Security News

Learn what a bot is, the spectrum of ways bots are used online, and how bots might be used in the next election cycle. Dan Patterson, CNET and CBS News Senior Producer, spoke with Patrick Sullivan, Akamai CTO, Security Strategy, about the programming and use cases of bots.

NortonLifeLock this week released the beta version of a free browser extension that allows Twitter users to easily identify bots on the social media platform. BotSight was created by the NortonLifeLock Research Group, formerly known as Symantec Research Labs - the NortonLifeLock brand was created after Symantec sold its enterprise security unit and Symantec brand to Broadcom for $10.7 billion.

Radware noted that cybercriminals use bots in many ways: Sophisticated bots built to circumvent security measures and take over user accounts by mimicking human behavior; denial-of-service bots that prevent online checkouts or take down specific pages; bots built for mobile environments; those that exploit vulnerabilities in applications and APIs; and custom, targeted bots that are built to attack specific companies or competitors. "Bot developers now use JavaScript and HTML5 web technologies to enable bots to leverage full-fledged browsers. The bots are programmed to mimic human behavior when interacting with a website or app to move the mouse, tap and swipe on mobile devices and generally try to simulate real visitors in order to evade security systems."

To use Cartdash users first selected what items they want from Instacart as normal. First, does this count as a hack? I feel like it is, since it's a way to subvert the Instacart ordering system.

Bad bot traffic has increased compared to previous years, comprising almost one quarter of all website traffic and most heavily impacting the financial services industry, according to Imperva. In 2019, bad bot traffic comprised 24.1% of all website traffic, rising 18.1% from the year prior.

Released Tuesday, Imperva's "2020 Bad Bot Report: The Bad Bots Strike Back" looks at how bad bots play a role in website activity and how website owners can protect themselves against these threats. In its research, Imperva found that traffic from bad bots accounted for one-quarter of all website traffic in 2019, a jump of 18% from the prior year.

Researchers have uncovered the biggest connected-TV ad fraud operation they've ever seen, fueled with fake ad views seen by bogus eyeballs that actually belonged to a bot network they named ICEBUCKET. Bot-mitigation security firm White Ops said on Thursday that at its peak - January 2020 - the ICEBUCKET bot operation impersonated more than 2 million people in over 30 countries. ICEBUCKET also cooked up 300 publishers out of thin air, then stole advertising dollars by tricking advertisers into thinking there were real people on the other side of the screen.

Shadowserver provides free daily live feeds of information about systems that are either infected with bot malware or are in danger of being infected to more than 4,600 ISPs and to 107 national computer emergency response teams in 136 countries. Last week, Shadowserver was instrumental in helping Microsoft kneecap the Necurs malware network, one of the world's largest spam and malware botnets.

Imperva, the cybersecurity leader championing the fight to secure data and applications wherever they reside, announced Advanced Bot Protection, a new solution that fully integrates its industry-leading bot management technology into the Imperva Cloud Application Security solution. Integrating the solution into Imperva Cloud Application Security delivers best-in-class bot capabilities in a single security stack, giving customers true defense-in-depth security through Imperva's market-leading DDoS, WAF and bot solutions.

White Ops, the global leader in bot mitigation, announced the release of Application Integrity, a new offering designed to protect enterprises from sophisticated bot-based threats including account takeover, automated account creation, and web scraping. Leveraging the industry leadership the company has fostered with its Advertising Integrity and Marketing Integrity products that today verify the humanity of more than 1 trillion interactions per week, Application Integrity enables security teams to best protect their applications from sophisticated bot attacks.