Security News

Vanson Bourne surveyed 750 application security decision makers responsible for their organization's application development and security to get their perspectives on data breaches, top application security vulnerabilities, and the most important product capabilities needed to defend against multi-vector application attacks. Overall, the findings indicate that more needs to be done to protect against application security threats, particularly newer threats like bot attacks, API attacks, and supply chain attacks.

HUMAN published a research into security leaders' perceptions of and responses to sophisticated bot attacks. Bot attacks Nearly half of respondents believe their organization would be susceptible to a sophisticated bot attack.

As scarcity and demand increase, gaining the online advantage through automation has taken hold as shopping bots invade online retailers to purchase desirable items, then resell them on the secondary market. As bots become more commonplace, human buyers are unleashing their dissatisfaction on the retailers through social media and taking their business elsewhere - but what happens when bots take over and there is nowhere else to turn?

A recently discovered cryptomining botnet is actively scanning for vulnerable Windows and Linux enterprise servers and infecting them with Monero miner and self-spreader malware payloads. While, at first, it was using a multi-component architecture with the miner and worm modules, the botnet has been upgraded to use a single binary capable of mining and auto-spreading the malware to other devices.

In 2020, Imperva saw the highest percentage of bad bot traffic since 2014, while traffic from humans fell by 5.7%. More than 40% of all web traffic requests originated from a bot last year, suggesting the growing scale and widespread impact of bots in daily life. Advanced Persistent Bots remained the majority of bad bot traffic over the past year, amounting to 57.1%. These bots are responsible for high-speed abuse, misuse and attacks on websites, mobile apps and APIs.

These bots grab some of the limited stock of the PS5 and Xbox on eBay and Amazon and then resell them at huge markups, says PerimeterX. Scalper bots, or sneaker bots, have been chewing up supplies of the Sony PS5 and Xbox consoles amid a shortage of both units, leaving indvidual buyers in a lurch. In a report published Thursday, bot fighter PerimeterX described the damage that automated bots are causing to consumers and retailers alike.

Cybercriminals are increasingly using legitimate services such as Google Forms and Telegram to gather user data stolen on phishing websites. Alternative ways to collect data help cybercriminals keep it safe and start using the information immediately, says Group-IB. In addition, ready-to-go platforms that automate phishing and which are available on the darknet also have Telegram bots at their core, with admin panel that is used to manage the entire process of the phishing attack and keep financial records linked to them.

To select a suitable bot protection solution for your business, you need to think about a variety of factors. A successful bot mitigation solution has to be effective immediately, stopping new bots and never seen before attack methods.

To address the increasing sophistication of bot attacks, Kasada has upgraded its platform to provide real-time defense against advanced bots that are left undetected by traditional methods. In its V2 release, Kasada has made several improvements that provide customers with an immediate and long-term approach to bot mitigation, without the need for burdensome maintenance.

As they do this, Imperva Research Labs has monitored a staggering 372% increase in healthcare bot traffic globally since September 2020. In February 2021, bot traffic soared 48.8%, the largest increase over the past year, and reaching an unprecedented level over the 12-month average.