Security News

New Telegram Bot "Telekopye" Powering Large-scale Phishing Scams from Russia
2023-08-24 12:33

Dubbed Telekopye, a portmanteau of Telegram and kopye, the toolkit functions as an automated means to create a phishing web page from a premade template and send the URL to potential victims, codenamed Mammoths by the criminals. The attack chains proceed thus: Neanderthals find their Mammoths and try to build rapport with them, before sending a bogus link created using the Telekopye phishing kit via email, SMS, or a direct message.

Bots Are Better than Humans at Solving CAPTCHAs
2023-08-18 11:04

Abstract: For nearly two decades, CAPTCHAS have been widely used as a means of protection against bots. Throughout the years, as their use grew, techniques to defeat or bypass CAPTCHAS have continued to improve.

Google Cloud shores up log permissions for builder bot
2023-07-24 04:08

Infosec in brief A security weakness in Google Cloud Build could have allowed attackers to tamper with organizations' code repositories and application images, according to Orca Security researchers. The issue, as Google describes it, is more about poorly defined permissions.

Ukraine busts bot farm spreading Russian infowar propaganda and fraud
2023-07-20 07:30

Ukrainian cops have disrupted a massive bot farm with more than 100 operators allegedly spreading fake news about the Russian invasion, leaking personal information belonging to Ukrainian citizens, and instigating fraud schemes. "The Cyber Police established that the attackers used special equipment and software to register thousands of bot accounts in various social networks and subsequently launch advertisements that violated the norms and legislation of Ukraine," according to machine translation of the news alert issued by the police.

Ukraine takes down massive bot farm, seizes 150,000 SIM cards
2023-07-19 11:03

The Cyber ??Police Department of the National Police of Ukraine dismantled another massive bot farm linked to more than 100 individuals after searches at almost two dozen locations. Since the start of the war in Ukraine, Russian threat actors have been involved in disinformation campaigns targeting Ukraine and have invested in Ukraine-based bot farms.

Twitter's bot spam keeps getting worse — it's about porn this time
2023-07-02 15:05

Forget crypto spam accounts, Twitter's got another problem which involves bots and accounts promoting adult content and infiltrating Direct Messages and interactions on the platform. In a tweet, security research group, MalwareHunterTeam exposed multiple Twitter accounts that are spam bots injecting themselves within interactions in the form of likes.

Akamai’s new study: Bots, phishing and server attacks making commerce a cybersecurity hotspot
2023-06-16 15:36

Attacks on commerce are booming, according to a new study by security firm Akamai. Bots raining on retail drive flood in commerce attacks.

How smart bots are infecting and exploiting the internet
2023-05-25 04:00

According to Imperva, bad bot traffic grew to 30.2%, a 2.5% increase over 2021. In this Help Net Security video, Lynn Marks, Senior Product Manager at Imperva, discusses malicious bot activity.

Cops crack gang that used bots to book and resell immigration appointments
2023-05-16 07:18

Police have arrested 69 people alleged to have used bots to book up nearly all of Spain's available appointments with immigration officials, and then sold those meeting slots for between €30 and €200 to aspiring migrants. Those arrested include the four alleged leaders of the crime ring, plus lawyers, managers, advisors, recruiters, and intermediaries, who reportedly received "Large amounts of money" from the sale of the immigration appointments.

Bad bots are coming for APIs
2023-05-15 03:00

For the first time, mobile Safari was one of the leading self-reported user agents, while the volume of bots claiming to be mobile browsers increased 42.78%. In 2020 and 2021, bad bots became the pandemic of the internet as automation became more sophisticated. "Cybercriminals will increase their focus on attacking API endpoints and application business logic with sophisticated automation. As a result, the business disruption and financial impact associated with bad bots will become even more significant in the coming years," Triebes continued.