this post was submitted on 24 Sep 2024
3 points (71.4% liked)

Pulse of Truth

493 readers
135 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 1 year ago
MODERATORS
krogoth@infosec.pub
3
65% of websites are unprotected against simple bot attacks (www.helpnetsecurity.com)
submitted 1 month ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub
2 comments fedilink hide all child comments
 

Companies across industries are seeing more bot-driven attacks, both basic and advanced, according to DataDome. An analysis of over 14,000 websites uncovered alarming gaps in protection against cyber fraud, particularly within consumer-centric industries. E-commerce and luxury industries are prime targets for cybercriminals More than 65% of websites are unprotected against simple bot attacks, and 95% of advanced bot attacks go undetected on websites. Consumer-centric and digital native industries are prime targets for cybercriminals and have … More → The post 65% of websites are unprotected against simple bot attacks appeared first on Help Net Security.

top 2 comments
sorted by: hot top controversial new old
[–] Limonene@lemmy.world 4 points 1 month ago

"According to DataDome". A company who sells that as a service.

More likely, they just don't have any obvious protections that DataDome's lazy engineers could identify. They probably just checked IP ranges to see if the services were proxied by DataDome, Cloudflare, or another such service.

I don't trust anything DataDome says, because they are a known shitty service. They will arbitrarily block users, intercepting their requests to show a captcha page. Then, after the user correctly solves the captcha, they are directed to a page which reads simply "You have been blocked." There is a fake contact form at the bottom of the page, which submits appeals into a black hole.

Here's an example of the block page. This user is connecting from a proxy, so the block is expected, but DataDome is known to block residential IP addresses arbitrarily.

[–] XTL@sopuli.xyz 2 points 1 month ago

Given the rates with which bots scan things, that number seems pretty ridiculous, especially coming from a bot scan company.

Not that it isn't a big number, though. And new holes come up regularly.