Security News

Malware campaign uses clever 'captcha' to bypass browser warning
2021-08-17 15:00

A malware campaign uses a clever captcha prompt to trick users into bypassing browsers warnings to download the Ursnif banking trojan.Yesterday, security researcher MalwareHunterTeam shared a suspicious URL with BleepingComputer that downloads a file when attempting to watch an embedded YouTube video about a New Jersey women's prison.

Cyberattackers Embrace CAPTCHAs to Hide Phishing, Malware
2021-08-13 21:04

Cyberattackers are using Google's reCAPTCHA and fake CAPTCHA-like services to obscure various phishing and other campaigns, according to researchers. CAPTCHAs are familiar to most internet users as the challenges that are used to confirm that they're human.

To CAPTCHA or not to CAPTCHA? Gartner analyst says OK — but don’t be robotic about it
2021-06-22 08:06

Analyst firm Gartner has advised in favour of the use of CAPTCHAs - but recommends using the least-annoying CAPTCHAs you can find. The firm's opinion is contained in a post by senior director analyst Akif Khan, who noted that CAPTCHAs create friction for humans but remain an imperfect defence against bots.

Cloudflare launches campaign to ‘end the madness’ of CAPTCHAs
2021-05-14 03:29

Cloudflare research engineer Thibault Meunier assumed that the average internet user sees a CAPTCHA once ever ten days and multiplied that by world's 4.6 billion internet users and Cloudflare's 32-second CAPTCHA-completion estimate to assert that humanity collectively spends 500 years every day completing CAPTCHAs. Cloudflare will initially support three - YubiKeys, HyperFIDO keys; and Thetis FIDO U2F. "Completing this flow takes five seconds," Meunier asserts in a post on Cloudflare's blog.

Want to get around a CAPTCHA? That’ll be 0.00094c, please
2021-04-01 05:27

CAPTCHA farms have been around for over a decade, pretty much since CAPTCHAs first became a way to protect against bots. CAPTCHA requests will be sent from the bot to the farm through an API, and at the other end a human will be available to solve the test.

Microsoft Office 365 Phishing Attack Uses Multiple CAPTCHAs
2020-10-01 18:27

Researchers are warning of an ongoing Office 365 credential-phishing attack that's targeting the hospitality industry - and using visual CAPTCHAs to avoid detection and appear legitimate. Though the use of CAPTCHAS in phishing attacks is nothing groundbreaking, this attack shows that the technique works - so much so that the attackers in this campaign used three different CAPTCHA checks on targets, before finally bringing them to the phishing landing page, which poses as a Microsoft Office 365 log-in page.

Text CAPTCHAs easily beaten by neural networks
2018-12-12 12:12

As CAPTCHA-haters know to their frequent irritation, the death of the text-based Completely Automated Procedures for Telling Computers and Humans Apart tends to be exaggerated.

Week in review: CAPTCHA-breaking AI, Australian anti-encryption bill, new issue of (IN)SECURE
2018-12-09 18:48

Here’s an overview of some of last week’s most interesting news and articles: Old and new OpenSSH backdoors threaten Linux servers OpenSSH, a suite of networking software that allows secure...

Researchers create AI that could spell the end for website security captchas
2018-12-06 06:30

Researchers have created new artificial intelligence that could spell the end for one of the most widely used website security systems. The new algorithm, based on deep learning methods, is the...

Boffins confirm AI GAN see through your text CAPTCHA test
2018-12-05 22:28

Attack bots unleashed as major sites left wide open to abuse If you're one of those people who hates picking out cars, street signs and other objects in CAPTCHA image grids, then get used to it...