At the moment AI and their malicious bots are the scourge of the internet. They ignore all the conventions and implicit rules built on trust over many years. Cloudflare has called out Perplexity on this abuse at Perplexity is using stealth, undeclared crawlers to evade website no-crawl directives. You can also read more on the impact of these bots at The crawl before the fall… of referrals: understanding AI’s impact on content providers. Read more

Before I start I should probably say what credential stuffing and e-mail plus addressing are. Knowing what credential stuffing is will also let you understand why you should care. Definitions Credential Stuffing is a type of cyberattack where stolen account credentials typically consisting of lists of usernames and/or email addresses and the corresponding passwords (often from a data breach) are used to gain unauthorized access to user accounts through large-scale automated login requests directed against a web application. Unlike credential cracking, credential stuffing attacks do not attempt to brute force or guess any passwords – the attacker simply automates the logins for a large number (thousands to millions) of previously discovered credential pairs using standard web automation tools like Selenium, cURL, PhantomJS or tools designed specifically for these types of attacks such as: Sentry MBA, SNIPR, STORM, Blackbullet and Openbullet. Read more

If you run a so called “New Generation Firewall” it will probably have an IDS/IPS system that scans all traffic. This eats a lot of CPU and slows down your firewall. There are lots of reliable lists (blocklists) of IP addresses out there that you can use to drop traffic from the bad guys before scanning, saving lots of CPU and increasing your throughput. Research the lists you plan to use, here is a good place to start your research: FireHOL IP Lists. Make sure the listing and delisting policies of a list works for you. Read more