Aggregator

De start van de bouw van de nieuwe marinierskazerne in Nieuw-Milligen loopt verdere vertraging op. Dit heeft alles te maken met de stikstofcrisis.  

As Black Friday 2024 nears, online retailers are preparing for a surge in demand, particularly for deals, discounts, and bundles on popular gaming consoles like the PS5, Xbox, and Nintendo Switch, along with their accessories.

However, this excitement also attracts sophisticated fraudsters who use bots to capitalize on the limited availability of these consoles and other sought-after items. 

Bot operators and scalpers have refined their tactics, leveraging fake account creation as a primary tool to bypass purchase limits. By deploying bots at scale, they quickly create multiple accounts to snatch up inventory, preventing genuine customers from securing these high-demand products. These accounts can then purchase consoles in bulk, with scalpers profiting by reselling them at inflated prices on secondary markets.

DataDome’s recent analysis underscores the growing threat posed by bots, revealing that many online retailers are not sufficiently prepared for these attacks. Without proper bot protection, e-commerce platforms risk losing control over inventory and revenue, while consumer trust and brand reputation suffer in the process.

For retailers, proactive bot protection is essential to ensure gaming enthusiasts, rather than bot-driven scalpers, can access consoles this Black Friday.

Security Assessment of E-Commerce Sites

Using open-source bot frameworks with minimal configuration, DataDome tested 14 major e-commerce websites in the US, UK, and EU to assess their readiness against bot attacks. 

Key findings:

• 100% of Tested Sites Allow Fake Account Creation 

• Nearly one-third of the tested sites allowed bots to create an account without advanced techniques.
• Almost three-fourths allowed bots to create an account using advanced techniques like CAPTCHA solving or MFA handling.
• This indicates a serious gap in preventing mass account creation, a tactic commonly used by fraudsters to circumvent purchase limits.

• Most Lack Basic Security Measures

• Most (57.2%) of the websites did not deploy a CAPTCHA challenge to protect the registration process.
• 64% of the websites failed to validate provided email addresses, allowing for account creation using disposable emails, alias tricks, and dot techniques. These loopholes are easily exploited by bots to create multiple accounts.

• Weak Authentication Practices

• Half of the websites allowed a bot to login to an account without advanced techniques.
• 35.7% of the websites allowed a bot to login to an account with advanced techniques like CAPTCHA solving or MFA handling.
• Even those that implemented MFA could be bypassed using common tactics like rented phone numbers or SMTP access.

Implications and Risks

• • Credential Stuffing: Attackers use bots to attempt stolen username and password combinations across multiple sites, aiming to steal personal data, loyalty points, or unused credit.

• Mass Fake Account Creation: Attackers use bots to create thousands of fake accounts, enabling them to place large orders under different identities. Even if retailers implement stricter controls later, these accounts can be reused in future attacks.

• Reputation Damage and Loss of Customer Trust: Security breaches can lead to significant reputational damage, potentially eroding customer trust..
• Financial Implications: The financial losses from fraudulent activities and chargebacks, could be substantial for retailers.

Recommendations

To mitigate these risks, retailers can take steps to enhance their security posture:

• Enhanced Authentication: Deploy multi-factor authentication across all critical user interactions, including account creation, logins and transactions, to add a layer of protection against unauthorized access​.
• Email Validation: Validate email addresses at account creation to prevent disposable email services and alias tricks. Implementing email verification processes like “verify your email” steps will help reduce fake account creation​.
• Advanced Bot Protection: Employ sophisticated bot management solutions that provide real-time detection and mitigation of automated threats​​. In particular, the bot protection must be resilient against sophisticated attackers capable of passing CAPTCHAs using CAPTCHA farms, be able to detect attacks started from thousands of IP addresses using proxies, and be able to detect bots that mimic human-like behavior.

Conclusion

To enhance their attacks, fraudsters often modify open-source bot frameworks to bypass detection. These modifications make bots harder to detect by traditional methods. Our tests, using minimal modifications, were able to bypass most bot protection systems—highlighting the potential scale of damage a more resourceful attacker could cause.

As bot operators share methods and techniques in underground forums, their attacks will continue to grow in sophistication, outpacing the detection capabilities of websites using basic bot protection solutions.

Retailers must prioritize bot protection to safeguard their businesses and customers during high-traffic events like Black Friday. Bots will target popular, limited-edition products, causing inventory shortages and frustrated customers. By deploying real-time bot detection and comprehensive fraud prevention, businesses can maintain control over their inventory and protect their bottom line.

The post Security Alert: Fake Accounts Threaten Black Friday Gaming Sales appeared first on Security Boulevard.

Effective vulnerability management has moved from a reactive process to a proactive, strategic imperative. Gartner 2024 report, How to Grow Vulnerability Management Into Exposure Management, says “Creating prioritized lists of security vulnerabilities isn’t enough to cover all exposures or find actionable solutions. Security operations managers should go beyond vulnerability management and build a continuous threat […]

The post How Veriti Evolves Vulnerability Management Into Exposure Management which we believe aligns with the Gartner® approach  appeared first on VERITI.

The post How Veriti Evolves Vulnerability Management Into Exposure Management which we believe aligns with the Gartner® approach  appeared first on Security Boulevard.

Hold on, let’s guess.  You’ve moved a ton of your business to the cloud – storage, applications, the whole nine yards. Cloud computing offers flexibility, scalability, and a bunch of...

The post Cloud Pentesting 101: What to Expect from a Cloud Penetration Test appeared first on Strobes Security.

The post Cloud Pentesting 101: What to Expect from a Cloud Penetration Test appeared first on Security Boulevard.

A vulnerability was found in Apache Tomcat up to 9.0.96/10.1.31/11.0.0. It has been rated as problematic. This issue affects some unknown processing of the component Object Handler. The manipulation leads to an unknown weakness. The identification of this vulnerability is CVE-2024-52318. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apache Tomcat up to 9.0.95/10.1.30/11.0.0-M26. It has been declared as problematic. This vulnerability affects unknown code of the component HTTP2 Request Handler. The manipulation leads to an unknown weakness. This vulnerability was named CVE-2024-52317. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Django CMS up to 3.11.7/3.11.8/4.1.2/4.1.3. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-11319. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Злоумышленники могли получить несанкционированный доступ к серверам компаний.

A vulnerability was found in Firebase JavaScript SDK up to 10.8.x and classified as problematic. Affected by this issue is some unknown functionality of the component Cookie Handler. The manipulation of the argument _authTokenSyncURL leads to cross site scripting. This vulnerability is handled as CVE-2024-11023. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apache Tomcat up to 9.0.95/10.1.30/11.0.0-M26 and classified as critical. Affected by this vulnerability is an unknown functionality of the component ServerAuthContext Component. The manipulation leads to unchecked error condition. This vulnerability is known as CVE-2024-52316. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

火力全开！

The Microsoft 365 Admin Portal is being abused to send sextortion emails, making the emails appear trustworthy and bypassing email security platforms. [...]

Cybersecurity is a fast-growing field, with a constant need for skilled professionals. But unlike other professions — like medicine or aviation — there’s no clear-cut pathway to qualifying for cybersecurity positions. For employers and job seekers alike, this can make the journey to building a team (or entering a successful cybersecurity career) feel uncertain. Enter the registered apprenticeship program — a proven method for developing skilled talent in cybersecurity that benefits both the employer and the new professional. Let’s commit to supporting this important talent development approach

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-1212 Progress Kemp LoadMaster OS Command Injection Vulnerability
• CVE-2024-0012 Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability
• CVE-2024-9474 Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability

Users and administrators are also encouraged to review the Palo Alto Threat Brief: Operation Lunar Peek related to CVE-2024-0012, the Palo Alto Security Bulletin for CVE-2024-0012, and the Palo Alto Security Bulletin for CVE-2024-9474 for additional information. 

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.