Dismiss this notice
Panda Dome Complete MakeUSLaugh Mother's Day 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=6837

Dismiss this notice
Iobit Driver Booster 6 Professional Mother's Day 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=6777

Dismiss this notice
Advanced SystemCare 12 Professional Mother's Day 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=6776


Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Billions of Malicious Bots Take to Cipher-Stunting to Hide
#1
Quote:Attackers have been tampering with TLS signatures at a scale never before seen using a technique called cipher-stunting.
 
When it comes to cyberattacks, adversaries are focusing not just on advanced malware development, but also on increasing the sophistication of their evasion techniques. This is playing out lately in the form of ballooning instances of “cipher stunting” – a TLS tampering technique that helps malicious bot activity masquerade as live human traffic on the web.
 
The idea is to avoid the web client fingerprinting technologies that help security tools and human analysts to differentiate between legitimate clients and impersonators/bots. The latter are often used in credential-stuffing attacks on login pages, for committing ad fraud, automated vulnerability scanning, credential-scraping and more.
 
Website traffic is usually carried out via HTTPS or HTTP over SSL/TLS, the most common encrypted network traffic protocols. Fingerprinting generally maps SSL/TLS handshakes and the information provided during those handshakes by the client, which is presented in the form of a “ClientHello” message. This contains the protocol version, a list of supported cipher suites used and other data. By building a real-time snapshot of the user-agent (client) that’s connecting to a website, defense mechanisms are able to evaluate that user-agent in order to spot suspicious bot activity.

SOURCE: https://threatpost.com/billions-bots-cip...ng/144763/
[-] The following 1 user Likes silversurfer's post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Latest Threads
Brave Browser Updates
Last Post: silversurfer
Yesterday 20:42
» Replies: 21
» Views: 770
Google Chrome Updates
Last Post: silversurfer
Yesterday 20:39
» Replies: 13
» Views: 529
Magecart Skimmer Poses as Payment Servic...
Last Post: silversurfer
Yesterday 18:50
» Replies: 0
» Views: 23
Attackers Could Use Mobile Device Sensor...
Last Post: silversurfer
Yesterday 18:47
» Replies: 0
» Views: 22
RogueKiller 13.2.1
Last Post: harlan4096
Yesterday 15:49
» Replies: 0
» Views: 26
Mozilla Firefox
Last Post: harlan4096
Yesterday 15:47
» Replies: 25
» Views: 2017
Tor Browser 8.0.2
Last Post: harlan4096
Yesterday 15:45
» Replies: 8
» Views: 232
K-Lite Codec Pack 14.5.0
Last Post: harlan4096
Yesterday 15:43
» Replies: 18
» Views: 514
LibreOffice 6.1.2
Last Post: harlan4096
Yesterday 15:41
» Replies: 6
» Views: 254
AV-Comparatives: Business Security Test ...
Last Post: harlan4096
Yesterday 15:39
» Replies: 0
» Views: 32
Avast! 19.5.4444
Last Post: harlan4096
Yesterday 15:36
» Replies: 0
» Views: 25
MRG Effitas: 360 Degree Assessment & Cer...
Last Post: harlan4096
Yesterday 15:31
» Replies: 0
» Views: 28
Researcher Drops Windows 10 Zero-Day Exp...
Last Post: silversurfer
Yesterday 12:21
» Replies: 0
» Views: 39
Google Warns G Suite Customers of Passwo...
Last Post: silversurfer
Yesterday 12:16
» Replies: 0
» Views: 31
Media Creation Tool for Windows 10 May 2...
Last Post: silversurfer
Yesterday 12:10
» Replies: 0
» Views: 28
Microsoft Confirms New Issues in Windows...
Last Post: silversurfer
Yesterday 12:05
» Replies: 0
» Views: 29
Apple Announces World's First 8-Core Mac...
Last Post: silversurfer
21 May 19 20:35
» Replies: 0
» Views: 43
Microsoft Redesigns Outlook Notification...
Last Post: silversurfer
21 May 19 20:33
» Replies: 0
» Views: 48
Chromium-Based Microsoft Edge Preview fo...
Last Post: silversurfer
21 May 19 20:29
» Replies: 0
» Views: 40
Mozilla Firefox 67 Now Available for Dow...
Last Post: silversurfer
21 May 19 20:27
» Replies: 0
» Views: 36

[-]
Staffs Online
There are no staff members currently online.