The Sysdig Threat Research Team (Sysdig TRT) recently discovered a long-running botnet operated by a Romanian threat actor group, which we are calling RUBYCARP. Evidence suggests that this threat actor has been active for at least 10 years. Its primary method of operation leverages a botnet deployed using a variety of public exploits and brute force attacks.

In our last blog post, we unpacked what SEO poisoning is and how it diverts organic search traffic. We examined some prevalent rank theft techniques used in SEO poisoning attacks. In this follow-up, we will dive into how automation can be used to further SEO poisoning and ranking theft attacks. With bots, adversaries can execute coordinated ranking theft at a speed and scale not possible manually.

Bots cost the average business 4.3% of online revenues every year – or $85 million for the typical enterprise – so it’s critical that businesses invest in finding the right bot protection solution. If you’re coming up against resistance within your business when seeking to procure or upgrade your bot protection capabilities, this post will give you plenty of ideas for proving why better bot management is essential – in ways that matter to everyone in your organization.

Search engine optimisation (SEO) is crucial marketing tool for driving organic traffic to websites. It works on a simple premise that users trust top search results are the most relevant to their needs. In general, we will feel much more confident digesting content or buying products or services from top search engine results.

In a story that’s making rounds, Air Canada, Canada’s largest airline, is being ordered to pay a misled customer based on information they received from one of its chatbots.

Cloudflare’s Bot Management is used by organizations around the world to proactively detect and mitigate automated bot traffic. To do this, Cloudflare leverages machine learning models that help predict whether a particular HTTP request is coming from a bot or not, and further distinguishes between benign and malicious bots. Cloudflare serves over 55 million HTTP requests per second — so our machine learning models need to run at Cloudflare scale.

For years Netacea has been reporting on the evolving scalper bot landscape. From the early days of sneaker bots, through to hobbyists snatching PlayStation 5 consoles and even vaccine appointments throughout the pandemic, we’ve closely monitored what items scalpers target. Now, a whole new breed of scalper bot has emerged – one that exploits discounts and pricing errors instead of exclusive hype drops, costing retailers hundreds of thousands in lost inventory.

How do you approach bot management? For certain businesses, the optimal approach could involve selecting a single bot management software to meet their existing bot detection and management needs. For some companies, combining behavioural analytics for identifying malicious bot behaviour and a WAF (WAAP) to defend against vulnerability exploits, DDoS attacks, and API security breaches is essential.