Security News

With an inherent emphasis in "Privacy-by-default", Hoplite Technology announced the new launch of a free anti-phishing solution named Anti-Phishing Bot to protect everyday users against phishing attacks. Due to the lack of ways to verify the identity of the senders, everyday users without technical trainings will often find it difficult to distinguish a phishing attack as the red flags are hidden in different parts of an email.

A new automated scam-as-a-service has been unearthed, which leverages Telegram bots in order to steal money and payment data from European victims. These groups have bought into full-fledged scam kits, equipping them with Telegram chatbots for automated communication with victims, as well as customized webpages that lead victims to phishing landing pages.

Fraud and bot-detection specialists White Ops has been acquired by the Goldman Sachs merchant banking division in partnership with investment firms ClearSky Security and NightDragon. Based in New York City, White Ops protects businesses and online e-commerce platforms from sophisticated bots that disrupt and hijack trillions of transactions globally.

A group of lawmakers in the United Kingdom are looking to take on powerful bot organizations openly scalping gaming consoles by proposing potential legislation that would both ban the resale of goods acquired using bots and ban the resale of tech products above the manufacturers' price. The United States has tried its hand at rules against bots with the FTC's 2016 "Better Online Ticket Sales Act," which was designed to regulate secondary market ticket sales as a response to bots being used to drive up ticket prices.

The Qbot banking trojan has dropped the ProLock ransomware in favor of the Egregor ransomware who burst into activity in September. Since their launch in September 2020, Egregor has been one of the most active big game hunting ransomware operations currently active.

Kount's offerings protect the end-to-end customer journey from fraud, and the new bot detection solution is the latest in the company's momentous year of new products, patents, partnerships, industry recognition, and more. Quadrant Knowledge Solutions named Kount #1 overall for eCommerce Fraud Detection, scoring Kount the highest for both Customer Impact and Technology Excellence.

It's a big week for gamers across the globe, with imminent, dueling releases of Xbox Series X and PlayStation PS5. However, an army of retail bots threaten to drive prices up as much as three times the retail price, putting the coveted holiday gifts well out of reach of everyday fans. "Since most retailers have built their environments for high-speed and high-volume transactions, the bots are being supported by the environment that is trying to keep them out. The effort to build a retail store that delights customers and enables transactions plays right into the bot creators' hands."

A proxy request may contain the X-Forwarded-For or Via HTTP headers revealing the source device's IP address, and inform the destination that the request is coming from a proxy. Last month, Security researcher and podcast creator David Coomber found out that Applebot had been using a proxy that leaked Apple's internal IP addresses.

Control servers included in the configuration file of new TrickBot samples fail to respond to bot requests, according to researchers at threat intelligence company Intel 471. Days after the announcement Intel 471's researchers revealed that TrickBot resumed operations, and that Emotet was observed serving TrickBot payloads to infected machines.

Auth0 launched Bot Detection, a new security feature that reduces the effectiveness of a credential stuffing attack by as much as 85%, with minimal impact on user experience. Bot Detection is a powerful addition to the company's expanding security portfolio, and works in tandem with Auth0 Breached Password Detection, Brute Force Protection, and Multi-factor Authentication, to provide extensive mitigation against a variety of sophisticated threats, including automated attacks, account takeovers, phishing attacks, and more.