Security News

According to Gcore, in 2022, the number and volume of DDoS attacks will roughly double compared to 2021. Rew, which business sectors are being attacked more often than others in 2022?

He likens prompt injection attacks to SQL injection, which can deliver sensitive information to an attacker if they input malicious code into a field that doesn't sanitize data. Days after Willison's blog post, Twitter users attacked a GPT-3 bot designed to help run remote jobs called Remoteli.io, tricking it into doing things like taking responsibility for the Challenge space shuttle disaster, threatening Twitter users or proposing an overthrow of the Biden administration if it doesn't support remote work.

How can you protect your APIs from bots and bot attacks? Keep reading to learn effective ways for API bot detection and protection. Why is the risk of bot cyberattacks on APIs so high and common? 40% of organizations reported that more than half of their applications are exposed to third-party services or the internet owing to APIs.

The Cyber Department of the Ukrainian Security Service dismantled two more bot farms that spread Russian disinformation on social networks and messaging platforms via thousands of fake accounts. To hide his identity, he used forged Ukrainian documents, Russian e-mail services, and virtual phone numbers of Russian and Belarusian mobile operators for verification.

Imperva releases data showing that 25% of all gambling sites were hit with DDoS attacks executed by botnets in June. As the Wimbledon tennis tournament began at the end of June, DDoS attacks increased and impacted 10% of gambling sites.

Russia's military has praised civilian grade Chinese-made drones and robots for having performed well on the battlefield, leading their manufacturers to point out the equipment is not intended or sold for military purposes. "When assembling the M-81, Chinese technologies are used, the cost is 1 million rubles. The company plans to launch production in Russia," reported Russian tech media source iXBT. In late July, Unitree tweeted that it "Opposes any form of refit and behavior that is harmful or potentially harmful for human beings" and that it only manufactures and sells civilian products.

The Ukrainian cyber police has shut down a massive bot farm of 1,000,000 bots used to spread disinformation on social networks. The messages spread by the bots were in line with Russian propaganda, so the operators of the disinformation machine are believed to be members of the Russian special services.

Want to build your own army? Engineers at CloudSEK have published a report on how to do just that in terms of bots and Twitter, thanks to API keys leaking from applications. Researchers at the company say they've uncovered 3,207 apps leaking Twitter API keys, which can be used to gain access to or even entirely take over Twitter accounts.

Google has added API security tools and Workspace admin alerts about potentially risky configuration changes such as super admin passwords resets. Google's answer to these problems includes two API security features available in preview: one that identifies API misconfigurations and another that detects bots.

Out-of-control scalper bots have created havoc in Israel by registering public service appointments for various government services and then offering to sell them to disgruntled citizens. The bot's operators attempted to sell appointments for a range of government agencies for over $100, including passport renewal, the Israeli Ministry of Interior, the Ministry of Transport, National Insurance, Israel Post, and the Israeli state Electricity Company.