Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Bots

Cybersecurity Sessions S02E01: AI ethics, ticket scalping, Russian disinformation, card cracking

Welcome to a new format for the Cybersecurity Sessions! We’ve refocused our podcasts to provide insights into the latest news and trends in cybersecurity, calling on the expertise of Netacea’s threat researchers, bot specialists and business leaders. This month, new host Dani Middleton-Wren is joined by Matthew Gracey-McMinn, Chris Pace and Tom Platt. First they discuss the ever-intriguing topic of ethics in AI, with facial recognition tech from Clearview AI and PimEyes coming under legal and moral scrutiny, followed by the practicalities of fighting back against automated ticket scalping.
netacea

What does Genesis Market's demise mean for other sites selling digital identities?

As reported widely in the press, the Genesis Market is no more. On Tuesday 4th April 2023, the FBI seized control of the infamous marketplace that’d had hundreds of thousands of stolen digital identities for sale, replacing its login page with a takedown notice and call for further information from its users.

Forescout

Forescout Research - Vedere Labs Releases String Deobfuscation Tool for Analysis of Mirai IoT Botnet Variants

As part of our recently released 2022 Threat Roundup report, Forescout Vedere Labs described how the Mirai IoT botnet continues to evolve via new variants and adaptations, such as Gafgyt and RapperBot, more than six years after it started taking over IoT devices and had its source code leaked.

bitsight

Tofsee Botnet: Proxying and Mining

In January 2023, PrivateLoader, a malware loader from a pay-per-install malware distribution service called “ruzki”, started to distribute Tofsee (a.k.a. Gheg), a modular spambot. Spambots are typically utilized by cybercriminals to spread malware and phishing emails, and this particular one has been in operation since at least 2008.

netskope

Emotet Comeback: New Campaign Using Binary Padding to Evade Detection

Emotet is undoubtedly a very resilient botnet. Even though its operation was disrupted by Europol in January 2021, Emotet came back a few months later and continues to spread. In May 2022, shortly after Microsoft released new controls related to malicious macros, Netskope Threat Labs analyzed an Emotet campaign where they were testing a new delivery method, by using LNK files.

Stalkerware Exposed | Cybersecurity Sessions #16 with Martijn Grooten

Our reliance on personal mobile devices leaves us vulnerable to attack; not just from anonymous criminal groups, but in some cases, from those closest to us. Stalkerware, a category of apps designed to secretly monitor the unsuspecting victim whose device they’re installed on, are a growing concern for security and privacy advocates, as well as law enforcement agencies.
netacea

The Dark Side of AI: How Malicious Bots May Exploit ChatGPT

In recent years, the world of artificial intelligence (AI) has seen a significant increase in the use of language models. ChatGPT, a language generation model developed by OpenAI, has been making waves in the news with its ability to process large amounts of data, which can be used to train machine learning models and to test them. One feature that’s grabbed headlines is its ability to write code and provide feedback on the accuracy and efficiency of code.

Arctic Wolf

Why Bots Threaten Your Cybersecurity

Say what you want about bots, but you have to admire their versatility. Bots do everything from rank Google results and serve up cat photos on your Facebook feed, to sway elections and defraud retailers. Basically, they’re quite flexible. These days, bad bots are big business, with cybercriminals around the world using them to fraudulently access accounts, attack networks, and steal data.

tanium

Cyber Trends for 2023: The Bots are Still Coming, but Humans are Driving Them

If one topic has been on the minds of CISOs and CIOs alike over the last three years of Covid and post-Covid hybrid enterprise work environments, it’s ransomware. A distributed tech workforce — using distributed software services — proved to be no match for highly automated ransomware bots and malware executing encryption attacks. But this year, like the end of War of the Worlds, the attacking bots may suddenly fall silent.