The Splunk Threat Research Team (STRT) has detected the resurface of a Crypto Botnet using Telegram, a widely used messaging application that can create bots and execute code remotely. The STRT has identified attacking sources from China and Iranian IP addresses specifically targeting AWS IP address space. The malicious actors behind this botnet specifically target Windows server operating systems with Remote Desktop Protocol.
The old saying goes “cheaters never prosper”, but sadly that is not always the case in online gaming. In dark corners of the internet, new ways of cheating at online games – and getting away with it – are being developed on an alarming scale. Both purchasable and “free to play” (F2P) games now offer rewards either in exchange for real world currency or through “grinding” in game, which takes time and effort.
In the wake of the pandemic, airlines are fighting back against challenges from all directions this year. Many have banded together to protest government orders around banned routes, Covid testing and post-travel quarantine periods. International holiday-going in 2021 has become an unappealing prospect for many, due to the added expense and inconvenience imposed by Covid restrictions.
Detecting and preventing malicious activity such as botnet attacks is a critical area of focus for threat intel analysts, security operators, and threat hunters. Taking up the Mozi botnet as a case study, this blog post demonstrates how to use open source tools, analytical processes, and the Elastic Stack to perform analysis and enrichment of collected data irrespective of the campaign.
It’s no secret that Covid-19 has accelerated the number of cyber-attacks and data breaches witnessed across the globe. Increased reliance on technology as the world worked, shopped and socialised from home increased the surface area for attackers, who capitalised on a growing amount of PII (personally identifiable information) available across the internet.
An application programming interface (API) enables communication and data exchange between two separate software systems. The application (or service) layer sits between the presentation and database layers and lays out the rules of how users can interact with services, data or functions of the application. API testing is a software testing practice that tests the functionality, reliability, performance and security of an API.
A scraper bot or web scraper is a bot trying to precure, aggregate and parse data, publicly available or otherwise, from an internet-enabled source. Not all web scrapers are bad bots. In fact, some are vital to business success. Good bot activity includes content scraping for display on aggregation sites or content scraping by affiliates to market your products and services. Malicious web scrapers on the other hand can have the opposite effect.
Since launching in 2015, MITRE’s ATT&CK framework has been the cybersecurity industry standard for understanding cyber-attacks and their kill chains. Now the BLADE framework is set to develop a similar understanding of business logic attacks fueled by malicious bots. In this post, we will look at why MITRE ATT&CK is so important and examine why BLADE is needed now more than ever.
In our recent webinar featuring Netacea’s Head of eCommerce, Tom Platt, we explored the rising threat of loyalty point fraud and how businesses can reap the benefits of loyalty schemes while staying protected from attacks and retaining customer loyalty. Watch the full webinar on demand or catch up on the takeaways here.
