Security News > 2022 > June > There are 24.6 billion pairs of credentials for sale on dark web
More than half of the 24.6 billion stolen credential pairs available for sale on the dark web were exposed in the past year, the Digital Shadows Research Team has found.
Of the 24.6 billion credentials for sale, 6.7 billion of the pairs are unique, an increase of 1.7 billion over two years.
Bug bounty platform Bugcrowd founder and CTO Casey John Ellis has admitted his company's mistake in banning security researcher Soatok from its platform for, by all accounts, doing exactly what they told him to do.
A submission Soatok made was deemed invalid for not including an example of exploit code, which Soatok maintains was left out because cryptographic exploits are complicated to develop.
Because the bug had already been reported on Bugcrowd, Soatok's account was suspended for violating Bugcrowd's code of conduct.
Soatok said Bugcrowd's senior director of security ops, Michael Skelton, told him that Bugcrowd is prioritizing updates to its SecOps runbooks for cryptography, and are also working on filling a knowledge gap in the field.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/06/20/in_brief_security/
Related news
- Dark web crypto laundering kingpin sentenced to 12.5 years in prison (source)
- What Is the Dark Web? (source)
- What It Costs to Hire a Hacker on the Dark Web (source)
- Russia sentences Hydra dark web market leader to life in prison (source)
- Russia gives life sentence to Hydra dark web kingpin after seizing a ton of drugs (source)
- Scumbag gets 30 years in the clink for running CSAM dark-web chatrooms, abusing kids (source)