Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In March 2024, the Sysdig Threat Research Team (TRT) began observing attacks against one of our Hadoop honeypot services from the domain “rebirthltdio). The threat actors operating the botnet are financially motivated and advertise their service primarily to the video gaming community, although there is no evidence that this botnet is not being purchased beyond gaming-related purposes, and organizations may still be at risk of falling victim to these botnets attacks.

The definition of Artificial Intelligence (AI) has been thrown around whilst it has risen to the top of the tech agenda over the past couple of years. Security professionals have determined AI to be a risk to businesses, and also an opportunity. But could it also be a way to better defend your network against attacks? For many years, AI and Machine Learning have gone hand in hand; with AI used to better determine defensive decisions and cut down on the human element in more basic functions.

The Sysdig Threat Research Team (Sysdig TRT) recently discovered a long-running botnet operated by a Romanian threat actor group, which we are calling RUBYCARP. Evidence suggests that this threat actor has been active for at least 10 years. Its primary method of operation leverages a botnet deployed using a variety of public exploits and brute force attacks.

In our last blog post, we unpacked what SEO poisoning is and how it diverts organic search traffic. We examined some prevalent rank theft techniques used in SEO poisoning attacks. In this follow-up, we will dive into how automation can be used to further SEO poisoning and ranking theft attacks. With bots, adversaries can execute coordinated ranking theft at a speed and scale not possible manually.

Anti-bot solutions have been around for a long time. Firewalls and WAFs are used by all kinds of businesses to protect their online assets from malicious bots. But as bots become more sophisticated and bot traffic volumes increase, many of these measures have become outdated and ineffective. If your anti-bot system isn’t performing, it could open your site to serious data breaches and other threats like Credential stuffing attacks and online fraud.

Bots cost the average business 4.3% of online revenues every year – or $85 million for the typical enterprise – so it’s critical that businesses invest in finding the right bot protection solution. If you’re coming up against resistance within your business when seeking to procure or upgrade your bot protection capabilities, this post will give you plenty of ideas for proving why better bot management is essential – in ways that matter to everyone in your organization.

Search engine optimisation (SEO) is crucial marketing tool for driving organic traffic to websites. It works on a simple premise that users trust top search results are the most relevant to their needs. In general, we will feel much more confident digesting content or buying products or services from top search engine results.

In a story that’s making rounds, Air Canada, Canada’s largest airline, is being ordered to pay a misled customer based on information they received from one of its chatbots.