Tag: Threats

Overall Scanning Traffic Changes Lest the downward trend shown in Figure 2 makes it seem like overall scanning traffic may be abating, it’s important to note that the volume of scanning we observed has remained relatively constant, at least over the last three months, increasing by approximately 5.1% from August to September, then falling approximately…

Read More

In part two of this multi-part series on fake account creation bots, we look at why automation is used to create fake accounts and how they impact businesses. What is a Fake Account Creation Bot? A fake account creation bot is an automated computer program designed to create large numbers of fake accounts inside online…

Read More

In Part One of this series, we introduced fake account creation bots and why people create fake accounts, and in Part Two we covered why automation is used to create fake accounts and how fake accounts negatively impact businesses. In this article, we are going to focus on how to identify fake bot accounts. We…

Read More

Common Non-CVE Traffic It may be easy to conclude from the above figures that even though overall traffic has held steady, CVE exploitation attempts, at least for the CVEs and vulnerabilities we track, has decreased. That’s true, but there is a great deal of traffic that our sensor network sees that is not reflected in…

Read More

Introduction Black Friday is a popular shopping event throughout the United States of America and around the world. During Thanksgiving weekend and Cyber Monday (the Monday after Thanksgiving), thousands of companies offer steep product discounts that are not available at any other time, and consumers rush to buy these items while they are available. This…

Read More

Zooming Out to Look at 2023 One of the questions we frequently get asked about this data is about attribution, that is, who is doing the scanning. This is a difficult question, because it is quite well understood that many threat actors take great pains to do at least a bit of obfuscation of their…

Read More

Introduction This is the fourth article in our series on fake account creation bots. The previous articles have introduced these bots, described how they work. and discussed the motivations behind their use. We also covered the negative impact that fake account creation bots have on different kinds of businesses and why business and security leaders…

Read More

This view is also notable since it is the first time we’re seeing any of these newly added, high-profile CVEs show up. Second row, far right is CVE-2014-6271, an OS command injection vulnerability more commonly known as Shellshock/Bashdoor. Shellshock shows more targeting variability from month to month than most CVEs (not including CVE-2020-11625, which has…

Read More

Introduction Over the past few months, F5 Labs has presented a series of articles on fake account creation. We’ve covered why fraudsters create fake accounts and how automation is used to create fake accounts at scale. These articles have described how these fake accounts can negatively impact businesses, but also how security professionals identify fake accounts and leverage security controls to stop bots running fake…

Read More

After analyzing traffic from 159 bot defense customers, this review found that in the absence of a bot defense solution, Mobile APIs experience significantly more automation than Web applications. However, once a bot defense solution is deployed in mitigation/blocking mode, we see a reversal, with Web having higher levels of persistent attacks despite consistent mitigation.…

Read More