Security News

Imperva releases data showing that 25% of all gambling sites were hit with DDoS attacks executed by botnets in June. As the Wimbledon tennis tournament began at the end of June, DDoS attacks increased and impacted 10% of gambling sites.

Russia's military has praised civilian grade Chinese-made drones and robots for having performed well on the battlefield, leading their manufacturers to point out the equipment is not intended or sold for military purposes. "When assembling the M-81, Chinese technologies are used, the cost is 1 million rubles. The company plans to launch production in Russia," reported Russian tech media source iXBT. In late July, Unitree tweeted that it "Opposes any form of refit and behavior that is harmful or potentially harmful for human beings" and that it only manufactures and sells civilian products.

The Ukrainian cyber police has shut down a massive bot farm of 1,000,000 bots used to spread disinformation on social networks. The messages spread by the bots were in line with Russian propaganda, so the operators of the disinformation machine are believed to be members of the Russian special services.

Want to build your own army? Engineers at CloudSEK have published a report on how to do just that in terms of bots and Twitter, thanks to API keys leaking from applications. Researchers at the company say they've uncovered 3,207 apps leaking Twitter API keys, which can be used to gain access to or even entirely take over Twitter accounts.

Google has added API security tools and Workspace admin alerts about potentially risky configuration changes such as super admin passwords resets. Google's answer to these problems includes two API security features available in preview: one that identifies API misconfigurations and another that detects bots.

Out-of-control scalper bots have created havoc in Israel by registering public service appointments for various government services and then offering to sell them to disgruntled citizens. The bot's operators attempted to sell appointments for a range of government agencies for over $100, including passport renewal, the Israeli Ministry of Interior, the Ministry of Transport, National Insurance, Israel Post, and the Israeli state Electricity Company.

During the first half of 2022, BioCatch data reveals that money mule accounts represent up to 0.3 percent of accounts held by financial institutions, and an estimated $3 billion in fraudulent financial transfers. Applying BioCatch findings to the estimated 657 million bank accounts in the United States, this translates to approximately two million mule accounts and nearly $3 billion in fraudulent transfers in a year.

Netacea released its report into how businesses are dealing with bot attacks. It reveals one key area where businesses are failing to tackle bot attacks - bots are going undiscovered for an average of 16 weeks, up two weeks from last year's findings.

Netacea released its report into how businesses are dealing with bot attacks. Bot owners are shifting their tactics, with 60% of businesses detecting attacks on APIs and 39% detecting attacks on mobile apps.

Single factor authentication has been the standard for many years on Internet-facing services, but it clearly lacks security. While 2FA drastically increases the security of Internet services, it can still be bypassed by some methods.