Security News
Web puzzles don't protect against bots, but humans have spent 819 million unpaid hours solving them Google promotes its reCAPTCHA service as a security mechanism for websites, but researchers...
Google has rolled back a recent release of its reCaptcha captcha script after a bug caused the service to no longer work on Firefox for Windows. Yesterday, BleepingComputer received multiple reports that reCaptcha stopped working in the latest version of Mozilla Firefox, with the issues also reported on Twitter and Reddit.
Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of victims' companies.
A three-year-old attack technique to bypass Google's audio reCAPTCHA by using its own Speech-to-Text API has been found to still work with 97% accuracy. ReCAPTCHA is a popular version of the CAPTCHA technology that was acquired by Google in 2009.
ReCaptcha is Google's name for its own technology and free service that uses image, audio or text challenges to verify that a human is signing into an account. Google recently started charging for larger reCAPTCHA accounts.
An attack method discovered in 2017 for defeating the audio version of Google's reCAPTCHA system using speech-to-text services has once again been resurrected. A team of researchers from the University of Maryland showed in 2017 that online speech-to-text services could be used to automatically solve reCAPTCHA v2 audio challenges with a high degree of accuracy.
Google insists it doesn't use reCAPTCHA data for personalized adverts, and says as much in the reCAPTCHA terms of service. Google's reCAPTCHA terms of service state that the service sends device and application data to the company.
Google insists it doesn't use reCAPTCHA data for personalized adverts, and says as much in the reCAPTCHA terms of service. Google's reCAPTCHA terms of service state that the service sends device and application data to the company.
Cyber scammers are starting to use legitimate reCAPTCHA walls to disguise malicious content from email security systems, Barracuda Networks has observed. The reCAPTCHA walls prevent email security systems from blocking phishing attacks and make the phishing site more believable in the eyes of the user.
Cloudflare is nixing Google's reCAPTCHA tool and replacing it with what the network services company's CEO calls "a better CAPTCHA" service, hCaptcha. Cloudflare said the main driver for the swap was that Google is now charging for use of its reCAPTCHA tool - but customer privacy and availability were other factors.