12.325a1.898 1.898 0 1 0 0-3.795 1.898 1.898 0 0 0 0 3.796ZM12.298 13.06c.215.025.428.068.635.13a2.3 2.3 0 0 1 .636.318c.168.121.29.248.366.401.076.153.114.336.137.636.015.3.015.713-.053 1.491a53.146 53.146 0 0 1-.313 2.636c-.106.726-.182 1.05-.281 1.286a1.152 1.152 0 0 1-.845.738 1.83 1.83 0 0 1-.441.038 1.893 1.893 0 0 1-.442-.038c-.174-.038-.401-.106-.57-.243-.176-.137-.29-.335-.381-.594-.091-.259-.16-.57-.251-1.195a66.213 66.213 0 0 1-.29-2.26 18.148 18.148 0 0 1-.112-1.522c-.006-.328.008-.491.044-.647.036-.15.098-.291.183-.419a1.389 1.389 0 0 1 .661-.504c.157-.06.32-.106.485-.137.197-.038.426-.075.543-.091a.596.596 0 0 1 .248 0l.04-.024Z" fill="currentColor" /> </symbol> <symbol id="icon-arrow-up-right-from-square" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="m19.19 3.75-9.72 9.72-.53.53L10 15.06l.53-.53 9.72-9.72v4.94h1.5V3a.747.747 0 0 0-.75-.75h-6.75v1.5h4.94ZM4 5.75a.25.25 0 0 0-.25.25v14c0 .138.112.25.25.25h14a.25.25 0 0 0 .25-.25V11.717h1.5V20A1.75 1.75 0 0 1 18 21.75H4A1.75 1.75 0 0 1 2.25 20V6c0-.966.784-1.75 1.75-1.75H12.283v1.5H4Z" fill="currentColor" /> </symbol> <symbol id="icon-calendar" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="M20 5.5H4a.5.5 0 0 0-.5.5v2.25h17V6a.5.5 0 0 0-.5-.5ZM3.5 18V9.75h17V18a.5.5 0 0 1-.5.5H4a.5.5 0 0 1-.5-.5ZM4 4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h16a2 2 0 0 0 2-2V6a2 2 0 0 0-2-2H4Zm5.42 10.292c0 .75.198 1.092.696 1.092.48 0 .666-.354.666-1.098v-.156c0-.75-.198-1.098-.678-1.098-.486 0-.684.348-.684 1.092v.168Zm2.712-.03c0 1.38-.804 2.172-2.058 2.172-1.236 0-2.004-.768-2.004-2.136v-.168c0-1.374.882-2.13 2.028-2.13 1.14 0 2.034.678 2.034 2.1v.162Zm3.254 2.094h-1.362v-2.952l-.792.474V12.75l.984-.684h1.17v4.29Z" fill="currentColor" /> </symbol> <symbol id="icon-caret-down" viewBox="0 0 24 24"> <path d="m6 8 4.3 7.1c.8 1.3 2.7 1.3 3.4 0L18 8H6Z" fill="currentColor" /> </symbol> <symbol id="icon-circle-bars" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="M18.287 5.833C16.902 4.408 14.815 3.5 12 3.5c-2.87 0-4.952.91-6.32 2.329C4.303 7.256 3.5 9.353 3.5 12c0 2.58.819 4.684 2.217 6.134C7.107 19.574 9.196 20.5 12 20.5c2.804 0 4.893-.926 6.283-2.366C19.681 16.684 20.5 14.58 20.5 12c0-2.636-.822-4.735-2.213-6.167ZM22 12c0-5.9-3.7-10-10-10C5.6 2 2 6.1 2 12c0 5.8 3.7 10 10 10s10-4.2 10-10ZM7 10.75v-1.5h10v1.5H7Zm0 2.5v1.5h10v-1.5H7Z" fill="currentColor" /> </symbol> <symbol id="icon-circle-chevron-down" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="M12 3.5c2.815 0 4.902.908 6.287 2.333C19.678 7.265 20.5 9.364 20.5 12c0 2.58-.819 4.684-2.217 6.134-1.39 1.44-3.479 2.366-6.283 2.366-2.804 0-4.893-.926-6.283-2.366C4.319 16.684 3.5 14.58 3.5 12c0-2.647.803-4.744 2.18-6.171C7.048 4.41 9.13 3.5 12 3.5ZM12 2c6.3 0 10 4.1 10 10 0 5.8-3.7 10-10 10S2 17.8 2 12C2 6.1 5.6 2 12 2ZM8.326 9.97l3.536 3.536a.25.25 0 0 0 .353 0l3.536-3.535 1.06 1.06-3.535 3.536a1.75 1.75 0 0 1-2.475 0L7.266 11.03l1.06-1.06Z" fill="currentColor" /> </symbol> <symbol id="icon-circle-chevron-left" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="M12 3.5c2.815 0 4.902.908 6.287 2.333C19.678 7.265 20.5 9.364 20.5 12c0 2.58-.819 4.684-2.217 6.134-1.39 1.44-3.479 2.366-6.283 2.366-2.804 0-4.893-.926-6.283-2.366C4.319 16.684 3.5 14.58 3.5 12c0-2.647.803-4.744 2.18-6.171C7.048 4.41 9.13 3.5 12 3.5ZM12 2c6.3 0 10 4.1 10 10 0 5.8-3.7 10-10 10S2 17.8 2 12C2 6.1 5.6 2 12 2Zm1.773 6.53-3.536 3.536a.25.25 0 0 0 0 .353l3.536 3.536-1.061 1.06-3.536-3.535a1.75 1.75 0 0 1 0-2.475l3.536-3.535 1.06 1.06Z" fill="currentColor" /> </symbol> <symbol id="icon-circle-chevron-right" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="M12 3.5c2.815 0 4.902.908 6.287 2.333C19.678 7.265 20.5 9.364 20.5 12c0 2.58-.819 4.684-2.217 6.134-1.39 1.44-3.479 2.366-6.283 2.366-2.804 0-4.893-.926-6.283-2.366C4.319 16.684 3.5 14.58 3.5 12c0-2.647.803-4.744 2.18-6.171C7.048 4.41 9.13 3.5 12 3.5ZM12 2c6.3 0 10 4.1 10 10 0 5.8-3.7 10-10 10S2 17.8 2 12C2 6.1 5.6 2 12 2ZM9.712 8.53l3.535 3.536a.25.25 0 0 1 0 .353l-3.535 3.536 1.06 1.06 3.536-3.535a1.75 1.75 0 0 0 0-2.475L10.773 7.47 9.712 8.53Z" fill="currentColor" /> </symbol> <symbol id="icon-circle-chevron-up" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="M12 3.5c2.815 0 4.902.908 6.287 2.333C19.678 7.265 20.5 9.364 20.5 12c0 2.58-.819 4.684-2.217 6.134-1.39 1.44-3.479 2.366-6.283 2.366-2.804 0-4.893-.926-6.283-2.366C4.319 16.684 3.5 14.58 3.5 12c0-2.647.803-4.744 2.18-6.171C7.048 4.41 9.13 3.5 12 3.5ZM12 2c6.3 0 10 4.1 10 10 0 5.8-3.7 10-10 10S2 17.8 2 12C2 6.1 5.6 2 12 2Zm3.752 12.53-3.536-3.536a.25.25 0 0 0-.353 0l-3.536 3.535-1.06-1.06 3.535-3.536a1.75 1.75 0 0 1 2.475 0l3.536 3.536-1.061 1.06Z" fill="currentColor" /> </symbol> <symbol id="icon-circle-xmark" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="M18.287 5.833C16.902 4.408 14.815 3.5 12 3.5c-2.87 0-4.952.91-6.32 2.329C4.303 7.256 3.5 9.353 3.5 12c0 2.58.819 4.684 2.217 6.134C7.107 19.574 9.196 20.5 12 20.5c2.804 0 4.893-.926 6.283-2.366C19.681 16.684 20.5 14.58 20.5 12c0-2.636-.822-4.735-2.213-6.167ZM22 12c0-5.9-3.7-10-10-10C5.6 2 2 6.1 2 12c0 5.8 3.7 10 10 10s10-4.2 10-10Zm-9.998-1.069 3-3 1.06 1.061-3 3 3.01 3.009-1.062 1.06-3.008-3.008-3.01 3.01-1.061-1.06 3.01-3.01L7.94 8.99 9 7.93l3.002 3.002Z" fill="currentColor" /> </symbol> <symbol id="icon-chevron-down" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="m11.776 14.42-4.95-4.95-1.06 1.061 4.95 4.95a1.75 1.75 0 0 0 2.474 0l4.95-4.95-1.06-1.06-4.95 4.95a.25.25 0 0 1-.354 0Z" fill="currentColor" /> </symbol> <symbol id="icon-chevron-left" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="m10.08 11.87 4.95-4.95-1.061-1.06-4.95 4.95a1.75 1.75 0 0 0 0 2.474l4.95 4.95 1.06-1.06-4.95-4.95a.25.25 0 0 1 0-.354Z" fill="currentColor" /> </symbol> <symbol id="icon-chevron-right" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="m14.42 12.224-4.95 4.95 1.061 1.06 4.95-4.95a1.75 1.75 0 0 0 0-2.474l-4.95-4.95-1.06 1.06 4.95 4.95a.25.25 0 0 1 0 .354Z" fill="currentColor" /> </symbol> <symbol id="icon-chevron-up" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="m12.13 10.08 4.95 4.95 1.06-1.061-4.95-4.95a1.75 1.75 0 0 0-2.474 0l-4.95 4.95 1.06 1.06 4.95-4.95a.25.25 0 0 1 .354 0Z" fill="currentColor" /> </symbol> <symbol id="icon-globe" viewBox="0 0 24 24"> <path d="M19.4 4.8C17.6 3 15 2 12 2 8.9 2 6.4 3 4.6 4.8 2.9 6.6 2 9 2 12c0 2.9.9 5.4 2.6 7.2C6.4 21 9 22 12 22s5.6-1 7.4-2.8c1.7-1.8 2.6-4.3 2.6-7.2 0-2.9-.9-5.4-2.6-7.2Zm1.1 6.4H17c-.1-2.6-.5-4.8-1.3-6.5-.1-.3-.3-.6-.5-.8 1.2.4 2.2 1 3.1 1.8 1.3 1.5 2 3.3 2.2 5.5ZM12 20.5c-.9 0-1.7-.7-2.3-2-.7-1.4-1.1-3.4-1.2-5.8h7c-.1 2.3-.5 4.4-1.2 5.8-.6 1.3-1.4 2-2.3 2Zm-3.5-9.3c.1-2.3.5-4.3 1.2-5.8.6-1.3 1.4-1.9 2.3-1.9.9 0 1.7.7 2.3 1.9.7 1.4 1.1 3.4 1.2 5.8h-7ZM5.7 5.8C6.5 5 7.5 4.4 8.8 4c-.2.2-.4.5-.5.8-.8 1.6-1.2 3.8-1.3 6.4H3.5c.2-2.2.9-4 2.2-5.4Zm-2.2 6.9H7c.1 2.6.5 4.8 1.3 6.4.2.3.3.6.5.8-1.2-.4-2.2-1-3.1-1.9-1.3-1.2-2-3.1-2.2-5.3Zm14.8 5.4c-.8.9-1.9 1.5-3.1 1.9.2-.2.3-.5.5-.8.8-1.6 1.2-3.8 1.3-6.4h3.5c-.2 2.1-.9 4-2.2 5.3Z" fill="currentColor" /> </symbol> <symbol id="icon-google-podcasts" viewBox="0 0 24 24"> <path d="M12 6.9c-.606 0-1.098-.476-1.098-1.063V4.562c0-.587.492-1.062 1.098-1.062.606 0 1.098.475 1.098 1.062v1.275c0 .587-.492 1.062-1.098 1.062ZM12 15.826c-.606 0-1.098-.476-1.098-1.063V9.24c0-.587.492-1.062 1.098-1.062.606 0 1.098.475 1.098 1.062v5.524c0 .587-.492 1.063-1.098 1.063ZM10.902 19.438c0 .587.492 1.062 1.098 1.062.606 0 1.098-.476 1.098-1.062v-1.275c0-.587-.492-1.063-1.098-1.063-.606 0-1.098.476-1.098 1.063v1.275ZM8.049 17.098c-.607 0-1.098-.476-1.098-1.063v-1.274c0-.587.491-1.063 1.098-1.063.606 0 1.097.476 1.097 1.063v1.274c0 .587-.49 1.063-1.097 1.063ZM14.854 9.24c0 .586.49 1.062 1.097 1.062s1.098-.476 1.098-1.063V7.964c0-.586-.491-1.062-1.098-1.062-.606 0-1.097.476-1.097 1.062V9.24ZM8.049 12.429c-.607 0-1.098-.476-1.098-1.062V7.542c0-.587.491-1.062 1.098-1.062.606 0 1.097.475 1.097 1.062v3.825c0 .586-.49 1.062-1.097 1.062ZM14.854 16.466c0 .587.49 1.062 1.097 1.062s1.098-.475 1.098-1.062V12.64c0-.586-.491-1.062-1.098-1.062-.606 0-1.097.476-1.097 1.062v3.825ZM4.098 13.704C3.49 13.704 3 13.228 3 12.64v-1.274c0-.587.491-1.063 1.098-1.063.606 0 1.097.476 1.097 1.063v1.274c0 .587-.491 1.063-1.097 1.063ZM18.805 12.641c0 .587.491 1.063 1.097 1.063.607 0 1.098-.476 1.098-1.063v-1.274c0-.587-.491-1.063-1.098-1.063-.606 0-1.097.476-1.097 1.063v1.274Z" fill="currentColor" /> </symbol> <symbol id="icon-layer-group" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="m6.09 7.984 5.672 3.166a.5.5 0 0 0 .486 0l5.665-3.132-5.672-3.166a.5.5 0 0 0-.485 0L6.09 7.983Zm-1.546.855 6.487 3.62a2 2 0 0 0 1.943.005l6.482-3.585.055-.03.703-.389a.5.5 0 0 0 .002-.874l-.702-.392-.054-.03-6.488-3.621a2 2 0 0 0-1.942-.004L4.548 7.123l-.055.03-.704.39a.5.5 0 0 0-.001.873l.701.392.055.03Zm2.254 6.758-1.543-.861-.706.39-.055.03-.703.39a.5.5 0 0 0-.002.873l.702.392.054.03h.001l6.487 3.621a2 2 0 0 0 1.942.004l6.482-3.584.055-.03.704-.39a.5.5 0 0 0 .002-.873l-.702-.392-.055-.03-.711-.398-1.546.855.71.397-5.665 3.133a.5.5 0 0 1-.485-.001l-5.672-3.166.706-.39Zm-1.543-4.861 1.543.86-.706.391 5.672 3.166a.5.5 0 0 0 .485 0l5.666-3.132-.712-.397 1.547-.855.71.397h.001l.055.031.702.392a.5.5 0 0 1-.002.874l-.704.389-.054.03-6.483 3.585a2 2 0 0 1-1.942-.004l-6.487-3.621-.055-.03-.702-.393a.5.5 0 0 1 .002-.874l.703-.389.055-.03.706-.39Z" fill="currentColor" /> </symbol> <symbol id="icon-magnifying-glass" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="M9.5 4.5c1.726 0 2.943.538 3.726 1.319.785.783 1.274 1.952 1.274 3.484 0 1.495-.486 2.669-1.278 3.464-.787.792-2.006 1.34-3.722 1.34-1.716 0-2.935-.548-3.722-1.34-.792-.795-1.278-1.969-1.278-3.464 0-1.543.48-2.71 1.253-3.488C6.523 5.04 7.736 4.5 9.5 4.5Zm0-1.5C13.595 3 16 5.584 16 9.303c0 3.656-2.405 6.303-6.5 6.303-4.095 0-6.5-2.647-6.5-6.303C3 5.584 5.34 3 9.5 3Zm6.405 11.845a.75.75 0 1 0-1.06 1.06l5.5 5.5 1.06-1.06-5.5-5.5Z" fill="currentColor" /> </symbol> <symbol id="icon-play" viewBox="0 0 24 24"> <path d="m7 20 10.002-6.155c1.374-.846 1.374-2.844 0-3.69L7 4v16Z" fill="currentColor" /> </symbol> <symbol id="icon-podcast" viewBox="0 0 24 24"> <path fill-rule="evenodd" clip-rule="evenodd" d="M9.75 2.25v19.5h-1.5V2.25h1.5Zm3 17.5V4.25h-1.5v15.5h1.5Zm-6-12.5v9.5h-1.5v-9.5h1.5Zm12 3v3.5h-1.5v-3.5h1.5Zm-3 5.5v-7.5h-1.5v7.5h1.5Zm-13-4.25c.473 0 .75.307.75.75 0 .435-.277.75-.75.75S2 12.685 2 12.25c0-.443.27-.75.75-.75Zm19.25.75c0-.443-.277-.75-.75-.75-.48 0-.75.307-.75.75 0 .435.277.75.75.75s.75-.315.75-.75Z" fill="currentColor" /> </symbol> <symbol id="icon-quote" viewBox="0 0 24 24"> <path d="M0 15.224v.147C0 18.375 2.32 20.5 5.366 20.5c3.045 0 5.22-2.125 5.22-5.13v-.146c0-2.345-1.305-4.103-3.408-4.836L9.208 3.5H3.77l-2.755 7.62C.29 12.88 0 14.126 0 15.225Zm13.414 0v.147c0 3.004 2.32 5.129 5.365 5.129 3.046 0 5.221-2.125 5.221-5.13v-.146c0-2.345-1.305-4.103-3.408-4.836l2.03-6.888h-5.438l-2.755 7.62c-.725 1.76-1.015 3.005-1.015 4.104Z" fill="currentColor" /> </symbol> <symbol id="icon-rss" viewBox="0 0 24 24"> <path d="M5.5 17c.945 0 1.5.615 1.5 1.5 0 .87-.555 1.5-1.5 1.5S4 19.37 4 18.5c0-.885.54-1.5 1.5-1.5Z" fill="currentColor" /> <path d="M18.405 20v.05H19.159V20A15.159 15.159 0 0 0 4 4.84h-.05V5.596H4a14.405 14.405 0 0 1 14.405 14.404Z" fill="currentColor" stroke="currentColor" stroke-width=".5" /> <path d="M12.06 19.997v.1h.568v-.1A8.628 8.628 0 0 0 4 11.37h-.1v.569H4a8.06 8.06 0 0 1 8.06 8.06Z" fill="currentColor" stroke="currentColor" stroke-width=".5" /> </symbol> <symbol id="icon-soundcloud" viewBox="0 0 24 24"> <path d="M7 17h1.25V9.128a3.214 3.214 0 0 0-1.25.69V17Zm-2.5-5.325v5.316l.08.009h1.17v-5.334H4.58l-.08.009ZM2 14.332c0 .968.504 1.808 1.25 2.276V12.06A2.675 2.675 0 0 0 2 14.332ZM9.5 17h1.25V9.475A3.12 3.12 0 0 0 9.5 9.03V17Zm9.92-5.333h-.704c.036-.218.058-.439.058-.667 0-2.21-1.733-4-3.87-4-1.16 0-2.195.534-2.904 1.37V17h7.42c1.424 0 2.58-1.194 2.58-2.668 0-1.472-1.156-2.665-2.58-2.665Z" fill="currentColor" /> </symbol> <symbol id="icon-facebook" viewBox="0 0 12 12"> <path fill="none" stroke="currentColor" stroke-miterlimit="10" stroke-width=".75" d="M10.125 5.625a4.501 4.501 0 0 1-9 0 4.501 4.501 0 0 1 9 0Zm0 0"/><path fill="currentColor" d="M10.098 6.102c.004-.008.004-.016.004-.02 0 .004 0 .012-.004.02ZM1.148 6.078c0 .012.004.02.004.027 0-.007-.004-.015-.004-.027ZM6.234 6.816h1.164l.184-1.183H6.234v-.645c0-.492.16-.926.621-.926h.739V3.027c-.13-.015-.407-.054-.926-.054-1.082 0-1.715.57-1.715 1.875v.785H3.84v1.183h1.113v3.254c.219.032.442.055.672.055.207 0 .41-.02.61-.047Zm0 0"/> </symbol> <symbol id="icon-messenger" viewBox="0 0 12 12"> <path fill="currentColor" d="M2.25 6.75 4.5 4.5l2.25.75L9 4.5 6.75 6.75 4.5 6Zm0 0"/><path fill="none" stroke="currentColor" stroke-miterlimit="10" stroke-width=".75" d="M5.625 1.125c-2.484 0-4.5 1.922-4.5 4.297 0 1.332.5 2.414 1.5 3.203v1.5l1.406-.938c.657.094 1.059.188 1.594.188 2.484 0 4.5-1.582 4.5-3.953 0-2.375-2.016-4.297-4.5-4.297Zm0 0"/> </symbol> <symbol id="icon-linkedin" viewBox="0 0 22.5 22.5"> <path style=" stroke:none;fill-rule:nonzero;fill:currentColor;fill-opacity:1;" d="M 6.601562 18.332031 L 2.933594 18.332031 L 2.933594 7.332031 L 6.601562 7.332031 Z M 4.765625 5.867188 C 3.753906 5.867188 2.933594 5.042969 2.933594 4.03125 C 2.933594 3.019531 3.753906 2.199219 4.765625 2.199219 C 5.777344 2.199219 6.601562 3.023438 6.601562 4.03125 C 6.601562 5.042969 5.777344 5.867188 4.765625 5.867188 Z M 19.800781 18.332031 L 16.273438 18.332031 L 16.273438 12.980469 C 16.273438 11.703125 16.25 10.0625 14.441406 10.0625 C 12.605469 10.0625 12.324219 11.453125 12.324219 12.886719 L 12.324219 18.332031 L 8.800781 18.332031 L 8.800781 7.324219 L 12.183594 7.324219 L 12.183594 8.828125 L 12.230469 8.828125 C 12.703125 7.964844 13.851562 7.050781 15.570312 7.050781 C 19.140625 7.050781 19.800781 9.332031 19.800781 12.296875 C 19.800781 12.296875 19.800781 18.332031 19.800781 18.332031 Z M 19.800781 18.332031 "/> </symbol> <symbol id="icon-email" viewBox="0 0 12 12"> <g fill="none" stroke="currentColor" stroke-miterlimit="10"> <path stroke-width=".75" d="M10.125 9.375h-8.25a.75.75 0 0 1-.75-.75v-6a.75.75 0 0 1 .75-.75h8.25a.75.75 0 0 1 .75.75v6a.75.75 0 0 1-.75.75Zm0 0"/><path stroke-width=".75" d="M1.39 2.434 6 5.625l4.61-3.191"/> </g> </symbol> <symbol id="icon-x" viewBox="0 0 12 12"> <g fill="currentColor"><path d="M10.277 10.5H8.082a.752.752 0 0 1-.613-.316l-5.93-8.329a.225.225 0 0 1 .184-.355h2.195c.242 0 .473.117.613.316l5.93 8.329a.225.225 0 0 1-.184.355Zm-2.195-.75h1.176l-5.34-7.5H2.742Zm0 0"/><path d="m6.707 5.52 3.387-4.02h-.977L6.254 4.883ZM5.117 6.234 1.507 10.5h1L5.57 6.867Zm0 0"/></g> </symbol> <symbol id="icon-print" viewBox="0 0 12 12"> <path fill="none" stroke="currentColor" stroke-miterlimit="10" stroke-width=".75" d="M3.375 8.625h-1.5a.75.75 0 0 1-.75-.75v-3a.75.75 0 0 1 .75-.75h8.25a.75.75 0 0 1 .75.75v3a.75.75 0 0 1-.75.75h-1.5M3.375 1.875h5.25v2.25h-5.25Zm0 0"/><path fill="none" stroke="currentColor" stroke-miterlimit="10" stroke-width=".75" d="M3.375 7.125h5.25v3h-5.25Zm0 0"/><path fill="currentColor" d="M3 5.625a.375.375 0 1 1-.75 0 .375.375 0 0 1 .75 0Zm0 0"/> </symbol> <symbol id="icon-whatsapp" viewBox="0 0 12 12"> <path fill="currentColor" d="M7.984 6.738c-.129-.07-.765-.406-.882-.453-.118-.047-.207-.07-.293.07a8.182 8.182 0 0 1-.407.543c-.074.094-.152.106-.28.036-.13-.07-.548-.215-1.04-.692a4.189 4.189 0 0 1-.719-.96c-.074-.141-.008-.216.059-.286.058-.062.129-.164.191-.242.067-.082.086-.14.13-.234.046-.094.023-.172-.009-.243-.035-.07-.293-.757-.398-1.035-.106-.27-.215-.234-.293-.238C3.969 3 3.883 3 3.797 3a.456.456 0 0 0-.344.176C3.332 3.312 3 3.648 3 4.336c0 .684.46 1.344.527 1.437.063.094.91 1.5 2.207 2.102.309.145.547.23.735.293.308.105.593.09.816.055.246-.04.762-.336.871-.66.106-.325.106-.606.074-.665-.03-.058-.117-.09-.246-.16Zm0 0"/><path fill="none" stroke="currentColor" stroke-miterlimit="10" stroke-width=".75" d="M5.625 1.125a4.501 4.501 0 0 0-4.5 4.5c0 .973.313 1.867.836 2.605l-.649 1.801 1.989-.558c.68.41 1.472.652 2.324.652a4.501 4.501 0 0 0 0-9Zm0 0"/> </symbol> <symbol id="icon-telegram" viewBox="0 0 18 18"> <path style=" stroke:none;fill-rule:nonzero;fill:currentColor;fill-opacity:1;" d="M 15.226562 2.238281 C 15.011719 2.246094 14.8125 2.308594 14.636719 2.378906 C 14.476562 2.441406 13.894531 2.6875 12.972656 3.074219 C 12.050781 3.460938 10.828125 3.972656 9.523438 4.523438 C 6.914062 5.617188 3.984375 6.851562 2.484375 7.484375 C 2.433594 7.503906 2.222656 7.570312 1.992188 7.746094 C 1.761719 7.921875 1.503906 8.308594 1.503906 8.726562 C 1.503906 9.066406 1.671875 9.410156 1.875 9.609375 C 2.082031 9.808594 2.289062 9.898438 2.460938 9.96875 L 2.460938 9.964844 C 3.046875 10.199219 4.792969 10.898438 5.210938 11.066406 C 5.355469 11.507812 5.988281 13.402344 6.140625 13.875 C 6.246094 14.214844 6.347656 14.433594 6.492188 14.617188 C 6.566406 14.707031 6.652344 14.789062 6.757812 14.855469 C 6.796875 14.882812 6.84375 14.902344 6.886719 14.917969 C 6.894531 14.921875 6.902344 14.921875 6.90625 14.925781 L 6.890625 14.921875 C 6.902344 14.925781 6.914062 14.933594 6.925781 14.9375 C 6.949219 14.945312 6.964844 14.945312 6.992188 14.953125 C 7.097656 14.984375 7.199219 15.003906 7.292969 15.003906 C 7.699219 15.003906 7.949219 14.78125 7.949219 14.785156 L 7.96875 14.769531 L 9.726562 13.28125 L 11.882812 15.277344 C 11.921875 15.332031 12.230469 15.75 12.945312 15.75 C 13.371094 15.75 13.710938 15.539062 13.925781 15.316406 C 14.140625 15.097656 14.273438 14.871094 14.335938 14.5625 C 14.382812 14.3125 16.449219 3.949219 16.449219 3.949219 L 16.445312 3.96875 C 16.507812 3.679688 16.527344 3.402344 16.453125 3.121094 C 16.375 2.835938 16.171875 2.5625 15.925781 2.417969 C 15.675781 2.273438 15.445312 2.230469 15.226562 2.238281 Z M 14.929688 3.878906 C 14.847656 4.289062 13 13.578125 12.886719 14.160156 L 9.773438 11.28125 L 7.667969 13.058594 L 8.25 10.78125 C 8.25 10.78125 12.273438 6.710938 12.515625 6.472656 C 12.710938 6.285156 12.75 6.21875 12.75 6.152344 C 12.75 6.0625 12.703125 6 12.601562 6 C 12.507812 6 12.378906 6.089844 12.3125 6.132812 C 11.453125 6.667969 7.800781 8.75 6.003906 9.769531 C 5.894531 9.726562 4.273438 9.074219 3.398438 8.726562 C 4.953125 8.070312 7.621094 6.949219 10.105469 5.90625 C 11.40625 5.355469 12.628906 4.84375 13.550781 4.457031 C 14.332031 4.128906 14.738281 3.960938 14.929688 3.878906 Z M 12.863281 14.269531 C 12.863281 14.269531 12.867188 14.269531 12.867188 14.269531 C 12.867188 14.269531 12.863281 14.273438 12.863281 14.273438 C 12.863281 14.269531 12.863281 14.273438 12.863281 14.269531 Z M 12.863281 14.269531 "/> </symbol> <symbol id="icon-reddit" viewBox="0 0 12 12"> <path fill="none" stroke="currentcoLOR" stroke-miterlimit="10" stroke-width=".75" d="M5.625 3.383c-2.5 0-4.5 1.52-4.5 3.375s2 3.375 4.5 3.375 4.5-1.52 4.5-3.375c0-1.856-2-3.375-4.5-3.375Zm0 0"/><path fill="currentcoLOR" d="M4.5 6A.75.75 0 1 1 3 6a.75.75 0 0 1 1.5 0ZM8.25 6a.75.75 0 1 1-1.5 0 .75.75 0 0 1 1.5 0ZM5.625 8.25c-.727 0-1.488-.375-1.875-.75.215.7 1.02 1.5 1.875 1.5s1.66-.75 1.875-1.5c-.387.43-1.148.75-1.875.75Zm0 0"/><path fill="none" stroke="currentcoLOR" stroke-miterlimit="10" stroke-width=".75" d="M1.105 6.492c-.855-.46-.89-1.496-.46-2.035.43-.48 1.386-.43 1.792.137M8.813 4.594c.414-.57 1.363-.617 1.792-.133.43.535.395 1.57-.46 2.031"/><path fill="currentcoLOR" d="M9.75.75a.75.75 0 1 0 0 1.5.75.75 0 0 0 0-1.5Zm0 0"/><path fill="none" stroke="currentcoLOR" stroke-miterlimit="10" stroke-width=".75" d="M5.625 3.281V2.25c0-.691.48-1.125 1.125-1.125s1.191.75 2.531.75h.469"/> </symbol> <symbol id="icon-gnews" viewBox="0 0 18 18"> <path style=" stroke:none;fill-rule:nonzero;fill:currentColor;fill-opacity:1;" d="M 1.5 1.5 L 1.5 15 C 1.5 15.828125 2.175781 16.5 3 16.5 L 12 16.5 L 16.5 12 L 16.5 1.5 L 15 3 L 13.5 1.5 L 12 3 L 10.5 1.5 L 9 3 L 7.5 1.5 L 6 3 L 4.5 1.5 L 3 3 Z M 4.5 3.375 C 4.5 3.375 5.25 4.5 6 4.5 C 6.726562 4.5 7.5 3.375 7.5 3.375 C 7.5 3.375 8.226562 4.5 9 4.5 C 9.726562 4.5 10.5 3.375 10.5 3.375 C 10.5 3.375 11.273438 4.5 12 4.5 C 12.703125 4.5 13.5 3.375 13.5 3.375 C 13.5 3.375 14.273438 4.5 15 4.5 L 15 12 L 9.75 12 L 9.75 12.75 L 12 12.75 L 12 13.5 L 9.75 13.5 L 9.75 14.25 L 12 14.25 L 12 15 L 3 15 L 3 4.5 C 3.703125 4.5 4.5 3.375 4.5 3.375 Z M 3.75 5.25 L 3.75 6.75 L 14.25 6.75 L 14.25 5.25 Z M 3.75 7.5 L 3.75 12.75 L 9 12.75 L 9 7.5 Z M 9.75 7.5 L 9.75 8.25 L 14.25 8.25 L 14.25 7.5 Z M 5.25 8.25 L 5.25 9 L 6 8.25 L 7.5 8.25 L 8.25 9 L 6.75 9 L 6.75 10.5 L 7.5 9.75 L 8.25 9.75 L 8.25 11.25 L 7.5 12 L 5.25 12 L 4.5 11.25 L 4.5 9 Z M 6.75 10.5 L 6 11.25 L 7.5 11.25 L 7.5 10.5 Z M 6 11.25 L 6 9 L 5.25 9 L 5.25 11.25 Z M 9.75 9 L 9.75 9.75 L 14.25 9.75 L 14.25 9 Z M 9.75 10.5 L 9.75 11.25 L 14.25 11.25 L 14.25 10.5 Z M 3.75 13.5 L 3.75 14.25 L 9 14.25 L 9 13.5 Z M 3.75 13.5 "/> </symbol> <symbol id="icon-instagram" viewBox="0 0 12 12"> <path fill="none" stroke="currentColor" stroke-miterlimit="10" stroke-width=".75" d="M3.578 10.125h4.094a2.452 2.452 0 0 0 2.453-2.453V3.578a2.452 2.452 0 0 0-2.453-2.453H3.578a2.452 2.452 0 0 0-2.453 2.453v4.094a2.452 2.452 0 0 0 2.453 2.453Zm0 0"/><path fill="none" stroke="currentColor" stroke-miterlimit="10" stroke-width=".75" d="M7.875 5.625a2.25 2.25 0 1 1-4.501-.001 2.25 2.25 0 0 1 4.501.001Zm0 0"/><path fill="currentColor" d="M9 2.625a.375.375 0 1 1-.75 0 .375.375 0 0 1 .75 0Zm0 0"/> <path style=" stroke:none;fill-rule:nonzero;fill:currentColor;fill-opacity:1;" d="M 6 2.25 C 3.929688 2.25 2.25 3.929688 2.25 6 L 2.25 12 C 2.25 14.070312 3.929688 15.75 6 15.75 L 12 15.75 C 14.070312 15.75 15.75 14.070312 15.75 12 L 15.75 6 C 15.75 3.929688 14.070312 2.25 12 2.25 Z M 13.5 3.75 C 13.914062 3.75 14.25 4.085938 14.25 4.5 C 14.25 4.914062 13.914062 5.25 13.5 5.25 C 13.085938 5.25 12.75 4.914062 12.75 4.5 C 12.75 4.085938 13.085938 3.75 13.5 3.75 Z M 9 5.25 C 11.070312 5.25 12.75 6.929688 12.75 9 C 12.75 11.070312 11.070312 12.75 9 12.75 C 6.929688 12.75 5.25 11.070312 5.25 9 C 5.25 6.929688 6.929688 5.25 9 5.25 Z M 9 6.75 C 7.757812 6.75 6.75 7.757812 6.75 9 C 6.75 10.242188 7.757812 11.25 9 11.25 C 10.242188 11.25 11.25 10.242188 11.25 9 C 11.25 7.757812 10.242188 6.75 9 6.75 Z M 9 6.75 "/> </symbol> <symbol id="icon-xing" viewBox="0 0 12 12"> <g fill="none" stroke="currentColor" stroke-linejoin="round" stroke-miterlimit="10"><path stroke-width=".75" d="M4.223 7.125H2.828a.204.204 0 0 1-.176-.086.192.192 0 0 1 0-.2l1.606-2.425v-.008l-.824-1.504c-.04-.07-.043-.14-.008-.195.035-.055.101-.082.183-.082h1.36c.207 0 .308.129.379.242 0 0 .832 1.531.84 1.54-.055.093-1.594 2.468-1.594 2.468-.07.121-.168.25-.371.25ZM10.098 1.406 6.844 6.488c-.004.004-.004.008 0 .008l2.16 3.344c.039.074.039.144.004.203-.035.055-.102.082-.184.082H7.47c-.207 0-.313-.133-.38-.246 0 0-2.167-3.375-2.175-3.383.098-.164 3.27-5.125 3.27-5.125.07-.125.16-.246.363-.246h1.371c.082 0 .145.027.18.082.035.055.035.129 0 .2Zm0 0"/></g> </symbol> <symbol id="icon-spotify" viewBox="0 0 12 12"> <path fill="currentColor" d="M7.418 8.008c-.07 0-.137-.035-.207-.07-.66-.38-1.457-.586-2.32-.586-.485 0-.97.066-1.418.171-.07 0-.176.036-.207.036a.273.273 0 0 1-.278-.278c0-.172.102-.277.242-.312a6.972 6.972 0 0 1 1.696-.207c.969 0 1.867.242 2.629.691.105.07.175.137.175.313a.338.338 0 0 1-.312.242Zm.484-1.176c-.105 0-.172-.035-.242-.07-.726-.45-1.73-.727-2.875-.727a5.7 5.7 0 0 0-1.453.172c-.102.035-.137.035-.207.035a.344.344 0 0 1-.344-.344c0-.21.102-.312.274-.382a6.463 6.463 0 0 1 1.765-.243c1.18 0 2.32.278 3.22.832.14.067.21.207.21.344-.004.207-.14.383-.348.383Zm.555-1.387c-.105 0-.14-.035-.242-.07-.832-.484-2.078-.762-3.29-.762-.624 0-1.245.07-1.8.211-.07 0-.137.031-.242.031-.242.036-.414-.171-.414-.414 0-.242.136-.378.312-.414.656-.207 1.348-.277 2.145-.277 1.316 0 2.699.277 3.738.867a.439.439 0 0 1 .242.414c-.035.242-.207.414-.449.414Zm0 0"/><path fill="none" stroke="currentColor" stroke-miterlimit="10" stroke-width=".75" d="M5.625 1.125a4.491 4.491 0 0 0-4.5 4.5c0 2.492 2.008 4.5 4.5 4.5s4.5-2.008 4.5-4.5-2.008-4.5-4.5-4.5Zm0 0"/> </symbol> <symbol id="icon-youtube" viewBox="0 0 12 12"> <path fill="currentColor" d="M4.5 7.5V3.75l3.75 1.875Zm0 0"/><path fill="none" stroke="currentColor" stroke-miterlimit="10" stroke-width=".75" d="M10.668 8.098a1.223 1.223 0 0 1-1.02 1c-.812.12-2.156.277-3.648.277-1.496 0-2.836-.156-3.648-.277a1.223 1.223 0 0 1-1.02-1 14.184 14.184 0 0 1-.207-2.473c0-1.059.105-1.902.207-2.473a1.224 1.224 0 0 1 1.016-1A25.369 25.369 0 0 1 6 1.875c1.504 0 2.84.156 3.648.277.516.075.926.477 1.02 1 .102.57.207 1.414.207 2.473s-.105 1.898-.207 2.473Zm0 0"/> </symbol> </defs> </svg>  <footer class="footer"> <div class="container footer__container"> <div class="grid footer__content"> <div class="col-12 col-9@lg grid grid--cols-9@lg footer__main"> <div class="col-12 col-6@md col-3@lg footer__menu"> <details class="accordion" data-accordion-enabled="mobile" data-accordion-expanded="desktop"> <summary data-accordion-summary class="accordion__summary"> <div class="accordion__title"> <div class="footer__menu-title">About</div> </div> <div class="accordion__icon"> <svg class="icon" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" > <use xlink:href="#icon-circle-chevron-down"></use> </svg> </div> </summary> <div class="accordion__content" data-accordion-content> <nav data-content aria-label="About navigation menu"> <ul class="footer__menu-items"> <li class="footer__menu-item"> <a href="https://www.csoonline.com/about-us/" class="footer__menu-link">About Us</a> </li> <li class="footer__menu-item"> <a href="https://foundryco.com/our-brands/cso/" class="footer__menu-link">Advertise</a> </li> <li class="footer__menu-item"> <a href="https://www.csoonline.com/contact-us/" class="footer__menu-link">Contact Us</a> </li> <li class="footer__menu-item"> <a href="https://foundryco.com/work-here/" class="footer__menu-link">Foundry Careers</a> </li> <li class="footer__menu-item"> <a href="https://www.csoonline.com/contact-us/#republication-permissions" class="footer__menu-link">Reprints</a> </li> <li class="footer__menu-item"> <a href="https://www.csoonline.com/asean/newsletters/signup/" class="footer__menu-link">Newsletters</a> </li> <li class="footer__menu-item"> <a href="https://www.csoonline.com/asean/brandposts/" class="footer__menu-link">BrandPosts</a> </li> </ul> </nav> </div> </details> </div> <div class="col-12 col-6@md col-3@lg footer__menu"> <details class="accordion" data-accordion-enabled="mobile" data-accordion-expanded="desktop"> <summary data-accordion-summary class="accordion__summary"> <div class="accordion__title"> <div class="footer__menu-title">Policies</div> </div> <div class="accordion__icon"> <svg class="icon" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" > <use xlink:href="#icon-circle-chevron-down"></use> </svg> </div> </summary> <div class="accordion__content" data-accordion-content> <nav data-content aria-label="Policies navigation menu"> <ul class="footer__menu-items"> <li class="footer__menu-item"> <a href="https://foundryco.com/terms-of-service-agreement/" class="footer__menu-link">Terms of Service</a> </li> <li class="footer__menu-item"> <a href="https://www.csoonline.com/privacy-policy/" class="footer__menu-link">Privacy Policy</a> </li> <li class="footer__menu-item"> <a href="https://www.csoonline.com/cookie-policy/" class="footer__menu-link">Cookie Policy</a> </li> <li class="footer__menu-item"> <a href="https://foundryco.com/copyright-notice/" class="footer__menu-link">Copyright Notice</a> </li> <li class="footer__menu-item"> <a href="https://www.csoonline.com/member-preferences/" class="footer__menu-link">Member Preferences</a> </li> <li class="footer__menu-item"> <a href="https://www.csoonline.com/about-adchoices/" class="footer__menu-link">About AdChoices</a> </li> <li class="footer__menu-item"> <a href="https://www.csoonline.com/affiliates/" class="footer__menu-link">E-commerce Links</a> </li> <li class="footer__menu-item"> <a href="https://www.csoonline.com/your-california-privacy-rights/" class="footer__menu-link">Your California Privacy Rights</a> </li> <li class="footer__menu-item"> <a class="ccpa-btn eea-consent-ui footer__menu-link">Privacy Settings</a> </li> </ul> </nav> </div> </details> </div> <div class="col-12 col-6@md col-3@lg footer__menu"> <details class="accordion" data-accordion-enabled="mobile" data-accordion-expanded="desktop"> <summary data-accordion-summary class="accordion__summary"> <div class="accordion__title"> <div class="footer__menu-title">Our Network</div> </div> <div class="accordion__icon"> <svg class="icon" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" > <use xlink:href="#icon-circle-chevron-down"></use> </svg> </div> </summary> <div class="accordion__content" data-accordion-content> <nav data-content aria-label="Our Network navigation menu"> <ul class="footer__menu-items"> <li class="footer__menu-item"> <a href="https://www.cio.com" target="_blank" class="footer__menu-link">CIO</a> </li> <li class="footer__menu-item"> <a href="https://www.computerworld.com" target="_blank" class="footer__menu-link">Computerworld</a> </li> <li class="footer__menu-item"> <a href="https://www.infoworld.com" target="_blank" class="footer__menu-link">Infoworld</a> </li> <li class="footer__menu-item"> <a href="https://www.networkworld.com" target="_blank" class="footer__menu-link">Network World</a> </li> </ul> </nav> </div> </details> </div> <div class="col-12 col-9@lg footer__logo-container"> <a href="https://foundryco.com/" target="_blank" rel="noreferrer" aria-label="Go to Foundry website"> <svg width="156" height="57" viewBox="0 0 156 57" fill="none" xmlns="http://www.w3.org/2000/svg"> <path d="M1.367 47.258v7.355h.912v-3.31h2.646v-.735H2.28v-2.62h3.376v-.69H1.367ZM6.113 51.99V51.9c0-1.61 1.14-2.758 2.646-2.758 1.505 0 2.646 1.149 2.646 2.758v.092c0 1.654-1.14 2.758-2.646 2.758-1.551-.046-2.646-1.196-2.646-2.758Zm4.38 0V51.9c0-1.241-.685-2.069-1.734-2.069-1.095 0-1.733.828-1.733 2.069v.092c0 1.24.684 2.022 1.733 2.022s1.733-.827 1.733-2.022ZM12.727 49.233h.866v.965c.32-.598.821-1.011 1.78-1.057v.827c-1.096.046-1.78.414-1.78 1.747v2.988h-.866v-5.47ZM16.557 49.233h.867v.827c.228-.506.821-.92 1.596-.92.685 0 1.278.276 1.551 1.012.365-.69 1.186-1.011 1.825-1.011.958 0 1.825.597 1.825 2.16v3.356h-.867v-3.402c0-.965-.41-1.333-1.14-1.333-.685 0-1.415.46-1.415 1.425v3.31h-.866v-3.402c0-.965-.41-1.333-1.14-1.333-.685 0-1.415.46-1.415 1.425v3.31h-.866v-5.424h.045ZM25.5 51.99V51.9c0-1.655 1.05-2.758 2.509-2.758 1.231 0 2.417.735 2.417 2.666v.276h-4.06c.046 1.24.64 1.93 1.734 1.93.821 0 1.323-.322 1.414-.92h.867c-.183 1.104-1.095 1.656-2.281 1.656-1.505-.046-2.6-1.104-2.6-2.758Zm4.06-.597c-.092-1.103-.639-1.563-1.551-1.563-.867 0-1.46.598-1.597 1.563h3.148ZM31.746 49.233h.867v.965c.32-.598.82-1.011 1.779-1.057v.827c-1.095.046-1.78.414-1.78 1.747v2.988h-.866v-5.47ZM36.492 46.61h-.867v7.998h.867v-7.999ZM39.731 54.061l-2.098-4.827h.912l1.642 3.862 1.46-3.862h.867l-2.965 7.263h-.822l1.004-2.436ZM47.483 47.258h-.913v7.4h.913v-7.4ZM49.355 47.258h1.962c2.509 0 3.695 1.563 3.695 3.631v.092c0 2.069-1.186 3.678-3.74 3.678h-1.916v-7.401Zm1.916 6.62c1.87 0 2.828-1.15 2.828-2.943v-.092c0-1.7-.82-2.896-2.828-2.896h-1.003v5.93h1.003ZM56.152 50.978v-.092c0-2.16 1.46-3.769 3.558-3.769 1.46 0 2.783.69 2.965 2.345h-.912c-.228-1.196-1.004-1.655-2.053-1.655-1.688 0-2.645 1.24-2.645 3.034v.091c0 1.84.912 3.034 2.645 3.034 1.597 0 2.28-1.057 2.327-2.344h-2.144v-.736h3.01v.552c0 2.16-1.323 3.264-3.193 3.264-2.235 0-3.558-1.563-3.558-3.724ZM66.734 50.978v-.092c0-2.206 1.46-3.769 3.467-3.769 1.55 0 2.828.828 2.965 2.437h-.867c-.182-1.15-.82-1.701-2.098-1.701-1.505 0-2.554 1.195-2.554 3.033v.092c0 1.885.957 3.034 2.508 3.034 1.186 0 2.053-.597 2.236-1.792h.82c-.273 1.7-1.413 2.528-3.056 2.528-2.098-.046-3.42-1.517-3.42-3.77ZM74.031 51.99V51.9c0-1.61 1.14-2.758 2.646-2.758 1.505 0 2.645 1.149 2.645 2.758v.092c0 1.654-1.14 2.758-2.645 2.758-1.551-.046-2.646-1.196-2.646-2.758Zm4.425 0V51.9c0-1.241-.684-2.069-1.734-2.069-1.094 0-1.733.828-1.733 2.069v.092c0 1.24.684 2.022 1.733 2.022 1.05 0 1.734-.827 1.734-2.022ZM80.647 49.233h.867v.827c.228-.506.82-.92 1.596-.92.684 0 1.278.276 1.551 1.012.365-.69 1.186-1.011 1.825-1.011.958 0 1.824.597 1.824 2.16v3.356h-.866v-3.402c0-.965-.41-1.333-1.14-1.333-.685 0-1.415.46-1.415 1.425v3.31h-.866v-3.402c0-.965-.41-1.333-1.14-1.333-.685 0-1.415.46-1.415 1.425v3.31h-.866v-5.424h.045ZM89.995 49.233h.867v.827c.228-.506.82-.92 1.596-.92.684 0 1.277.276 1.55 1.012.366-.69 1.187-1.011 1.825-1.011.958 0 1.825.597 1.825 2.16v3.356h-.867v-3.402c0-.965-.41-1.333-1.14-1.333-.684 0-1.414.46-1.414 1.425v3.31h-.867v-3.402c0-.965-.41-1.333-1.14-1.333-.684 0-1.414.46-1.414 1.425v3.31h-.867v-5.424h.046ZM99.258 52.636v-3.402h.866v3.402c0 .965.411 1.379 1.232 1.379.776 0 1.46-.506 1.46-1.47V49.28h.866v5.425h-.866v-.92c-.228.506-.821.966-1.688.966-1.049-.046-1.87-.598-1.87-2.115ZM105.413 49.233h.866v.873c.229-.506.822-.965 1.734-.965 1.095 0 1.87.597 1.87 2.16v3.31h-.867v-3.402c0-.965-.41-1.379-1.277-1.379-.775 0-1.505.506-1.505 1.471v3.264h-.867v-5.332h.046ZM111.434 46.567c0-.322.273-.551.547-.551.319 0 .547.275.547.551a.556.556 0 0 1-.547.552.529.529 0 0 1-.547-.552Zm.136 2.666h.867v5.425h-.867v-5.425ZM113.762 51.99V51.9c0-1.655 1.186-2.758 2.6-2.758 1.14 0 2.144.505 2.326 1.884h-.821c-.137-.873-.73-1.195-1.505-1.195-.958 0-1.734.782-1.734 2.069v.092c0 1.333.73 2.022 1.734 2.022.775 0 1.459-.46 1.551-1.333h.775c-.091 1.15-1.049 2.023-2.326 2.023-1.46 0-2.6-1.058-2.6-2.712ZM119.602 53.139c0-1.241 1.322-1.655 2.691-1.655h.775v-.414c0-.873-.319-1.24-1.14-1.24-.73 0-1.14.321-1.232.965h-.866c.091-1.242 1.094-1.701 2.143-1.701 1.05 0 1.962.413 1.962 1.93v3.586h-.867v-.69c-.41.506-.866.782-1.687.782-1.004 0-1.779-.46-1.779-1.563Zm3.466-.414v-.69h-.73c-1.094 0-1.87.277-1.87 1.058 0 .552.274.92 1.004.92.866.045 1.596-.46 1.596-1.288ZM125.76 53.279v-3.31h-.776v-.736h.776v-1.24h.866v1.24h1.232v.736h-1.232v3.264c0 .505.229.781.685.781.273 0 .456-.046.638-.092v.736a2.563 2.563 0 0 1-.73.091c-1.003-.046-1.459-.643-1.459-1.47ZM129.086 46.567c0-.322.274-.551.547-.551.274 0 .548.275.548.551a.557.557 0 0 1-.548.552.557.557 0 0 1-.547-.552Zm.137 2.666h.866v5.425h-.866v-5.425ZM131.414 51.99V51.9c0-1.61 1.14-2.758 2.646-2.758 1.505 0 2.645 1.149 2.645 2.758v.092c0 1.654-1.14 2.758-2.645 2.758-1.551-.046-2.646-1.196-2.646-2.758Zm4.425 0V51.9c0-1.241-.685-2.069-1.734-2.069-1.094 0-1.733.828-1.733 2.069v.092c0 1.24.684 2.022 1.733 2.022s1.734-.827 1.734-2.022ZM138.03 49.233h.867v.873c.228-.506.821-.965 1.733-.965 1.095 0 1.87.597 1.87 2.16v3.31h-.867v-3.402c0-.965-.41-1.379-1.277-1.379-.775 0-1.505.506-1.505 1.471v3.264h-.867v-5.332h.046ZM143.73 52.955h.822c.045.644.41 1.057 1.277 1.057.821 0 1.186-.276 1.186-.873 0-.552-.411-.736-1.232-.92-1.414-.275-1.87-.643-1.87-1.608 0-1.012.958-1.517 1.824-1.517.958 0 1.779.413 1.962 1.563h-.821c-.137-.598-.456-.828-1.141-.828-.593 0-1.003.322-1.003.782 0 .505.274.69 1.232.873 1.094.184 1.87.46 1.87 1.609 0 .965-.684 1.655-1.962 1.655-1.322-.046-2.098-.69-2.144-1.793ZM77.225.508c2.874 0 4.562 1.884 4.562 4.597 0 2.666-1.688 4.596-4.562 4.596-2.873 0-4.56-1.93-4.56-4.596 0-2.713 1.641-4.597 4.56-4.597ZM65.047 12.227h-6.25V26.43c0 1.103-.09 2.022-.364 2.758-.639 1.517-2.098 2.114-3.376 2.114-1.505 0-2.919-.551-3.558-2.114-.319-.736-.364-1.655-.364-2.758V12.227H44.84v14.571c0 1.885.182 3.54.775 4.873 1.551 3.585 4.835 5.47 9.442 5.47 4.425 0 7.71-1.885 9.26-5.47.593-1.38.776-2.988.776-4.873V12.227h-.046ZM86.756 17.149c-1.55-3.586-4.835-5.516-9.533-5.516-4.698 0-7.983 1.93-9.534 5.516-.592 1.379-.775 2.988-.775 4.872v14.664h6.25V22.527c0-1.103.09-2.022.364-2.758.639-1.517 2.098-2.252 3.695-2.252 1.596 0 3.01.69 3.695 2.252.319.736.364 1.655.364 2.758v14.204h6.25V22.067c0-1.884-.183-3.539-.776-4.918ZM137.802 12.227h-6.888l8.621 15.858v8.596h6.386v-8.596l8.712-15.858h-6.614l-5.154 9.56-5.063-9.56ZM18.746 12.227H1.367V36.68h6.25v-8.274H17.97v-5.654H7.616v-4.826h11.13v-5.7ZM125.893 36.681h6.66l-3.74-9.01c2.28-1.47 3.603-3.906 3.603-7.124 0-5.195-3.466-8.32-8.119-8.32h-11.586V36.68h6.249V28.96h3.923l3.01 7.722Zm-3.01-19.03c2.326 0 3.33 1.195 3.33 2.896 0 1.838-1.004 2.942-3.33 2.942h-3.923V17.65h3.923ZM99.03 36.681c7.982 0 12.087-4.734 12.087-12.227 0-7.4-4.607-12.227-12.498-12.227h-8.986V36.68h9.396Zm-3.148-18.938h2.6c4.06 0 6.249 2.344 6.249 6.711 0 4.459-2.189 6.711-6.25 6.711h-2.6V17.743ZM19.797 24.452c0 7.355 4.379 12.733 11.677 12.733 7.162 0 11.632-5.24 11.632-12.733 0-7.31-4.334-12.733-11.632-12.733-7.116 0-11.677 5.332-11.677 12.733Zm6.386-.184c0-4.137 2.098-6.803 5.474-6.803 3.101 0 5.2 2.712 5.2 7.17 0 4.046-2.099 6.804-5.383 6.804-3.239 0-5.291-2.758-5.291-7.171Z" fill="#FFFFFF"/> </svg> </a> </div> </div> <div class="col-12 col-3@lg footer__social"> <ul class="footer__social-items"> <li class="footer__social-item"> <a class="footer__social-link" href="https://www.linkedin.com/company/csoonline" target="_blank" rel="noreferrer" aria-label="LinkedIn"> <span class="footer__social-link-text">LinkedIn</span> <span class="footer__social-link-icon"> <i class="icon-linkedin"><svg><use xlink:href="#icon-linkedin"></use></svg></i> </span> </a> </li> <li class="footer__social-item"> <a class="footer__social-link" href="https://twitter.com/csoonline" target="_blank" rel="noreferrer" aria-label="X"> <span class="footer__social-link-text">X</span> <span class="footer__social-link-icon"> <i class="icon-x"><svg><use xlink:href="#icon-x"></use></svg></i> </span> </a> </li> <li class="footer__social-item"> <a class="footer__social-link" href="https://www.facebook.com/CSOonline" target="_blank" rel="noreferrer" aria-label="Facebook"> <span class="footer__social-link-text">Facebook</span> <span class="footer__social-link-icon"> <i class="icon-facebook"><svg><use xlink:href="#icon-facebook"></use></svg></i> </span> </a> </li> <li class="footer__social-item"> <a class="footer__social-link" href="https://www.youtube.com/@csoonline" target="_blank" rel="noreferrer" aria-label="YouTube"> <span class="footer__social-link-text">YouTube</span> <span class="footer__social-link-icon"> <i class="icon-youtube"><svg><use xlink:href="#icon-youtube"></use></svg></i> </span> </a> </li> <li class="footer__social-item"> <a class="footer__social-link" href="https://news.google.com/publications/CAAqKAgKIiJDQklTRXdnTWFnOEtEV056YjI5dWJHbHVaUzVqYjIwb0FBUAE" target="_blank" rel="noreferrer" aria-label="Google News"> <span class="footer__social-link-text">Google News</span> <span class="footer__social-link-icon"> <svg class="icon" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"> <use xlink:href="#icon-gnews"></use> </svg> </span> </a> </li> </ul> </div> </div> <div class="footer__copyright"> <div class="entry-copyright"> <a href="https://foundryco.com/terms-of-service-agreement/">Copyright 漏 2025 IDG Communications, Inc.</a> </div> </div> </div> </footer> </div>  <script type="text/javascript"> var subscribersSiteId = "eedeabb0-9a59-4b6b-9df3-e55745819adf"; var subscribersServiceWorkerPath = '/?firebase-messaging-sw'; </script> <script type="text/javascript" src="https://cdn.subscribers.com/assets/subscribers.js"></script>  <link rel='stylesheet' id='typekit-styles-css' href='https://use.typekit.net/uow1hrg.css?ver=1.0.0' media='all' /> <script id="child_ajaxload_posts-js-extra"> var ajaxload_params = {"ajaxurl":"https:\/\/www.csoonline.com\/wp-admin\/admin-ajax.php","nonce":"497ce717fd"}; </script> <script id="frontend-scripts-js-extra"> var siteData = {"site":"csoonline.com","connectedhub":"b2b"}; var googleSearch = {"search_engine_id":"011881588825642368632:b0mgdf4z90i","search_title":"Search","search_slug":"search"}; </script> <script id="ajaxload_posts-js-extra"> var ajaxload_params = {"ajaxurl":"https:\/\/www.csoonline.com\/wp-admin\/admin-ajax.php","nonce":"f3c86a0587"}; </script> <script id="ajaxload_events-js-extra"> var ajaxload_event_params = {"ajaxurl":"https:\/\/www.csoonline.com\/wp-admin\/admin-ajax.php","nonce":"57d9201a80"}; </script> <script id="idg-vary-cache-script-js-extra"> var ajaxload_params = {"ajaxurl":"https:\/\/www.csoonline.com\/wp-admin\/admin-ajax.php","nonce":"f3c86a0587","insider_archive":"https:\/\/www.csoonline.com\/asean\/insider\/","base_url":"https:\/\/register-qa.idgcommunications.net","require_redirect":""}; </script> <script type="text/javascript" src="https://www.csoonline.com/_static/??-eJylkN0KwjAMRl/IWFTY3IX4LOmPW2fXliab7u3tdjEUHMK8CnxwTr5EPCKo4Nl4FsrZPKDrIbq+tp6E1TVwY5OGiIlHoS2xIJVsZBK3NHMaZEKvYyAG6YK671vaiTctN6YzJBQFkEcJqrFOwxx++rDFpwuooUY2eWMW0opr6jW5JJL5ppK9185shJce/zRYJGbI1FbLgGkEhapZu+XnU+cow9fucihPVVmcq1PRvgCwx7l9" ></script><script defer src="https://stats.wp.com/e-202508.js" id="jetpack-stats-js"></script> <script id="jetpack-stats-js-after"> _stq = window._stq || []; _stq.push([ "view", {v:'ext',blog:'223390986',post:'568967',tz:'-5',srv:'www.csoonline.com',hp:'vip',j:'1:12.8.2'} ]); _stq.push([ "clickTrackerInit", "223390986", "568967" ]); </script> <script src="https://www.csoonline.com/wp-content/themes/idg-b2b-base-theme/lib/scripts/class.ConsentManager.js?ver=1.0.0" id="consent-manager-script-js"></script> <script id="consent-manager-script-js-after"> document.addEventListener('consentManagerReady', () => { const hasConsentFacebook = consentManager.checkConsentByVendors([ 'Facebook, Inc.', 'Facebook', 'FB', 'Meta', ]); if (hasConsentFacebook.some(vendor => vendor['Has Consent'] === false)) { console.log('[META SCRIPT] Consent not given for Meta.'); } else { console.log('[META SCRIPT] Consent given for Meta. Loading script...'); } }); document.addEventListener('consentManagerReady', () => { const hasConsentMiso = consentManager.checkConsentByVendors([ 'Miso', 'Miso Technologies, Inc' ]); if (hasConsentMiso.some(vendor => vendor['Has Consent'] === false)) { console.log('[MISO SCRIPT] Consent not given for Miso.'); } else { console.log('[MISO SCRIPT] Consent given for Miso. Loading script...'); } }); document.addEventListener('consentManagerReady', () => { const hasConsentYouTube = consentManager.checkConsentByVendors([ 'YouTube', 'YT' ]); if (hasConsentYouTube.some(vendor => vendor['Has Consent'] === false)) { console.log('[YOUTUBE SCRIPT] Consent not given for YouTube.'); } else { console.log('[YOUTUBE SCRIPT] Consent given for YouTube. Loading script...'); } }); document.addEventListener('consentManagerReady', () => { const hasConsentGAM = consentManager.checkConsentByVendors([ 'Google Ad Manager', 'GAM' ]); if (hasConsentGAM.some(vendor => vendor['Has Consent'] === false)) { console.log('[GAM SCRIPT] Consent not given for GAM.'); } else { console.log('[GAM SCRIPT] Consent given for GAM. Loading script...'); } }); document.addEventListener('consentManagerReady', () => { const hasConsentGoogleFonts = consentManager.checkConsentByVendors([ 'Google Fonts', 'Google Web Fonts' ]); if (hasConsentGoogleFonts.some(vendor => vendor['Has Consent'] === false)) { console.log('[GOOGLE FONTS SCRIPT] Consent not given for Google Fonts.'); } else { console.log('[GOOGLE FONTS SCRIPT] Consent given for Google Fonts. Loading script...'); } }); document.addEventListener('consentManagerReady', () => { const hasConsentAdobeTypekit = consentManager.checkConsentByVendors([ 'Adobe Typekit' ]); if (hasConsentAdobeTypekit.some(vendor => vendor['Has Consent'] === false)) { console.log('[ADOBE TYPEKIT SCRIPT] Consent not given for Adobe Typekit.'); } else { console.log('[ADOBE TYPEKIT SCRIPT] Consent given for Adobe Typekit. Loading script...'); } }); </script> <script id="idg-nl-frontend-script-js-extra"> var nl_data = {"action_url":"https:\/\/www.csoonline.com\/asean\/newsletters\/signup","current_edition":"ASEAN"}; </script> <script type="text/javascript" src="https://www.csoonline.com/_static/??/wp-content/client-mu-plugins/idg-newsletter/dist/scripts/nl-frontend-form-submission.js,/wp-content/themes/idg-b2b-base-theme/src/static/js/highlighter.js?m=1739768936j" ></script><script src="https://platform.twitter.com/widgets.js?ver=1739786919" id="twitter-script-js"></script> </body> </html>