Security News

Amadey Bot Spotted Deploying LockBit 3.0 Ransomware on Hacked Machines
2022-11-08 14:52

The Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned. The document contains a malicious VBA macro that, when enabled by the victim, runs a PowerShell command to download and run Amadey.

DDoS and bot attacks in 2022: Business sectors at risk and how to defend
2022-09-21 14:05

According to Gcore, in 2022, the number and volume of DDoS attacks will roughly double compared to 2021. Rew, which business sectors are being attacked more often than others in 2022?

GPT-3 'prompt injection' attack causes bad bot manners
2022-09-19 13:37

He likens prompt injection attacks to SQL injection, which can deliver sensitive information to an attacker if they input malicious code into a field that doesn't sanitize data. Days after Willison's blog post, Twitter users attacked a GPT-3 bot designed to help run remote jobs called Remoteli.io, tricking it into doing things like taking responsibility for the Challenge space shuttle disaster, threatening Twitter users or proposing an overthrow of the Biden administration if it doesn't support remote work.

Bad bots are coming at APIs! How to beat the API bot attacks?
2022-09-12 04:00

How can you protect your APIs from bots and bot attacks? Keep reading to learn effective ways for API bot detection and protection. Why is the risk of bot cyberattacks on APIs so high and common? 40% of organizations reported that more than half of their applications are exposed to third-party services or the internet owing to APIs.

Ukraine dismantles more bot farms spreading Russian disinformation
2022-09-07 15:47

The Cyber Department of the Ukrainian Security Service dismantled two more bot farms that spread Russian disinformation on social networks and messaging platforms via thousands of fake accounts. To hide his identity, he used forged Ukrainian documents, Russian e-mail services, and virtual phone numbers of Russian and Belarusian mobile operators for verification.

Cybercriminals are using bots to deploy DDoS attacks on gambling sites
2022-08-19 03:00

Imperva releases data showing that 25% of all gambling sites were hit with DDoS attacks executed by botnets in June. As the Wimbledon tennis tournament began at the end of June, DDoS attacks increased and impacted 10% of gambling sites.

Russian military uses Chinese drones and bots in combat, over manufacturers' protests
2022-08-17 05:30

Russia's military has praised civilian grade Chinese-made drones and robots for having performed well on the battlefield, leading their manufacturers to point out the equipment is not intended or sold for military purposes. "When assembling the M-81, Chinese technologies are used, the cost is 1 million rubles. The company plans to launch production in Russia," reported Russian tech media source iXBT. In late July, Unitree tweeted that it "Opposes any form of refit and behavior that is harmful or potentially harmful for human beings" and that it only manufactures and sells civilian products.

Ukraine takes down 1,000,000 bots used for disinformation
2022-08-03 15:51

The Ukrainian cyber police has shut down a massive bot farm of 1,000,000 bots used to spread disinformation on social networks. The messages spread by the bots were in line with Russian propaganda, so the operators of the disinformation machine are believed to be members of the Russian special services.

Bot army risk as 3,000+ apps found spilling Twitter API keys
2022-08-02 14:45

Want to build your own army? Engineers at CloudSEK have published a report on how to do just that in terms of bots and Twitter, thanks to API keys leaking from applications. Researchers at the company say they've uncovered 3,207 apps leaking Twitter API keys, which can be used to gain access to or even entirely take over Twitter accounts.

Google battles bots, puts Workspace admins on alert
2022-06-30 16:00

Google has added API security tools and Workspace admin alerts about potentially risky configuration changes such as super admin passwords resets. Google's answer to these problems includes two API security features available in preview: one that identifies API misconfigurations and another that detects bots.