Tag Archive for: Identify

Beating the bad bots: Six ways to identify and block spam traffic

/in


Advancements in technology have helped us propel forward, changing the way we work and live our daily lives. However, its rapid adoption has led to less sombre means. We have all seen and participated in those various bot tests that some websites carry out, where we have to select the picture tiles which have particular objects. This is to control the usage of the site and reduce spam traffic.

Spam traffic is used in some cases by cybercriminals to commit scams and fraud and has become a tool for phishing scam and malware spread. It is problematic as it is inexpensive to create and send. In 2020, spam messages accounted for a colossal 58.71 percent of email traffic as the graph above indicates.

What is a bad bot?

Source…

Researchers identify 223 vulnerabilities used in recent ransomware attacks

/in


Ransomware is getting worse. Cybersecurity analysts have been screaming this sentiment from the rooftops for years, but now new research examining the expanding landscape of software vulnerabilities leveraged in ransomware attacks offers up some hard numbers that put the depth of this problem into context.

Researchers from RiskSense have identified as many as 223 distinct IT security vulnerabilities in the Common Vulnerabilities and Exposures (CVE) database that were tied to attacks involving ransomware in 2020. That represents a fourfold increase in the number of ransomware-related vulnerabilities discovered in their last report published in 2019.

Ransomware families are growing and becoming more complex as well. The previous report found 19 separate ransomware families; this version identified at least 125. These groups are increasingly expanding their operations, creating new malware variants, selling their tools to third parties and targeting flaws in software and web applications.

Approximately 40% of the 223 CVEs tied to recent ransomware attacks fall under five commonly identified security weaknesses: permissions, privileges and access controls, code injection, improper input validation, improper restriction of operations within the bounds of a memory buffer and exposure of sensitive information to an unauthorized user. These overlaps “make it easy to predict that new vulnerability disclosures with similar traits will be of interest to ransomware families,” the report states.

Srinivas Mukkamala, CEO and co-founder of RiskSense, told SC Media that their research indicates this broadened attack surface is being driven by both short-term trends, like COVID-19 pushing more businesses online, as well as broader developments in digital transformation and cloud adoption throughout industry. These factors have combined to push many organizations toward adoption of technologies – like cloud applications, VPNs and home networks – with bugs and misconfigurations that are most likely to be exploited by ransomware groups.

“All of [those trends] actually opened up the aperture and attack surface for ransomware to target and if you look at…

Source…

Beating The Bad Bots: Identify and Block Spam Traffic To Boost Your Google Ranking

/in


Advancements in technology have helped us propel forward, changing the way we work and live our daily lives. However, its rapid adoption has led to less sombre means. We have all seen and participated in those various bot tests that some websites carry out, where we have to select the picture tiles which have particular objects. The measure is taken by sites to reduce spam traffic.

(Source: Statista)

Spam traffic is used in some cases by cybercriminals to commit scams and fraud and has become a tool for a phishing scam and malware spread. It is problematic as it is inexpensive to create and send. In 2020, spam messages accounted for a colossal 58.71% of email traffic as the graph above indicates. 

It also has a negative impact on your Google ranking. No body like spam traffic, including Google. Once the search engine leader identifies increasing bot traffic on a particular website, it starts penalising and push ranking down.

What is Bad Bot?

There are a range of different bots that you find on the backend of the internet carrying out different types of tasks. Some are harmless such as search engine bots used by Google and Bing, which help the service specifically by browsing the internet to help make available content that can be useful to users based on search queries.

However, bad bots are used in an entirely different way to serve a different purpose. These include. Searching sites and scraping data of it to benefit other sites or sell on and steal information and repost it under a different identity.

Bad Bots also can disturb site metrics as they inflate search results and increase website traffic unnecessarily, leading to slower loading times and unnecessary investments in hardware to maintain the website infrastructure. As we can see from the graph below, in 2019, 24% of traffic emanated from the movement of bad bots.

(Source: Imperva)

They are also able to perform malicious acts on-site, which lead to damaging networks through things such as distributed denial of service (DDoS) attacks. These attacks flood sites with data higher than a level that it can handle. 

Bad Bots are mostly organised on botnets which are a collection of internet-connected devices that have been…

Source…