Grinch Bots are here to ruin your Cyber Monday

Wand | December 01, 2019

Grinch Bots are here to ruin your Cyber Monday
Consumers may think they're avoiding the Black Friday rush by waiting for Cyber Monday, but you may have to battle a bunch of bots for that hot item. Up to 97 percent of all online traffic to regular login pages this holiday shopping week comes from bots, largely operated by organized gangs of cyber criminals, according to estimates by cyber security from Radware. The bots fill out online forums and swift through retail sites faster than a regular person can. They find the best deals before you have even filled your cart up. The items are then sold for a higher price on third-party sites.The cyber thieves also crack into accounts, drain accounts of rewards and other digital currency, conduct credit card fraud, and more, said Ron Winward, a Radware spokesman.

Spotlight

"Advanced attacks described as advanced persistent threats (APTs) involve activity largely supported,
directly or indirectly, by a nation-state."

Related News

Operational resource aimed at helping small newsrooms shore-up their cybersecurity practices

prnewswire | October 15, 2020

Today the Global Cyber Alliance (GCA) released the GCA Cybersecurity Toolkit for Journalists at the 2020 Online News Association conference. The toolkit is a free, operational resource aimed at helping journalists, watchdogs, and small newsrooms shore-up their cybersecurity practices. Journalists around the world have long been targets of cyber attacks, whether reporting on crime, politics, or simply being a target for the spread of disinformation. Recent examples include an Angolan journalist reporting on the embezzlement of public funds and two Turkish journalists whose accounts and devices were compromised after reporting on the death of Turkish soldiers in Libya. In order to provide some practical resources to manage these risks, GCA assembled a set of tools that journalists can use to shore up their cyber defenses, protect their devices and data, and help safeguard their online presence.

Read More

DATA SECURITY

75% of IT Leaders are Unconvinced About the Security of their Web Applications

Cymatic | April 12, 2021

Today, Cymatic released new research on the state of web application security. While IT leaders tend to be somewhat confident in their existing solutions, relying on various products renders smooth adoption of emerging tools—and therefore overall cyber threat prevention—a major task. Pulse conducted a study of C-suite and VP-level executives in information technology and cybersecurity and discovered that the most common approaches to web application safety fail to engender the trust necessary for effective cyber attack protection. Among the key findings are: • While 91% of executives spend up to a third of their web app technology budget on security, privacy, and compliance activities, they continue to rely heavily on strong password standards to protect against cyber threats. • MFA, WAFs, and CAPTCHAs are the top technologies used to protect web apps, with 75%, 74%, and 63%, respectively. • Account takeovers are the threat scenarios that most concern 73% of respondents. “After spending twenty-five years spending time and money cleaning up after breaches and hackers whose creativity was still at least one step ahead of network protections, I was able to see where all the security holes are,” said Cymatic Founder and CEO Jason Hollander. “We created the CymaticONE platform to fill those holes and reduce the complexity of existing web application solutions, making it simpler and easier to defend against modern-day attack vectors.” The Cymatic platform provides universal in-session visibility and control to minimize risk across web applications, networks, and users, while also reducing network traffic loads and removing user friction. Unlike standard WAFs, which only defend against network-based threats, Cymatic employs advanced artificial intelligence and machine-learning algorithms to detect page mutations and user anomalies. The platform protects against user-generated and device-based risks such as poor credential hygiene, dark web vulnerabilities, and potentially risky devices. It is completely invisible to users, deploys in minutes, and has an absolute time-to-value. Although many respondents defined obstacles to change their existing web application firewall (WAF) installations, nearly 90% expect to reconsider their investments within the next six to 18 months. Cymatic provides the first web application firewall to combine client-side WAF protection with a proprietary vulnerability, awareness, detection, and response (VADRTM) AI engine to avoid user- and app-based threats in their tracks, making it simple for any company to bridge gaps in their installations. Unlike other products that make static decisions based on siloed threat signals, Cymatic correlates and evaluates thousands of signals around a dozen threat vectors in real-time to provide a higher level of security accuracy without compromising user experience or application efficiency. Only Cymatic provides full real-time visibility and protection against all code-injection attacks, user risk, and session fraud—all with a single line of javascript. About Cymatic Cymatic is the only company that provides a web application firewall (WAF) solution that combines client-side WAF protections with a proprietary vulnerability, awareness, detection, and response (VADRTM) engine to provide immediate and continuous in-session intelligence regarding devices, users, and locations. Cymatic's first-look, the first-strike capability is the first in the kill chain, reducing risk across applications, networks, and users while ensuring organizations comply with today's security-driven regulations. The solution is undetectable to users, deploys in minutes, and operationalizes in seconds. Cymatic is based in Raleigh, North Carolina, and has branches in California and New York.

Read More

DATA SECURITY

Optiv Security Launches Next-Gen Managed XDR to Stop Threats Earlier in Attack Lifecycle, Minimize Business Impact

Optiv | August 09, 2021

Optiv Security, the leading end-to-end cybersecurity solutions partner, launched its Managed Extended Detection and Response (MXDR) offering at Black Hat USA 2021. The technology-independent offering enables clients to take rapid and decisive action against today's most critical cyberattacks and strengthen their security posture. "Optiv MXDR brings simplicity, transparency and automation to clients' environments, enhancing existing defenses to counter known and emerging threats with confidence and speed," said David Martin, chief services officer for Optiv. "What's more, we can seamlessly leverage the power of Optiv to extend and layer the offering with a full suite of complementary services like remediation, incident response, threat hunting, and beyond." Optiv MXDR is the only managed cloud-based, next-gen advanced threat detection and response service that ingests data across various layers of technologies to correlate, normalize, enrich, and enable automated responses to malicious activity in real-time. By automating incident investigation with actionable insights, organizations can detect threats faster and prioritize which threats to mitigate first, significantly reducing the attack surface. "We know the threat landscape; both what's at stake and how to circumvent threat actors while significantly reducing time to detect and respond," said John Ayers, XDR vice president for Optiv. "We meet clients where they are and customize our continuously managed approach to ease the burden of the unknown and allow teams to detect, respond and remediate threats faster while also automating deeper investigation for future improvements." Devo has been named a foundational partner in Optiv MXDR, delivering scalable, cloud-native logging and security analytics via the Devo Platform, enabling full visibility across cloud and on-premise environments for Optiv customers. "Security teams are eager to learn more about XDR as they look to consolidate their security stack for greater efficiency and accuracy in threat detection and response," said Ted Julian, SVP of Product at Devo. "Two constraints have always stood in their way: lack of real-time access to historical data, and the inability to collect and analyze the massive data volumes associated with modern operational environments. Devo eliminates these concerns and is uniquely qualified to power solutions like Optiv's MXDR." Optiv delivers threat management solutions to more than 60 percent of Fortune 500 companies. View the complete MXDR service brief and find out how organizations can enhance their security posture with Optiv. Optiv Security: Secure your security.TM Optiv is a security solutions integrator "one-stop" trusted partner with a singular focus on cybersecurity. Our end-to-end cybersecurity capabilities span risk management and transformation, cyber digital transformation, threat management, cyber operations, identity and data management, and integration and innovation, helping organizations realize stronger, simpler and more cost-efficient cybersecurity programs that support business requirements and outcomes. At Optiv, we are modernizing cybersecurity to enable clients to innovate their consumption models, integrate infrastructure and technology to maximize value, achieve measurable outcomes, and realize complete solutions and business alignment.

Read More

Spotlight

"Advanced attacks described as advanced persistent threats (APTs) involve activity largely supported,
directly or indirectly, by a nation-state."