Security News

Hackers use CAPTCHA bypass to make 20K GitHub accounts in a month
2023-01-05 14:00

According to Palo Alto Networks Unit 42, the threat actors use a new CAPTCHA solving system, follow a more aggressive use of CPU resources for mining, and mixe 'freejacking' with the "Play and Run" technique to abuse free cloud resources. Whereas Sysdig identified 3,200 malicious accounts belonging to 'PurpleUrchin,' Unit 42 now reports that the threat actor has created and used over 130,000 accounts on the platforms since August 2019, when the first signs of its activities can be traced.

As Long as We’re on the Subject of CAPTCHAs
2022-12-16 20:14

There are these.

CAPTCHA
2022-12-05 12:10

This is an actual CAPTCHA I was shown when trying to log into PayPal. As an actual human and not a bot, I had no idea how to answer.

DataDome looks to CAPTCHA the moment with test of humanity that doesn't hurt
2022-07-21 12:15

DataDome - a seven-year-old company whose job it is to protect websites, mobile apps and APIs from online fraud and automated threats - doesn't believe the end of CAPTCHA is nigh. If anomalies indicate a bot is trying to access the site, DataDome's technology may move the session to a CAPTCHA. Even then, the signals will indicate whether it's the legitimate user or something else using DataDome CAPTCHA. "It's not only about if the CAPTCHA is solved," Fabre said.

A great day for non-robots: iOS 16 will bypass CAPTCHAs
2022-06-21 11:45

Apple has introduced a game-changer into its upcoming iOS 16 for those who hate CAPTCHAs, in the form of a feature called Automatic Verification. The feature does exactly what its name alludes to: automatically verifies devices and Apple ID accounts without any action from the user.

How CAPTCHAs can cloak phishing URLs in emails
2022-03-17 13:00

Security firm Avanan on Thursday published its latest analysis of a phishing technique that builds on the internet community's familiarity with CAPTCHA challenges to amplify the effectiveness of deceptions designed to capture sensitive data. CAPTCHA puzzles, such as Google's reCAPTCHA, can act as a roadblock for these scanners because the filters can't solve the puzzles.

Why are CAPTCHAs still used?
2022-03-10 07:00

If it doesn't offer the protection it once did, and its major accomplishment for the past 12 years is that it slows down the customer purchase process, we have to ask ourselves: Why are CAPTCHAs still a thing? While attack technology has evolved, CAPTCHAs have not kept up with the times.

Researchers develop CAPTCHA solver to aid dark web research
2022-01-14 18:35

A team of researchers at the Universities of Arizona, Georgia, and South Florida, have developed a machine-learning-based CAPTCHA solver that they claim can overcome 94.4% of real challenges on dark websites. The collection of cyber-threat intelligence from illicit dark web markets and forums becomes challenging and expensive, as employees have to be involved in the CAPTCHA solving step.

Microsoft Skype makes you solve a complex captcha 10 times to sign up
2022-01-03 19:57

New Skype users report frustration after being presented with a captcha that requires them to solve a complex puzzle ten times before signing up for the service. Tests by BleepingComputer confirmed the problematic captcha required when signing up for a Microsoft account via Skype-even after verifying your email address.

Malware campaign uses clever 'captcha' to bypass browser warning
2021-08-17 15:00

A malware campaign uses a clever captcha prompt to trick users into bypassing browsers warnings to download the Ursnif banking trojan.Yesterday, security researcher MalwareHunterTeam shared a suspicious URL with BleepingComputer that downloads a file when attempting to watch an embedded YouTube video about a New Jersey women's prison.