Reblaze Wiki

Threats

There are many cyber threats out there and we will try to shed the light on most of them – especially in the web security field.

Application Abuse

Application abuse occurs when a web application or API is exploited to perform activities that were not intended by the developer. It is usually waged by bots, and app abuse includes a large variety of hostile bot activities that don’t fall into other categories.

Credit Card Fraud

Credit card fraud occurs when malicious actors use stolen credit card information in online transactions. The most common method of obtaining credit card information is via bots designed for that purpose.

Gift Card Fraud

One common method is for criminals to use bots to stuff possible card numbers into web applications until valid card numbers are found. Validated card numbers are used to purchase goods, or are sold for cash through various online services.

Vulnerability Scans

Threat actors use bots to automatically scan large numbers of systems for known vulnerabilities. When an exploitable system is found, hackers follow up with direct attacks.

Inventory Hoarding

Web applications which offer online purchasing or reservations are vulnerable to inventory hoarding (a.k.a. “Denial of Inventory”). In this attack, hostile bots make inventory unavailable to legitimate customers. For example, bots attack retail sites by adding products to shopping carts, but never completing the purchases.

Credential Attacks

User credentials are highly coveted commodities on the dark web. Hackers discover credentials by sending out bots to wage brute-force attacks; the bots attempt to gain access to a web application by trying every possible combination of letters, numbers, and symbols, to see which combinations work.