Security News

Fake accounts are used for other purposes too: Facebook for instance last fall announced the takedown of 14,000 fake accounts used to spread disinformation in the 2020 election. Fake-account creation and utilizing fake accounts is a problem for not only social-media platforms but almost any enterprise that has a system that collects accounts for any purpose.

The Business Logic Attack Definition Framework sets the stage for shared understanding and knowledge among vendors, cybersecurity professionals and customers who are proactively tackling an increasing number of malicious bot threats. Once the attack stages for a scalper bot attack were confirmed, Netacea analysed the tactics, techniques and processes of other types of bot attacks and captured all automated bot threats and their lifecycles in a series of comprehensive kill chains.

Targeting Windows and Linux systems, the Necro Python bot changes its code to evade traditional security detection, says Cisco Talos. Though a bot sounds like it might be limited in intelligence and flexibility, a sophisticated bot can do a lot of damage on behalf of the attacker.

DataDome, a company that provides a SaaS solution for protecting businesses against bad bots and fraud, this week announced that it raised $35 million in a Series B funding round. The investment round, which brings the company's total funding to nearly $40 million, was led by venture capital firm Elephant, with participation from ISAI. DataDome plans on investing the money in sales, marketing, and R&D. DataDome has developed an AI-powered platform that processes vast amounts of data in an effort to provide protection against various types of online threats, including payment fraud, DDoS attacks, account takeover attempts, and web scraping.

Vanson Bourne surveyed 750 application security decision makers responsible for their organization's application development and security to get their perspectives on data breaches, top application security vulnerabilities, and the most important product capabilities needed to defend against multi-vector application attacks. Overall, the findings indicate that more needs to be done to protect against application security threats, particularly newer threats like bot attacks, API attacks, and supply chain attacks.

HUMAN published a research into security leaders' perceptions of and responses to sophisticated bot attacks. Bot attacks Nearly half of respondents believe their organization would be susceptible to a sophisticated bot attack.

As scarcity and demand increase, gaining the online advantage through automation has taken hold as shopping bots invade online retailers to purchase desirable items, then resell them on the secondary market. As bots become more commonplace, human buyers are unleashing their dissatisfaction on the retailers through social media and taking their business elsewhere - but what happens when bots take over and there is nowhere else to turn?

A recently discovered cryptomining botnet is actively scanning for vulnerable Windows and Linux enterprise servers and infecting them with Monero miner and self-spreader malware payloads. While, at first, it was using a multi-component architecture with the miner and worm modules, the botnet has been upgraded to use a single binary capable of mining and auto-spreading the malware to other devices.

In 2020, Imperva saw the highest percentage of bad bot traffic since 2014, while traffic from humans fell by 5.7%. More than 40% of all web traffic requests originated from a bot last year, suggesting the growing scale and widespread impact of bots in daily life. Advanced Persistent Bots remained the majority of bad bot traffic over the past year, amounting to 57.1%. These bots are responsible for high-speed abuse, misuse and attacks on websites, mobile apps and APIs.

These bots grab some of the limited stock of the PS5 and Xbox on eBay and Amazon and then resell them at huge markups, says PerimeterX. Scalper bots, or sneaker bots, have been chewing up supplies of the Sony PS5 and Xbox consoles amid a shortage of both units, leaving indvidual buyers in a lurch. In a report published Thursday, bot fighter PerimeterX described the damage that automated bots are causing to consumers and retailers alike.