Tag: Combats | SpinSafe

Largest navigation device maker combats bots with Cequence’s API Spartan

March 13, 2024/in Internet Security

The world’s largest navigation device manufacturer has opted to secure its eCommerce experience and combat bot attacks with the bot detection and mitigation solution API Spartan, created by Cequence and part of the overarching Unified API Protection platform.

This decision was made in response to significant financial risks exposed by bot attacks. The company encountered approximately 100 million SSO login requests monthly, with 15 to 20 percent of these identified as malicious. They also revealed that account takeovers could result in costs ranging from $50 (40) to $12,000 (9,500) each. If left unchecked, these costs could culminate in billions potentially lost, spelling out disaster for the business.

Previously, the company had struggled with substandard bot protection from another internet security provider, who used rudimentary techniques reliant on identifying bad IP addresses. However, this method proved insufficient in detecting advanced malicious bots given its lack of behavioural analysis, leading to unresolved bot attacks and difficulties in ensuring business continuity and customer experience.

In searching for a more proactive solution to this predicament, the company turned to Cequence’s API Spartan. Cequence’s capabilities to discern genuine users from bots in real-time and adapt to evolving bot tactics appealed to the company, offering a reliable and future-proof answer to their bot issue.

“Bots aren’t just a technical nuisance; they’re customer experience assassins,” stated Ameya Talwalkar, CEO of Cequence. “Imagine loyal customers, eager to purchase your products, locked out by an army of automated bad actors. The frustration, lost sales, and reputational damage are a nightmare scenario no business can afford. That’s why Cequence is dedicated to providing solutions that go beyond simple bot detection. We empower companies to proactively safeguard their legitimate customers and foster a thriving online environment where trust and genuine interactions flourish.”

The OWASP API Security Top 10 highlights the vulnerability of poorly secured APIs to automated bot attacks, blurring the line between traditional API and bot attacks with unified security solutions…

Source…

Gov. Walz Combats False Reports That He Spent Thanksgiving Weekend In Florida, Has $400M Net Worth – WCCO

November 30, 2020/in Computer Security

MINNEAPOLIS (WCCO) — After a long weekend in which Gov. Tim Walz begged Minnesotans not to travel, some may have been surprised by some online reports.

Social media was filled with news that while protestors demonstrated against restrictions this weekend at his residence, Walz was vacationing in Florida.

Another widely-shared story is that Walz, who talks often of his and his wife’s careers as public school teachers, is suddenly a wealthy man, worth $400 million.

Walz says both the trip and his alleged wealth are definitely not true.

“I have not left the state since March, since [the pandemic] happened,” Walz said. “The thing I most worry about though is if you are willing to believe those types of things without any proof, you’re probably not going to listen to me when I tell you to wear a mask.”

The governor’s staff at first brushed off the comments, but then the volume increased, and the public began calling the governor’s office to complain about the imaginary Florida trip.

Mark Lanterman, a former cyber security investigator for the United States Secret Service, now runs the cybersecurity firm Computer Forensics Services.

“We need to remember that just because it’s on the internet doesn’t mean it’s true,” Lanterman said.

He says it’s important to remember websites, like the one that’s disseminating false information about Walz’s net worth, may also be making money.

“Many organizations with web pages get paid based on the number of clicks that are driven to their webpage, whether that’s a quarter cent or half a cent, it all depends,” Lanterman said.

The governor and Minnesota Department of Health Commissioner Jan Malcolm say this latest spread of fake news, like the virus, is weaving its way into people lives, creating an alternate reality that can also be deadly.

“It’s deeper than that because it goes to undermining the policies,” Walz said.

“People saying, ‘Well don’t bother to get tested because the state is cooking the numbers,’” Malcolm said. “That’s horribly dangerous.”

The governor’s office says they do not know where, or who, originated the reports. Lanterman says the origin of internet fake news stories…

Source…

Learn how Starbucks combats credential stuffing & account takeover (ATO)

February 6, 2019/in Computer Security

Graham Cluley Security News is sponsored this week by the folks at Shape Security. Thanks to the great team there for their support!

“These are not kids in mom’s basement attacking us.”

Nearly five million people around the globe buy Starbucks coffee from their mobile app every single day. Forty percent of those purchases are paid using Starbucks’ gift card/stored value system, making the app a ripe target for account takeover (ATO).

Starbucks was one of the first enterprises to identify the growing threat of credential stuffing and mass ATO attacks. The security team tried using WAFs and CDN-provided bot solutions, but found those methods were no match for ever-evolving attackers.

Watch Shape’s discussion with Starbucks to learn how the two companies partnered to help combat ATO and hear answers to questions including:

How have attackers evolved at Starbucks over the past three years?
How can we leverage a collective defense to turn the tide on attackers?
How does Starbucks balance security with user friction?

Shape Security is defining a new future in which excellent cybersecurity not only stops attackers, but also reduces friction for good customers. Shape disrupts the economics of cybercrime by making it too expensive for attackers to commit online fraud, while also enabling enterprises to more easily transact with genuine customers.

The Shape platform, covered by 55 patents, stops the most dangerous application attacks enabled by bots and cybercriminal tools, including credential stuffing (account takeover), fake account creation, and unauthorized aggregation.

If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

Graham Cluley

Commtouch’s New Mobile Security For Android Combats Fast-Growing Number … – Dark Reading

January 16, 2013/in Mobile Security

Commtouch's New Mobile Security For Android Combats Fast-Growing Number …
Dark Reading
The Mobile Security service and its client-based SDK use very little memory, bandwidth and battery time, leveraging the threat detection power of Commtouch's global cloud infrastructure instead of client-side resources. The SDK supports partner …

and more »

“mobile security” – read more

Tag Archive for: Combats