Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label API. Show all posts
PayPal
API Cyber Crime DocuSign phishing scams Norton PayPal

Fake Invoices Spread Through DocuSign’s API in New Scam

 



Cyber thieves are making use of DocuSign's Envelopes API to send fake invoices in good faith, complete with names that are giveaways of well-known brands such as Norton and PayPal. Because these messages are sent from a verified domain - namely DocuSign's - they go past traditional email security methods and therefore sneak through undetected as malicious messages.

How It Works

DocuSign is an electronic signing service that the user often provides for sending, signing, and managing documents in a digital manner. Using the envelopes API within its eSignature system, document requests can be sent out, signed, and tracked entirely automatically. Conversely, attackers discovered how to take advantage of this API, where accounts set up for free by paying customers on DocuSign are available to them, giving them access to the templates and the branding feature. They now can create fake-looking invoices that are almost indistinguishable from official ones coming from established companies.

These scammers use the "Envelopes: create" function to send an enormous number of fake bills to a huge list of recipients. In most cases, the charges in the bill are very realistic and therefore appear more legitimate. In order to get a proper signature, attackers command the user to "sign" the documents. The attackers then use the signed document to ask for payment. In some other instances, attackers will forward the "signed" documents directly to the finance department to complete the scam.


Mass Abuse of the DocuSign Platform

According to the security research firm Wallarm, this type of abuse has been ongoing for some time. The company noted that this mass exploitation is exposed by DocuSign customers on online forums as users have marked complaints about constant spamming and phishing emails from the DocuSign domain. "I'm suddenly receiving multiple phishing emails per week from docusign.net, and there doesn't seem to be an obvious way to report it," complained one user.

All of these complaints imply that such abuse occurs on a really huge scale, which makes the attacker's spread of false invoices very probably done with some kind of automation tools and not done by hand.

Wallarm already has raised the attention of the abuse at DocuSign, but it is not clear what actions or steps, if any, are being taken by DocuSign in order to resolve this issue.


Challenges in Safeguarding APIs Against Abuse

Such widespread abuse of the DocuSign Envelopes API depicts how openness in access can really compromise the security of API endpoints. Although the DocuSign service is provided for verified businesses to utilise it, the attack teams will buy valid accounts and utilize these functions offered by the API for malicious purposes. It does not even resemble the case of the DocuSign company because several other companies have had the same abuses of their APIs as well. For instance, hackers used APIs to search millions of phone numbers associated with Authy accounts to validate them, scraping information about millions of Dell customers, matching millions of Trello accounts with emails, and much more.

The case of DocuSign does show how abuses of a platform justify stronger protections for digital services that enable access to sensitive tools. Because these API-based attacks have become so widespread, firms like DocuSign may be forced to consider further steps they are taking in being more watchful and tightening the locks on the misuses of their products with regards to paid accounts in which users have full access to the tools at their disposal.


Read more »
Opera Browser
API Browser Security Browser Vulnerability Cyber Attacks data security DNS Opera Browser

CrossBarking Exploit in Opera Browser Exposes Users to Extensive Risks

 

A new browser vulnerability called CrossBarking has been identified, affecting Opera users through “private” APIs that were meant only for select trusted sites. Browser APIs bridge websites with functionalities like storage, performance, and geolocation to enhance user experience. Most APIs are widely accessible and reviewed, but private ones are reserved for preferred applications. Researchers at Guardio found that these Opera-specific APIs were vulnerable to exploitation, especially if a malicious Chrome extension gained access. Guardio’s demonstration showed that once a hacker gained access to these private APIs through a Chrome extension — easily installable by Opera users — they could run powerful scripts in a user’s browser context. 
The malicious extension was initially disguised as a harmless tool, adding pictures of puppies to web pages. 

However, it also contained scripts capable of extensive interference with Opera settings. Guardio used this approach to hijack the settingsPrivate API, which allowed them to reroute a victim’s DNS settings through a malicious server, providing the attacker with extensive visibility into the user’s browsing activities. With control over the DNS settings, they could manipulate browser content and even redirect users to phishing pages, making the potential for misuse significant. Guardio emphasized that getting malicious extensions through Chrome’s review process is relatively easier than with Opera’s, which undergoes a more intensive manual review. 

The researchers, therefore, leveraged Chrome’s automated, less stringent review process to create a proof-of-concept attack on Opera users. CrossBarking’s implications go beyond Opera, underscoring the complex relationship between browser functionality and security. Opera took steps to mitigate this vulnerability by blocking scripts from running on private domains, a strategy that Chrome itself uses. However, they have retained the private APIs, acknowledging that managing security with third-party apps and maintaining functionality is a delicate balance. 

Opera’s decision to address the CrossBarking vulnerability by restricting script access to domains with private API access offers a practical, though partial, solution. This approach minimizes the risk of malicious code running within these domains, but it does not fully eliminate potential exposure. Guardio’s research emphasizes the need for Opera, and similar browsers, to reevaluate their approach to third-party extension compatibility and the risks associated with cross-browser API permissions.


This vulnerability also underscores a broader industry challenge: balancing user functionality with security. While private APIs are integral to offering customized features, they open potential entry points for attackers when not adequately protected. Opera’s reliance on responsible disclosure practices with cybersecurity firms is a step forward. However, ongoing vigilance and a proactive stance toward enhancing browser security are essential as threats continue to evolve, particularly in a landscape where third-party extensions can easily be overlooked as potential risks.


In response, Opera has collaborated closely with researchers and relies on responsible vulnerability disclosures from third-party security firms like Guardio to address any potential risks preemptively. Security professionals highlight that browser developers should consider the full ecosystem, assessing how interactions across apps and extensions might introduce vulnerabilities.
Read more »
Google Updates
Ad Blockers API Chrome Extensions Cyber Security Google Google Chrome Google Chrome security Google Updates

The Impact of Google’s Manifest V3 on Chrome Extensions

 

Google’s Manifest V3 rules have generated a lot of discussion, primarily because users fear it will make ad blockers, such as Ublock Origin, obsolete. This concern stems from the fact that Ublock Origin is heavily used and has been affected by these changes. However, it’s crucial to understand that these new rules don’t outright disable ad blockers, though they may impact some functionality. The purpose of Manifest V3 is to enhance the security and privacy of Chrome extensions. A significant part of this is limiting remote code execution within extensions, a measure meant to prevent malicious activities that could lead to data breaches. 

This stems from incidents like DataSpii, where extensions harvested sensitive user data including tax returns and financial information. Google’s Manifest V3 aims to prevent such vulnerabilities by introducing stricter regulations on the code that can be used within extensions. For developers, this means adapting to new APIs, notably the WebRequest API, which has been altered to restrict certain network activities that extensions used to perform. While these changes are designed to increase user security, they require extension developers to modify how their tools work. Ad blockers like Ublock Origin can still function, but some users may need to manually enable or adjust settings to get them working effectively under Manifest V3. 

Although many users believe that the update is intended to undermine ad blockers—especially since Google’s main revenue comes from ads—the truth is more nuanced. Google maintains that the changes are intended to bolster security, though skepticism remains high. Users are still able to use ad blockers such as Ublock Origin or switch to alternatives like Ublock Lite, which complies with the new regulations. Additionally, users can choose other browsers like Firefox that do not have the same restrictions and can still run extensions under their older, more flexible frameworks. While Manifest V3 introduces hurdles, it doesn’t spell the end for ad blockers. The changes force developers to ensure that their tools follow stricter security protocols, but this could ultimately lead to safer browsing experiences. 

If some extensions stop working, alternatives or updates are available to address the gaps. For now, users can continue to enjoy ad-free browsing with the right tools and settings, though they should remain vigilant in managing and updating their extensions. To further protect themselves, users are advised to explore additional options such as using privacy-focused extensions like Privacy Badger or Ghostery. For more tech-savvy individuals, setting up hardware-based ad-blocking solutions like Pi-Hole can offer more comprehensive protection. A virtual private network (VPN) with built-in ad-blocking capabilities is another effective solution. Ultimately, while Manifest V3 may introduce limitations, it’s far from the end of ad-blocking extensions. 

Developers are adapting, and users still have a variety of tools to block intrusive ads and enhance their browsing experience. Keeping ad blockers up to date and understanding how to manage extensions is key to ensuring a smooth transition into Google’s new extension framework.
Read more »
Sensitive data
API Cyber Security Finance Healthcare NHIs Sensitive data

Why Non-Human Identities Are the New Cybersecurity Nightmare







In April, business intelligence company Sisense fell victim to a critical security breach that exposed all vulnerability in managing non-human identities (NHIs). The hackers accessed the company's GitLab repository that contained hardcoded SSH keys, API credentials, and access tokens. Indeed, this really opened the book on why NHIs are a must and how indispensable they have become in modern digital ecosystems.

Unlike human users, NHIs such as service accounts, cloud instances, APIs, and IoT manage data flow and automate processes. Therefore, in the majority of enterprise networks, with NHIs now far outscaling human users, their security is crucial to prevent cyberattacks and ensure business continuity.

The Threat of Non-Human Identities

With thousands or even millions of NHIs in use within an organisation, no wonder cybercrooks are turning their attention to these. Typically, digital identities are less comprehensively understood and protected, so that easily becomes an easy target for them. In fact, data breaches involving NHIs have already become more widespread, especially as companies increase their usage of cloud infrastructures and automation.

Healthcare and finance are basically soft targets because these industries have strict regulations on compliance. Getting found in violation of standards such as the Health Insurance Portability and Accountability Act (HIPAA) or the Payment Card Industry Data Security Standard (PCI DSS) could come in the form of a fine, reputational damage, and a loss of customer trust.

Why Secure NHIs?

With the complexity of digital ecosystems constantly growing, the security of NHIs becomes all the more important. Companies are drifting toward a "zero-trust" security model, where no user--neither human nor non-human-is trusted by default. Every access request needs to be verified. And especially, this concept has been very effective in decentralised networks that come with large numbers of NHIs.

Locking down NHIs lets the organisations control sensitive data, reduce unauthorised access, and comply with regulation. In the case of Sisense, when management of NHIs is poor, they very soon become a gateway for the cybercriminals.

Best Practices in Managing NHI

To ensure the security of non-human identity, these best practices have to be adopted by an organisation:


 1. Continuous Discovery and Inventory
Automated processes should be in place so that there is always a live inventory of all the NHI across the network. This inventory captures proper details of the owner, permissions, usage patterns, and related risks associated with that NHI. Control and monitoring over these digital identities is enhanced through this live catalog.


 2. Risk-Based Approach
Not all NHIs are the same, however. Some have access to highly sensitive information, while others simply get to perform routine tasks. Companies should have a risk-scoring system that analyses what the NHI has access to, what it accesses in terms of sensitivity, and the effect if broken into.

3. Incident Response Action Plan
A percentage of security will then be allocated based on those with the highest scores. Organisations should have a structured incident response plan aligned with NHIs. They  should also have pre-defined playbooks on the breach related to non-human identities. These playbooks should outline the phases involved in the incident containment, mitigation, and resolution process, as well as the communication protocols with all stakeholders.

4. NHI Education Program
A good education program limits security risks associated with NHI. Developers should be trained on coding secure practices, including the dangers of hardcoded credentials, and operations teams on proper rotation and monitoring NHIs. Regular training ensures that all employees are aware of best practices.


 5. Automated Lifecycle Management
The NHIs will also get instantiated, updated, and retired automatically. Thus, security policies will be enforced for all the identity lifecycle stages. This will eradicate human errors in the form of unused or misconfigured NHIs with possible exploits by attackers.


 6. Non-Human Identity Detection and Response (NHIDR)
The NHIDR tools set baseline behaviour patterns for NHIs and detect the anomaly that could indicate a breach. Organisations can monitor the activities of NHIs with these tools and respond quickly to suspicious behaviour, thereby preventing more breaches.


 7. Change Approval Workflow
In most cases, change approval workflow should be embedded before changes to NHIs like the change of permissions or transfers between systems are affected. The security and IT teams must assess and approve the process so that there are no unnecessary risks developed.

8. Exposure Monitoring and Rapid Response
Organisations must expose NHIs, which means they must identify and resolve the vulnerabilities quickly. Automated monitoring solutions can find exposed credentials or compromised APIs, set off alerts, and initiate incident response procedures before a potentially malicious actor could act.

The Business Case for NHI Management

Investments in the proper management of NHI can produce large, long-term benefits. Companies can prevent data breaches that cost on average $4.45 million per incident and keep money at the bottom line. Simplified NHI process also helps save precious IT resources, thereby redirecting security teams' efforts toward strategic initiatives.

For industries that require high levels of compliance, such as health and finance, much of the NHI management investment often pays for itself through better regulatory compliance. Organisations can innovate more safely, knowing their digital identities are safe, through a good NHI management system.

As businesses start relying more and more on automation and the cloud, it will be based on the solid and well-rounded management of NHI. A good approach toward NHI management would largely prevent security breaches and ensure industry compliance. Such a posture will not only save the data but help the organisation position itself as a long-term winner in the fast-changing digital world.


Read more »
Data Leak
API Confluence Data Breach Data Leak

Club Penguin Fans Target Disney Server, Exposing 2.5 GB of Internal Data

 

Club Penguin fans reportedly hacked a Disney Confluence server to collect information about their favourite game but ended up with 2.5 GB of internal corporate data instead. 

From 2005 until 2018, Club Penguin was a multiplayer online game (MMO) that included a virtual world where users could engage in games, activities, and talk with one another. The game was produced by New Horizon Interactive, which Disney later purchased. 

While Club Penguin was officially closed in 2017 and replaced by Club Penguin Island in 2018, the game is still available on private servers hosted by fans and independent developers. Despite Disney's opposition to a more prominent 'Club Penguin Rewritten' replica, which resulted in the arrest of its owners, private servers with thousands of players continue to exist today. 

Earlier this week, an anonymous user posted a link to "Internal Club Penguin PDFs" on the 4Chan message board, with the simple statement, "I no longer need these:).” 

The link takes you to a 415 MB collection with 137 PDFs including old Club Penguin internal information such as correspondence, design schematics, documentation, and character sheets. All of this data is at least seven years old, making it solely interesting to game fans. 

BleepingComputer has recently discovered that the Club Penguin data is simply a small part of a much bigger data set stolen from Disney's Confluence server, which houses documentation for different business, software, and IT initiatives used internally by Disney. 

The source says Disney's Confluence servers were compromised using previously leaked passwords. According to the insider, the threat actors were initially looking for Club Penguin data but ended up collecting 2.5 GB of data regarding Disney's corporate strategies, advertising plans, Disney+, internal developer tools, commercial projects, and infrastructure. 

The data includes documentation on a wide range of initiatives and projects, as well as information on internal developer tools Helios and Communicore, which were not previously made public.
Read more »
Dell
API Data Breach Data Leak data security Dell

Dell API Abused to Steal 49 Million Customer Records in Data Breach


The threat actor responsible for the recent Dell data breach stated that he scraped information from 49 million customer records via a partner portal API that he accessed as a phony organization.

Dell had begun sending alerts to customers informing them that their personal information had been stolen in a data breach.

The Breach

This data breach compromised customer order data, which included warranty information, service tags, customer names, installed locations, customer numbers, and order numbers.

On April 28th, a threat actor, Menelik, posted the data for sale on the Breached hacking forum, but the administrators quickly removed the post. 

Menelik said that they were able to obtain the data after discovering a portal where partners, distributors, and merchants could look up order information.

Menelik claims that by opening many identities under bogus firm names, he could gain access to the portal within two days without verification.

Registering as a Partner is quite simple. You simply fill out an application form, Menelik explained.

APIs are being exploited in data breaches

Easy-to-access APIs have become a major business liability in recent years, with threat actors exploiting them to scrape sensitive data and sell it to other threat actors.

Threat actors linked phone numbers to approximately 500 million accounts in 2021 by exploiting a Facebook API issue. This data was leaked nearly for free on a hacking site, requiring only an account and a $2 fee to get it.

Later that year, in December, threat actors used a Twitter API flaw to connect millions of phone numbers and email addresses to Twitter accounts, which were then sold on hacking forums.

Lessons Learned

This breach serves as a stark reminder of several critical lessons:

API Security Matters: APIs are essential for seamless communication between systems, but their security must not be overlooked. Regular audits and robust access controls are crucial.

Third-Party Risks: Partner portals and third-party integrations can introduce vulnerabilities. Companies must assess and monitor these connections rigorously.

Data Minimization: Collect only the data necessary for business operations. The less data stored, the less there is to lose.

Incident Response: Dell’s swift response demonstrates the importance of having an effective incident response plan. Preparedness matters.

The Scale

The sheer volume of compromised records—49 million—underscores the severity of the breach. Such a massive data leak can have far-reaching consequences for affected individuals. From identity theft to targeted phishing attacks, the fallout can be extensive.

Dell’s Response

Dell promptly detected the breach and took action. They notify affected customers about the incident, urging them to be cautious and vigilant. Additionally, Dell is enhancing security protocols to prevent similar incidents in the future.

Read more »
Telegram
API Cyberattacks CyberCrime Cyberhackers Cybersecurity CyberThreat Data Breach Information Compromised Real American Voice SiegedSec Telegram

Data Breach at Real America’s Voice: User Information Compromised

 


In the past few weeks, a group of homosexual, furry hackers called SiegedSec has hacked the far-right media outlet Real America’s Voice, and they have taken it down. As well as hosting far-right commentators such as Steve Bannon and Charlie Kirk, the right-wing media outlet owned by Robert Sigg also plays host to conspiracy theories, such as COVID-19 misinformation, 2020 election conspiracy theories, QAnon, and transphobic content, as well as far-right commentators such as Steve Bannon and Charlie Kirk. 

This group announced on Monday that it had hacked the app of Real America's Voice, a right-wing media outlet, founded in 2020 and regularly featuring far-right activists such as Steve Bannon and Charlie Kirk, in an announcement posted to its Telegram channel. As well as spreading conspiracy theories and transphobic rhetoric, Real America's Voice is often attacked by SiegedSec, a hacker furry collective that has wreaked havoc on the outlet. 

As part of their release, they provided data on over 1,000 users of their app, along with information on hosts Charlie Kirk, Steve Bannon, and Ted Nugent, the latter who wrote a song about wanting to fuck a 13-year-old girl. This hacker was known for destroying Minnesota River Valley Church, which used $6,000 of money to buy inflatable sea lions. 

They were also known for destroying nuclear research facilities and demanding that they focus on cat girls to accomplish their goal. It has been reported that SiegedSec has released personal information about more than 1,200 users using the app, including their full names, telephone numbers, and email addresses, as part of its ongoing hacktivism campaign OpTransRights. Additionally, the group said that they removed the user's data from the app's API as well as its cloud storage system, as well as going poof on the files. 

SiegedSec wrote in their Telegram message about the optics of their actions in regards to the Real America's Voice leak as the company shared it with their followers. We have received concerns throughout the attacks that actions had been conducted against transphobic entities and that our attacks would be construed to label the LGBTQ+ community as ‘terrorists’ and ‘criminals,’ as the group stated. 

It’s important to realize that these types of people are always going to blame the LGBTQ+ community, no matter what we do. They’re going to look for ways to hate, they will not listen to reason, and they’re going to spread lies to discredit people who are different. Data reportedly deleted from the Amazon server included information about the network’s top shows, including those hosted by prominent right-wing figures like Charlie Kirk, Steve Bannon, and Ted Nugent, as well as the top shows on the network. 

There is no information available as to whether SiegedSec's actions resulted in any permanent damage to the organization. Initially launched last year after SiegedSec attacked government websites in five states over the policies regarding transgender healthcare, the #OpTransRights campaign has just been relaunched as a part of the group's recently relaunched #OpTransRights campaign. 

As a result of anti-transgender remarks made by the pastor of River Valley Church in Burnsville, Minnesota, SiegedSec hacked the church on April 1 and launched it again on April 1. SiegedSec also used the church's Amazon account to buy inflatable sea lions worth several thousand dollars worth of money using the church's Amazon account after the hack. 

This hack exposed private prayer requests from 15,000 users of the church's website. After doing that, SiegedSec went on to dox River Valley Church's pastor Rob Ketterling less than a week later. They also noted that in their statement on Monday, they expressed concern that such attacks would negatively impact the LGBTQ+ community.
Read more »
Vulnerabilities Expose
Akamai Research API Cyber Security Cyberattacks CyberCrime Shadow Attacks SOTI Technology Vulnerabilities Expose

Akamai Research Exposes Vulnerability: APIs Now Prime Targets for 29% of Web Attacks

 


As part of the State of the Internet (SOTI) reports, a series of threats and data insights from Akamai, this year marks the 10th year in which Akamai has been publishing these reports. Since then, the focus of these reports has changed, mainly due to the evolution of the threat and operational ecosystems. During this year's conference, people split the web application and API attacks into separate groups to better understand their situation. 

As a result of that, API security has become more visible. The rapid deployment of APIs has resulted in several blind spots like zombies, shadows, and rogue APIs, which are a sign that business transformation is taking place. To find and manage all APIs, users must use cyber controls. It has been observed that APIs are of critical importance to the success of most companies because they improve both the employee and customer experience. 

This rapid expansion of the API economy has allowed cybercriminals to exploit these new opportunities, but they have also used digital innovation to their advantage. It has been highlighted in the most recent SOTI report, Lurking in the Shadows: Attack Trends Shine Light on API Threats, that a wide range of attacks are taking place across both websites and APIs. In addition to traditional web attacks, API-specific attacks are also being discussed, as well as posture and runtime challenges that can be abused or allow direct attack through API. 

As the demand for APIs increases, it is predicted that these attacks will continue to spike, and organizations are encouraged to properly account for and secure the APIs they use. It also discusses how to mitigate threats and comply with compliance regulations. This research also explores some of the most common problems that arise when it comes to postures and runtimes. 

There are several case studies included in the report that demonstrate the real-world implications of API security on an organization and there are breakout reports containing data from the regions of Europe, the Middle East, and Africa (EMEA) as well as Asia-Pacific and Japan (APJ). Throughout history, APIs have played a key role in facilitating the exchange of critical and valuable information between customers and partner organizations, but they are also presenting a challenge to many security organizations due to the lack of API infrastructure and programming skills. 

The lack of comprehensive and accurate accounting of APIs in several organizations makes it difficult to determine just how large their attack surface is because the number of APIs in these organizations is not comprehensive and accurate. The Akamai research found that APIs are being tasked with both traditional attacks and API-specific attacks, requiring a combination of protections to keep them safe. 

Akamai powers and protects life online. Countless people live, work, and play every day because Akamai powers and protects their digital experiences. With Akamai Connected Cloud, a massively distributed cloud and edge platform that enables users to access apps and experiences closer to them and keeps threats to a minimum, it brings them closer to users while keeping them safe from attacks.
Read more »
Software Protection
API API Integration Secure cyber attack Data Theft Hackers Software Protection

5 Simple Steps to Bulletproof Your API Integrations and Keep Hackers at Bay


In today's tech-driven world, APIs (Application Programming Interfaces) are like the connective tissue that allows different software to talk to each other, making our digital experiences seamless. But because they are so crucial, they are also prime targets for hackers. 

They could break in to steal our sensitive data, mess with our systems, or even shut down services. That is why it is super important for companies to beef up their API security, protecting our info and keeping everything running smoothly and this is where API Integration Secure name comes up. 

Let’s Understand What is API Integration Secure and Why Is It Important 

API integrations are made secure through a combination of measures designed to protect the data and systems involved. This includes using encryption to safeguard information as it travels between systems, implementing authentication and authorization protocols to ensure that only authorized users and applications can access the API, and regularly monitoring for any suspicious activity or attempted breaches. 

Additionally, following best practices in API design and development, such as limiting the data exposed through the API and regularly updating and patching any security vulnerabilities, helps to further enhance security. Overall, a multi-layered approach that addresses both technical and procedural aspects is key to ensuring the security of API integrations. 

Here Are Five Ways to Keep API Integrations Secure: 


Use an API Gateway: Think of it as the guardian of your APIs. It keeps an eye on who is trying to access your data and blocks anyone suspicious. Plus, it logs all the requests, so you can check who has been knocking on your digital door. 

Set Scopes for Access: Just because someone was allowed in does not mean they can see everything. Scopes make sure they only get access to the stuff they really need, like a limited view of a database. It is like giving someone a key to one room instead of the whole house. 

Keep Software Updated: You know those annoying software updates that pop up? They are actually super important for security. They fix any holes that hackers might try to sneak through. So, always hit that update button. 

Enforce Rate Limits: Imagine a crowded street during rush hour. Rate limits make sure not too many cars (or requests) clog up the road at once. It helps prevent crashes and slowdowns, making sure everyone can get where they need to go smoothly. 

Monitor Logs with SIEM: It is like having a security guard watching CCTV cameras for any suspicious activity. SIEM collects all the logs from API calls and flags anything fishy. So, if someone is trying to break in, you will know right away and stop them in their tracks.
Read more »
Tech Industry
AI technology AI-powered tool API Artifical Intelligence Cyber Security Dell generative AI tools Software Tech Industry

Dell Launches Innovative Generative AI Tool for Model Customization

Dell has introduced a groundbreaking Generative AI tool poised to reshape the landscape of model customization. This remarkable development signifies a significant stride forward in artificial intelligence, with the potential to revolutionize a wide array of industries. 

Dell, a trailblazer in technology solutions, has harnessed the power of Generative AI to create a tool that empowers businesses to customize models with unprecedented precision and efficiency. This tool comes at a pivotal moment when the demand for tailored AI solutions is higher than ever before. 

The tool's capabilities have been met with widespread excitement and acclaim from experts in the field. Steve McDowell, a prominent technology analyst, emphasizes the significance of Dell's venture into Generative AI. He notes, "Dell's deep dive into Generative AI showcases their commitment to staying at the forefront of technological innovation."

One of the key features that sets Dell's Generative AI tool apart is its versatility. It caters to a diverse range of industries, from healthcare to finance, manufacturing to entertainment. This adaptability ensures that businesses of all sizes and sectors can harness the power of AI to meet their specific needs.

Furthermore, Dell's tool comes equipped with a user-friendly interface, making it accessible to both seasoned AI experts and those new to the field. This democratization of AI customization is a pivotal step towards creating a more inclusive and innovative technological landscape.

The enhanced hardware and software portfolio accompanying this release further cements Dell's commitment to providing comprehensive solutions. By covering an extensive range of use cases, Dell ensures that businesses can integrate AI seamlessly into their operations, regardless of their industry or specific requirements.

Technology innovator Dell has used the potential of generative AI to develop a platform that enables companies to customize models with previously unheard-of accuracy and effectiveness. This technology is released at a critical time when there is a greater-than-ever need for customized AI solutions.

A significant development in the development of artificial intelligence is the release of Dell's Generative AI tool. Its ability to fundamentally alter model customization in a variety of industries is evidence of Dell's unwavering commitment to technical advancement. With this tool, Dell is laying the groundwork for a time when everyone may access and customize AI, in addition to offering a strong solution. 
Read more »
User ID
API Cyberattacks CyberCrime Cybersecurity Data Breach Discord Discord Users Technology User ID

Rising Concerns as Discord.io Data Breach Compromises 760,000 Users

 

Although digital companies have multiple data protections in place to safeguard their customers' information, hackers continue to find ways to circumvent them and gain access to sensitive data even though they have multiple data protections in place to safeguard customer data. 

Data breaches have become more common in recent years, despite an increased focus being placed on cybersecurity in recent years. There has been another data breach at Discord.io this time, unfortunately, as the company is now one of the victims of such attacks. Learn about the types of data that hackers have access to as well as what steps are being taken by the company to protect this data. 

There has been a massive data breach at a popular service used to create custom links for Discord channels which allows people to create custom links for their channels. The service has now announced that it will be shutting down operations for the time being. 

A major breach of Discord.io's database occurred on the night of August 14, and large swaths of user data were stolen as a result. Discord announced the breach on Tuesday. As TechRadar reported in its article about the breach, more than 760,000 members of the company had their information compromised by the breach, though the company did not reveal this number in its update.

Discord.io is a third-party service that allows users to create custom invitations to their Discord channels, which can then be shared by the channel owner with their friends and viewers. It is estimated that over 14,000 users have registered on the service's Discord server, which is where most of the community exists. 

As of yesterday, a person named 'Akhirah' has started offering the Discord.io database for sale on the newly launched Breached hacking forums. A threat actor shared four records from the database as proof that he had stolen data. The new Breached forums are being hailed as the rise of a popular cybercrime forum that used to be a place where people would sell and leak data stolen from compromised databases. 

A member's username, email address, billing address (which only a small number of people) and a salted and hashed password (which only a small number of people) were among the most sensitive data that were compromised in the breach. 

Discord.io has officially confirmed that they were breached via a notice posted to their Discord server and website, and has initiated the process of temporarily shutting down its services as a result. As first reported by StackDiary, Discord.io has confirmed the authenticity of the breach. According to a timeline listed on the website for Discord.io, it was only after seeing the post on the hacking forum that they encountered the information about the data breach. 

Immediately after the leaked data was confirmed to be authentic, they shut down their services and cancelled all memberships that had been paid for. A spokesperson for Discord.io says that the person responsible for the breach has not contacted them and has not provided them with any information regarding how the breach occurred. A spokesperson for Akhirah, the seller of the Discord.io database, told BleepingComputer that he had not been in touch with the Discord.io operators before speaking with them.

It is clear from the revealed information about the users that the attacker was able to gather all types of sensitive information from Discord.io. There was data leaked by the company that included sensitive user information, including usernames, Discord IDs, email addresses, billing addresses, salted and hashed passwords, and much other sensitive information. Because Discord.io does not store any information about its users, it cannot confirm whether or not any credit card information was compromised in the attack. 

As part of the data breach, the platform acknowledges that certain information about users, including internal user IDs, avatar details, the status of users, coin balances, API keys, registration dates, last payment dates, and membership expiration dates may have been exposed.  

Currently, Discord.io has announced that it is suspending operations indefinitely due to this attack. There will be a temporary period when Discord.io will not be available during the next few months after the website is launched since it will cease to operate while it is being built. There will be a complete rewrite of the website code, in which it will be implementing a completely new security system, and the code will be completely rewritten, according to the platform. 


Read more »
User Data Goldmine
API ChatGPT Cyberattacks Google IT Experts Technology Twitter User Data Goldmine

User Data Goldmine: Google's Ambitious Mission to Scrape Everything for AI Advancement

 


It was announced over the weekend that Google had made a change to its privacy policies. This change explicitly states that the company reserves the right to scrape everything you post online to build its artificial intelligence tools. Considering how far Google can read what you have to say, you can assume that you can expect your words to end up nestled somewhere within the bowels of a chatbot now that Google can read them. 

Google and Facebook privacy policies were quietly updated over the weekend and, likely, you didn't notice. There has been a slight change in the policy wording, but the change is significant, particularly because it is a revision.

In a recent report by Gizmodo, Google revised its privacy policy. Even though most of the policy is not particularly noteworthy, there is one section that stands out - one related to research and development - that could make a significant difference. 

The Gizmodo team has learned that Google's new privacy statement has been revised. While most of the policy is relatively unremarkable, one section in particular, the one dealing with research and development, stands out, particularly from the rest.  

For those who love history, Google has compiled a history of changes to its terms of service over the years that can be found here. According to the new language, the tech giant has written new ways in which your online musings might be used in the company's AI tools, which would not contradict the existing language in its policies. 

Google said in the past that the data would be used "for language models," rather than making "AI models," and places like Bard, Cloud AI, and Google Translate are now being mentioned, as well as the older policy that only mentioned Google Translate. 

Generally, a privacy policy does not include a clause such as this one. This type of policy describes how companies use your information when you post it on a company's service such as their website or their social media. It appears that Google has a right to harvest and harness any data posted to any part of the public web. This is as if the entire internet is the firm's playground for artificial intelligence experiments. Several requests for comment were sent to Google, but the company did not respond immediately. 

The practice raises interesting questions regarding the privacy of patients and raises new privacy concerns. Public posts are understood by the majority of people as being public. It is important to remember that what it means to write something online has changed over the years. 

The question is no longer whether a person has access to the information, but how can they use it based on that information. Your long-forgotten blog posts or even restaurant reviews from 15 years ago are very likely to have been ingested by Bard and ChatGPT. In the course of reading this, the chatbots may regurgitate some funny, humonculoid version of the words you have just spoken. This is in ways that are difficult to predict and comprehend. 

It seems odd for a company to add such a clause to its contract, as pointed out by this outlet. There is something peculiar about this because the way it has been worded gives the impression that the tech giant does reserve the right to harvest and use any data available on any part of the public internet at any time. There are times when a company's data usage policy only addresses how that company plans to make use of the personal information it has collected. 

The vast majority of people probably realize that whatever information they post online will be visible to the world at large, but this development opens up a whole new world of opportunities. The issue of privacy does not just extend to those who see your online posts, but to everything that is done with those posts as well. 

There used to be a reference here to "AI models" rather than "language models" before the update, and that statement has been changed. Furthermore, it mentioned the addition of Bard and Cloud AI to Google Translate, a service that has been included with Bard since then. 

In the outlet's opinion, this is an unusual clause that a business would enshrine in its policies. The writing of this statement seems odd since the way it's written implies that Apple owns the right to collect and use data from any section of the Internet that is open to the public. The purpose of a policy such as this is normally to tell the customer how its services will use the data it posts.

It is well known that anything you post online will be seen by almost everyone, but with the new developments that have come about, there is an unexpected twist: the possibility of using it. The thing you need to keep in mind is not just who can read what you write online, but also how that information will be used by the people who can read it. 

It is also possible to use real-time data-looking technology such as Bard, ChatGPT, Bing Chat, and other AI models that scrape data from the internet in real-time. Often, sources of information can be found in other people's intellectual property and come from their sources. AI tools currently being used for such activities are accused of theft, and more lawsuits are likely. 

The question of where data-hungry chatbots acquire their information in the post-ChatGPT world is one of the lesser-known complications of the post-ChatGPT world. Google and OpenAI scrape the Internet to fuel their robot habits. 

There is no clear legal guidance on whether it is legal. There is no doubt that the courts will have to deal with copyright questions that seemed like science fiction a few years ago when they first came up. At the same time, there have been some surprising effects on consumers that have been caused by the phenomenon so far.    

There is some aggrievement among Twitter and Reddit overlords related to the AI issue. Both have made controversial changes to lock down their platforms going forward. There has been a change in both companies' API which prevented third parties from downloading large quantities of posts for free. This was something they allowed anyone to download. There is no doubt that this statement is intended to protect social media sites from being harvested by other companies looking to steal their intellectual property. However, the consequences of this decision are far more significant. 

Third-party tools that people used to access Twitter and Reddit have been broken by the API changes that Twitter and Reddit implemented. At one point, Twitter even appeared to be considering requiring public entities such as weather forecasts, transit lines, and emergency services to pay a monthly fee to use their Twitter services, but Twitter backed down after receiving a hailstorm of criticism for this plan. 

Elon Musk has historically made web scraping his favorite boogieman in recent years. Musk explained a number of the recent Twitter disasters as a result of the company's need to guard against the theft of data from the site by others, even when the issues do not seem to be related. There was a problem with Twitter over the weekend when the number of tweets a user was permitted to view per day was limited, making the service almost unusable for many users. 

Musk believed rate-limiting was a necessary response to "data scraping" and "system manipulation." However, most IT experts agree that it was more likely a crisis response resulting from mismanagement or incompetence rather than an attempt to solve a problem. Despite Gizmodo's repeated requests for information on the matter, Twitter did not respond.
Read more »
Russia
API Artificial Intelligence BlackCat CNN cyber theft Cyberattacks CyberCrime Cybersecurity Data Breach Reddit Russia

Hackers Threatened to Leak 80GB of Data Allegedly Stolen From Reddit in February

 


An independent cybersecurity expert and CNN reviewed a post from the BlackCat ransomware gang, also known as ALPHV. The post said the group had stolen 80 gigabytes of confidential data from Reddit during a February breach and claimed to have accessed it. A cyber-security expert and CNN examined the dark web post, and the group claimed it had stolen 80 gigabytes. 

A hacker group in Russia is threatening to release Reddit data if it doesn't pay a ransom demand - as well as reverse the controversial API pricing increases. 

According to the hackers, they demand a ransom of $4.5 million and an API price hike from the company. This is if they hope to prevent data release, which was hacked. 

It appears that phishing attacks allow threat actors to gain access to the company's systems to steal internal documents, source code, employee data, and a limited amount of information about Reddit's advertising partners. 

Reddit spokesperson confirmed that "BlackCat's claims refer to a cyber incident that Reddit confirmed on February 9 as related to BlackCat's claims". During a high-targeted phishing attack carried out at the incident, hackers accessed information about employees and internal documents. 

Information about employees and internal documents was accessed through a targeted phishing attack. It is believed that the company was unaware that the passwords or accounts of customers had been stolen. 

Reddit provided no further information regarding the attack or the culprits. Nevertheless, over the weekend, BlackCat raised the stakes in the February cyber intrusion, claiming responsibility for it. It threatened to leak the "confidential" information obtained during the attack. BlackCat has not shared any evidence of data theft by the hackers, and it's unclear exactly what type of information the hackers have stolen.  

BlackCat has threatened to leak the "confidential" data but there is no sign of what it is supposed to be. They have neither provided evidence of data theft nor evidence to back up their claim. 

CTO of Reddit Chris Slowe recently talked about a security incident that happened in February, and he posted about the incident here. Throughout the post, Slowe said that, as a result of a highly targeted and sophisticated phishing attack, the company's "systems were hacked," with hackers gaining access to "some internal documents, code, and some internal business systems." The hackers only obtained employee information, according to Slowe.

In a statement to CNN on Monday, a Reddit spokesperson confirmed that BlackCat's post refers to the incident in February. No user data was accessed, according to the spokesperson, but he refused to elaborate further on the matter. 

Several Reddit forums remained dark last Monday during the planned two-day protest. This was intended to highlight the company's plan to charge steep fees for third-party apps to access the company's platform in the future. 

There are still more than 3,500 Reddit forums unresponsive a week after the attack happened. Some experts argue that BlackCat's actual motives are questionable while some are sympathetic to the protestors' cause based on the ransom note. 

This is the second Reddit data breach in six years. This time, the attackers could access Reddit data dating back to 2007. A user's username, hashed password, email address, and the content of public posts and private messages were included in that report. 

In February, hackers reportedly stole 80GB of data from Reddit and threatened to leak it in three days as part of their threat. In response to the breach, Reddit acknowledged the incident and is actively investigating the matter. A ransom demand has been made by the hackers, who have warned that if they are not paid, the thieves will release sensitive information about their victims.

As of right now, it is impossible to verify the authenticity of stolen data. There are persistent cyber threats that online platforms face daily. This incident reminds us of the importance of robust security measures against such threats. Reddit is striving to improve its privacy and security protocols, and users are advised to remain vigilant at all times.
Read more »
Technology
API Cyber Attacks CyberCrime Cybersecurity Education Microsoft 365 Phishing Attacks Technology

Microsoft 365 Phishing Attacks Made Easier With 'Greatness'

 


It is a method of stealing money, or your identity, by attempting to get you to reveal personal information through websites that pretend to be legitimate websites, such as credit cards, bank details, or passwords, that aim to get you to reveal your personal information. Cybercriminals often pose as reputable companies, friends, or acquaintances and send fake messages with a link to a phishing website.  

By enticing people to reveal personal information like passwords and credit card numbers, phishing attacks are intended to steal sensitive data or damage it by damaging users' computers. 

Even script kiddies have constructed convincing, effective phishing attacks against businesses using a service never heard of before, called phishing-as-a-service (PaaS). 

As many organizations around the world use the Microsoft 365 cloud-based productivity platform, it has become one of the most valuable targets for cybercriminals. These criminals use it to steal data and credentials to compromise their networks. 

During a Cisco Talos research update, researchers explained how phishing activity on the Greatness platform exploded between December 2022 and March 2023. This was when the platform was launched in mid-2022. 

Since the tool was introduced in mid-2022, it has been used in attacks on several companies across a variety of industries. These industries include manufacturing, healthcare, technology, and banking. 

At this point, approximately half of those targeted are in the United States. Attacks have also been carried out around Western Europe, Australia, Brazil, Canada, and South Africa, but the majority are concentrated in the US. 

As a result of these attacks, a wide range of industries, including manufacturing, healthcare, technology, education, real estate, construction, finance, and business services, are being targeted. 

It contains everything you will ever need to conduct a successful phishing campaign if you intend to play at being a phishing actor in the future. 

Using the API key that they have acquired for their service, the users will have access to the 'Greatness' admin panel and provided a list of email addresses that they wish to attack. 

It is the PhaaS platform, or as it is often called, that allocates the infrastructure needed to host the phishing pages and also to build the HTML attachments. This is like the server hosting the phishing pages. 

Afterward, the affiliate builds the content for the email and provides any other material needed, and changes any default settings if necessary. 

The process of taking on an organization is simple. A hacker simply logs into the enterprise using their API key; provides a list of target email addresses; creates the content of the email (and changes any other default details as they see fit). 

Greatness will authenticate on the real Microsoft platform based on the MFA code supplied by the victim once the MFA code is provided. This allows the affiliate to receive an authenticated session cookie through the Telegram channel provided by the service or through access to their web panel. 

As a result, many companies find that stolen credentials can also be used to breach their network security. This results in more dangerous attacks, like ransomware, being launched.
Read more »
Vulnerabilities and Exploits
API Imperva Red message evet handler PostMessage API TikTok Vulnerabilities and Exploits

Imperva Red Team Patches a Privacy Vulnerability in TikTok


The Imperva Red Team has recently identified a vulnerability in TikTok, apparently allowing threat actors to look into users’ activities over both mobile and desktop devices.

The vulnerability, which has now been patched, was the result of a window message event handler's failure to accurately verify the message's origin, providing attackers access to users’ sensitive data.

PostMessage API 

The PostMessage API (also known as the HTML5 Web Messaging API) is a communication mechanism that permits safe cross-origin communication between several windows or iframes inside a web application. The API enables scripts from different origins to exchange messages, overcoming the restrictions the Same-Origin Policy imposes, that normally restricts data sharing between distinct sources on the web.

The API includes methods named window.postMessage() and an event message. The postMessage() method is used to send a message from the source window to the target window or iframe, while the message event is triggered on the receiving end when a new message is received. The team discovered a script in TikTok's web application during the code analysis that seemed to be involved in user tracking. 

The Imperva report states that “the first step in discovering the vulnerability was to identify all the message event handlers in TikTok's web application. This involved a comprehensive analysis of the source code in locating instances where the PostMessage API was being used[…]Once all the message event handlers were identified, we proceeded to carefully read and understand the code for each handler. This allowed us to determine the purpose of each handler and evaluate the security implications of processing untrusted messages.” 

Exploiting the Vulnerability 

Attackers could send harmful messages to the TikTok web application through the PostMessage API by taking advantage of this vulnerability and getting around the security precautions. The malicious message would then be processed by the message event handler as if it were from a reliable source, giving the attacker access to private user data.

The vulnerability was promptly addressed after being reported to TikTok by the Imperva Red Team, and Imperva appreciated TikTok for its swift action and cooperation. This disclosure should serve as a reminder of the value of adequate message origin validation and the risks of enabling interdomain communication without the necessary security precautions.  

Read more »
Shopify
API CloudSEK Credit Cards E-Commerce Mobile Security search engine Shopify

Globally, Over 4 Million Shopify Users Are at Risk

 


In a report published on Friday by CloudSEK's BeVigil, a security search engine for mobile apps, it has been found that over four million users of e-commerce apps around the world are exposed to the risk of hardcoded Shopify tokens.   

As an e-commerce platform, Shopify allows anyone to create a store that enables them to sell their products online and allows businesses to do the same. Shopify is expected to be used by more than 4.4 million websites by the end of 2023 and is located in more than 175 countries. 
 
Researchers are claiming that there is a risk that crooks will gain access to sensitive data belonging to millions of Android users with e-commerce apps. 

It was recently revealed in a CloudSEK BeVigil report that researchers discovered 21 e-commerce apps that had 22 hardcoded Shopify API keys and that these keys/tokens could potentially expose the personally identifiable information (PII) of roughly four million users to the possibility of identity theft. 

A hardcoded API key becomes visible to anyone with access to the code, including attackers and unauthorized users, as soon as the key is hardcoded in the code. An attacker can access sensitive data and perform actions on behalf of the program if they can access the hardcoded key. They can then use it to access sensitive data. The company said in a press release that even if they do not have the authorization to do so, they could still do it of their own volition. 

Information About Credit Cards

It is estimated that at least 18 of the 22 hardcoded keys allow attackers to use them to view sensitive data that belongs to customers. The researchers explained that this is based on their findings further in their report. A second report provided by the researchers states that seven API keys enable users to view and modify gift cards. In addition, six API keys allow a threat actor to steal information about payment accounts.  

As part of the sensitive data, collect name, email address, website address, country, address complete, phone number, and other information related to the shop owner is collected. The site also enables customers to access information regarding their past orders and their preferences for receiving emails.  

Regarding information on payment accounts, threat actors may be able to access details about banking transactions, like credit or debit cards used by customers to make purchases. These can be obtained by obtaining the BIN numbers of credit cards, the ending numbers of the cards, the name of the company that issued the cards, the IP addresses of browsers, the names on the cards, expiration dates, and other sensitive information. 

According to the researchers, one of the exposed API keys used by the shop provided shop details on authentication, hoping to show their point. 

Researchers have also pointed out that this is not a Shopify employee error but rather a widespread issue with app developers leaking API keys and tokens to third parties.   

An e-commerce platform such as Shopify enables businesses of all sizes to easily create an online store and, in turn, sell their products online. It is estimated that there are more than four million websites with Shopify integration today, enabling both physical and digital purchases from their online shoppers.   

CloudSEK notified Shopify about their findings however, no response has yet been received from Shopify in response.   
Read more »
Twitter
API Bots Cyberattacks Mobile Security Paywalls Twitter

Can Twitter Fix its Bot Crisis with an API Paywall?

 


A newly updated Twitter policy relating to the application programming interface (API) has just been implemented, according to researchers - and the changes will have a profound impact on social media bots, both positive (RSS integration, for example) and negative (political influencer campaigns), respectively. 

A tweet from the Twitter development team announced that starting February 9, the API would no longer be accessible for free. It was Elon Musk's personal amendment. Upon hearing some negative publicity, Elon Musk stepped in personally to amend the original terms of service - Twitter is to continue to provide its bots with a light, write-only API that allows them to produce high-quality content for free. 

In a computer program, APIs are used to enable different parts of the program to communicate with each other. An API provides an interface for two software programs to interact with one another. This is the same way that your computer provides an interface so that you can easily interact with all of its many complex functions. Enterprises, educational institutions, or bot developers who want to develop applications on Twitter are most likely to need the API for management and analytics. 

Whether you choose a limited or subscription model, we are at risk of displacing smaller, less well-funded developers and academics who have utilized free access to develop bots, applications, and research that provide real value for users. 

It is also pertinent to note that Twitter has been targeted by malicious bots since the start of time. The use of these social media platforms is on the increase by hackers spreading scams and by evil regimes spreading fake news, and that's without mentioning the smaller-scale factors that affect influencer culture, marketing, and general trolling, which are widespread as well. 

What are the pros and cons of using a paid API to solve Twitter's influence campaigns and bot-driven problems? Several experts believe the new move is just a smokescreen to cover up the real problem. 

Bad bots on Twitter 


According to a report published by the National Bureau of Economic Research in Cambridge, Mass., in May 2018, social media bots play a significant role in shaping public opinion, particularly at the local level. It was found that Twitter bots had been greatly influenced by the US presidential election and the UK vote on leaving the European Union. This was during the 2016 elections. Based on the data, it appears that the aggressive use of Twitter bots, along with the fragmentation of social media and the influence of sentiment, may all be factors that contributed to the outcome of the votes. 

In the UK, the increase in automated pro-leave tweets may have resulted in 1.76 percentage points of the actual pro-leave vote share is explained by the increasing volume of automated tweets. While in the US, 3.23 percentage points of the actual vote could be explained by the influence of bots. 

During that election, three states were critical swing states - Pennsylvania, Wisconsin, and Michigan - with a combined number of electoral votes that could have made the difference between victory or defeat - won the election by a mere fraction of a percent.   

Often, bots are just helpful tools that can be used by hackers to commit cybercrime at scale without necessarily swaying world history - this can make them a useful tool for committing cybercrime at scale. The use of Twitter bots by cyber criminals has been observed in the distribution of spam and malicious links on Twitter. This is as well as the amplifying of their content and profiles on the site. 

David Maynor, director of the Cybrary Threat Intelligence Team and chief technology officer for Dark Reading, explains in an interview that bots are an incredibly huge problem for the Internet. Some random objects taunt people so much that victims would spend hours or days trying to prove that they were wrong. That would be the real world. Bots also give Astroturf efforts a veneer of legitimacy, they do not deserve. 

Astroturfing is a type of marketing strategy designed to create an impression that a product or service has been chosen by the general public in a way that appears to be an independent assessment without actually being so (hiding sponsorship information, for instance, or presenting "reviews" as objective third-party assessments). 

Are Twitter's motives hidden? 


According to some people, Twitter's real motive behind placing its API behind a paywall has nothing to do with security, and instead, it could be something else entirely. The question is then, would a basic subscription plan be strong enough to guard against a cybercrime group, or indeed a lone scammer, who might be targeting your account? One of the most active operators of social media influence campaigns in the world is certainly not the Russian government. 

There are many mobile app security platforms and cloud-based solutions that can be used to eliminate bot traffic from mobile apps easily, and Elon Musk is well aware of these technologies. Ted Miracco, CEO at Approov, says: Bot traffic could be largely eliminated overnight if the proper technologies are implemented. 

Several methods and tools exist to help social media sites (and site owners and administrators of all types of websites) snuff out botnets, and they can be used by all our social media users. It is imperative to keep in mind that bots tend to respond predictably. They, for example, post regularly and only in certain ways. There are specialized tools that can help you identify entire networks of bots. By identifying just a few suspect accounts, these tools can help reveal what are a few suspect accounts. 

There is a theory that naming and shaming may well be critically significant in diagnosing malicious automated tweets along with detecting malicious automated tweets: This might not be popular, but it is the only way to stop bots and information operations. People and organizations must be tied to real-life accounts and organizations. 

In this regard, Livnek adds, Whilst this raises concerns about privacy and misuse of data, remember that these platforms are already mining all of the available data on the platforms to increase user engagement. Tying accounts to real-world identities wouldn't affect the platforms' data harvesting, but would instead enable them to stamp out bots and [astroturfing]. 

It seems a bit extreme to remove free API access before we have exhausted all feasible security measures that might have been available to us. 

As Miracco argues, the reason for this is an open secret in Silicon Valley - it is basically the elephant in the room. According to Miracco, social media companies are increasingly liking their bots in terms of generating revenue for them. 

Twitter makes money by selling advertisements and this is the basis of its business model. As a result, bots are viewed by advertisers as users, i.e. they generate revenue in the same way as users do. There is more money to be made when there are more bots. 

Tesla CEO Elon Musk threatened to pull out of his plan to buy Twitter in January, reportedly as a result of the revelation that a large portion of Twitter's alleged users is actually bots or other automated programming. As he transitioned from being an interested party to becoming the outright owner of the company, his mood may have changed. The Miracco Group's CEO predicts that "revealing the problem now will result in a precipitous fall in traffic, so revenue must be discovered along the way to maintain the company's relevance along the path to reduced traffic, which was the motivation behind the API paywall. His explanation is straightforward: the paywall is ostensibly used to stop bots, but the truth is that it is being used to drive revenue. 

There has just been the implementation of a paywall. Whether it will be able to solve Twitter's bot problem by itself or if it will only be a matter of Musk's pockets being lined, only time will tell. 

Despite a request from reporters for comment, Twitter did not respond immediately to the query.   
Read more »
Subscribe to: Posts (Atom)