Insecure APIs and Bot Attacks Cost Global Firms $186bn
Thales claims API insecurity and automated bot abuse is costing organizations an estimated $186bn annually
Abuse covers the misuse of accounts, services, and systems for fraud, intrusion, harassment, or other harmful cyber activity.
Search across headline titles and summaries.
Background for this topic.
Abuse in cybersecurity means using systems, networks, or services in unauthorized or harmful ways, such as sending spam, hijacking accounts, or launching Distributed Denial of Service (DDoS) attacks. It often exploits weak authentication, misconfigurations, or gaps in policies to gain access or disrupt services. Common abuse techniques include credential stuffing, phishing, and using compromised infrastructure to amplify attacks.
Managing abuse is critical because it can degrade service availability, expose sensitive data, and damage organizational reputation. Security teams focus on detecting unusual activity patterns, enforcing multi-factor authentication, and applying rate limits to reduce automated abuse. Timely abuse reporting and automated detection tools help identify and block malicious behavior, making abuse mitigation a key part of maintaining secure and reliable systems.
Thales claims API insecurity and automated bot abuse is costing organizations an estimated $186bn annually
Ransomware gangs like BianLian and Rhysida increasingly use Microsoft's Azure Storage Explorer and AzCopy to steal data from breached networks and store it in Azure Blob storage. [...]
Three days after Ivanti published an advisory about the high-severity vulnerability CVE-2024-8190, threat actors began to abuse the flaw.
White House issues new voluntary commitments to combat image-based sexual abuse in AI
Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages that are designed to harvest users' credentials