Security News
According to Palo Alto Networks Unit 42, the threat actors use a new CAPTCHA solving system, follow a more aggressive use of CPU resources for mining, and mixe 'freejacking' with the "Play and Run" technique to abuse free cloud resources. Whereas Sysdig identified 3,200 malicious accounts belonging to 'PurpleUrchin,' Unit 42 now reports that the threat actor has created and used over 130,000 accounts on the platforms since August 2019, when the first signs of its activities can be traced.
DataDome - a seven-year-old company whose job it is to protect websites, mobile apps and APIs from online fraud and automated threats - doesn't believe the end of CAPTCHA is nigh. If anomalies indicate a bot is trying to access the site, DataDome's technology may move the session to a CAPTCHA. Even then, the signals will indicate whether it's the legitimate user or something else using DataDome CAPTCHA. "It's not only about if the CAPTCHA is solved," Fabre said.
Apple has introduced a game-changer into its upcoming iOS 16 for those who hate CAPTCHAs, in the form of a feature called Automatic Verification. The feature does exactly what its name alludes to: automatically verifies devices and Apple ID accounts without any action from the user.
Security firm Avanan on Thursday published its latest analysis of a phishing technique that builds on the internet community's familiarity with CAPTCHA challenges to amplify the effectiveness of deceptions designed to capture sensitive data. CAPTCHA puzzles, such as Google's reCAPTCHA, can act as a roadblock for these scanners because the filters can't solve the puzzles.
If it doesn't offer the protection it once did, and its major accomplishment for the past 12 years is that it slows down the customer purchase process, we have to ask ourselves: Why are CAPTCHAs still a thing? While attack technology has evolved, CAPTCHAs have not kept up with the times.
A team of researchers at the Universities of Arizona, Georgia, and South Florida, have developed a machine-learning-based CAPTCHA solver that they claim can overcome 94.4% of real challenges on dark websites. The collection of cyber-threat intelligence from illicit dark web markets and forums becomes challenging and expensive, as employees have to be involved in the CAPTCHA solving step.
New Skype users report frustration after being presented with a captcha that requires them to solve a complex puzzle ten times before signing up for the service. Tests by BleepingComputer confirmed the problematic captcha required when signing up for a Microsoft account via Skype-even after verifying your email address.
A malware campaign uses a clever captcha prompt to trick users into bypassing browsers warnings to download the Ursnif banking trojan.Yesterday, security researcher MalwareHunterTeam shared a suspicious URL with BleepingComputer that downloads a file when attempting to watch an embedded YouTube video about a New Jersey women's prison.