Imperva: Nearly Half of Internet Traffic is Bots

/in


Nearly half of all internet traffic came from bots during 2023. That’s the findings from MSSP Imperva, a Thales company, in its 2024 Bad Bot Report.

Imperva found that 49.6% of all internet traffic originated from bots in 2023, marking a 2% increase over the previous year. This was highest level of bot traffic Imperva reported since it began monitoring automated traffic in 2013.

Imperva noted that web traffic associated with “bad bots” grew to 32% in 2023, up from 30.2% in 2022. Meanwhile, traffic from human users decreased to 50.4%.

Automated traffic is costing organizations billions of dollars annually due to attacks on websites, APIs, and applications.

“Bots are one of the most pervasive and growing threats facing every industry,” said Nanhi Singh, Imperva’s general manager of application security. “From simple web scraping to malicious account takeover, spam and denial of service, bots negatively impact an organization’s bottom line by degrading online services and requiring more investment in infrastructure and customer support. Organizations must proactively address the threat of bad bots as attackers sharpen their focus on API-related abuses that can lead to account compromise or data exfiltration.”

Why MSSPs and MSPs Are Concerned About Botnets

Because botnets can lurk undetected in an organization’s computer network for years, they can eventually exploit a vulnerability to potentially launch a full-scale cyberattack and infect an entire IT network.

There are two classes of botnets, according to Jim Broome, president and chief technology officer at MSSP DirectDefense. He explained them to MSSP Alert in an article earlier this year. Those bots are those that attack apps and those that attack humans through personal computers and tablets. When an MSSP walks into a new engagement, they likely have no idea of what might be lurking in that organization’s IT estate.

“The problem is, you may inherit a legacy technology that is currently not adequate enough to protect against either current generation or last generation’s antivirus or botnet persistence,” Broome said. “You are constantly coaching the customer that they need to install the new stuff (i.e. cybersecurity…

Source…

Microsoft Security Vulnerabilities Decreased by 5% in 2023

/in


The number of Microsoft vulnerabilities has mostly flattened in 2023, with elevation of privilege and identity attacks being particularly common, according to BeyondTrust’s annual Microsoft Vulnerabilities report.

Identity and access management solutions company BeyondTrust studied the most significant CVEs of 2023 and Microsoft vulnerability data from Microsoft’s monthly Patch Tuesday bulletins. The report includes vulnerability trends and tips about how to reduce identity attacks.

Microsoft reported 1,228 vulnerabilities in 2023

The total number of Microsoft vulnerabilities has remained mostly steady for the past four years, with a slight (5%) dip in 2023 from 1,292 to 1,228 reported vulnerabilities.

Microsoft vulnerability trend.
Since a rise in 2020, the number of Microsoft vulnerabilities has remained between 1,200 and 1,300. Image: BeyondTrust

“Microsoft’s efforts to promptly patch known vulnerabilities may be offsetting the discovery of new ones by reducing the window of opportunity for attackers to exploit vulnerabilities,” David Morimanno, director of identity and access management technologies, Integral Partners, told BeyondTrust. “Also, as the MS codebase matures, new vulnerabilities might be getting introduced at a slower rate.”

The rate of critical Microsoft vulnerabilities (i.e., those with a score of 9.0 or higher on NIST’s Common Vulnerability Scoring System) has slowed. There were 84 Microsoft critical vulnerabilities in 2023, compared to 89 in 2022 and a five-year high of 196 in 2020.

How Microsoft vulnerabilities are classified

Microsoft has its own severity rating system distinct from NIST, which will produce slightly different numbers. For example, 33 Microsoft vulnerabilities from 2023 were classified as critical in NIST’s scoring system, but Microsoft itself classified 84 vulnerabilities in 2023 as critical. Microsoft’s classification system still reflects the overall trend of a slight decrease in vulnerabilities year-over-year, showing a decrease in severe vulnerabilities by 6%.

BeyondTrust noted that not all recorded Microsoft vulnerabilities pose significant risk; some are mostly theoretical or would have minimal impact even if they were exploited….

Source…

Ransomware hack leaves Glendale Unified staff waiting for tax returns

/in


The IRS recently notified teachers, nurses, counselors and other faculty members in the Glendale Unified School District that they could not file their taxes this year because they already had — or at least somebody using their information did.

In December, the school district with more than 25,000 Los Angeles County students learned that it was the latest victim of a ransomware attack aimed at institutions that store sensitive data, but lack the same type of security standards of a large government agency. The attackers locked district employees out of their own system and demanded an undisclosed ransom for the safe return of their data, according to a district spokesperson. The data included employee and student names, addresses, dates of birth, Social Security and driver’s license numbers and financial account information, according to a letter sent to district employees reviewed by The Times.

In the ensuing months, the full extent of the breach emerged when district employees tried to file their federal and state income taxes but couldn’t because they’d already been filed fraudulently.

As of Friday, at least 231 union members have been affected by the breach and many were required to verify their identity with the IRS to legitimately file their taxes, said Glendale Teachers Assn. union president Taline Arsenian.

“The [union] members are spending a lot of their time to clear this issue,” Arsenian said. “It’s very time-consuming when you get down to it.”

The first sign of a problem arrived in district inboxes on Dec. 6. In an email, the district asked employees and students to stay off their Chromebook laptops and not log in to their school accounts.

“After learning of the cybersecurity incident, GUSD immediately partnered with local law enforcement, outside cybersecurity experts, and the FBI to investigate its scope and assess the potential risk to our employees and students,” district spokesperson Kristine Nam said in an email.

Around the same time, Glendale Unified reached out to employees going back 20 years, or about 14,000 people, and notified them that they could potentially be affected by the data breach, Nam said.

It’s unclear …

Source…

Tarrant Appraisal District extends protest deadline after ransomware attack

/in


Disagree with the Tarrant Appraisal District’s valuation of your residential property? You now have until May 24 to protest it.

District officials extended the deadline from May 15 after a ransomware attack at the end of March forced systems offline, delaying access to its online protest tool in the process. The group responsible for the attack, Medusa, posted taxpayer information online after the district refused to pay the ransom. Since then, the appraisal district’s essential services are back online and the board approved new funding for cybersecurity measures.

The new deadline allows residents 30 days from the time the online protest function was restored to challenge an appraisal. People can access the online protest function by logging in, heading to their dashboard and clicking the protest button on the left-hand side of the screen.

There are multiple reasons residents can protest, including concerns about incorrect valuations, tax exemptions being denied and incorrect owner or property information. The protests will be considered by the appraisal review board, which schedules hearings to review evidence and determine whether the district erred in its appraisal decision.

Commercial appraisal notices are expected to be mailed May 1, and the deadline to protest these appraisals is May 31 or 30 days from the mailing date, whichever is later.

Before then, voters will head to the polls May 4 to elect three at-large appraisal district board members. Board members do not determine protests or property appraisals.

Emily Wolf is a government accountability reporter for the Fort Worth Report. Contact her at [email protected]At the Fort Worth Report, news decisions are made independently of our board members and financial supporters. Read more about our editorial independence policy here.

This article first appeared on Fort Worth Report and is republished here under a Creative Commons license.

Source…