Security News > 2022 > June > There are 24.6 billion pairs of credentials for sale on dark web
More than half of the 24.6 billion stolen credential pairs available for sale on the dark web were exposed in the past year, the Digital Shadows Research Team has found.
Of the 24.6 billion credentials for sale, 6.7 billion of the pairs are unique, an increase of 1.7 billion over two years.
Bug bounty platform Bugcrowd founder and CTO Casey John Ellis has admitted his company's mistake in banning security researcher Soatok from its platform for, by all accounts, doing exactly what they told him to do.
A submission Soatok made was deemed invalid for not including an example of exploit code, which Soatok maintains was left out because cryptographic exploits are complicated to develop.
Because the bug had already been reported on Bugcrowd, Soatok's account was suspended for violating Bugcrowd's code of conduct.
Soatok said Bugcrowd's senior director of security ops, Michael Skelton, told him that Bugcrowd is prioritizing updates to its SecOps runbooks for cryptography, and are also working on filling a knowledge gap in the field.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/06/20/in_brief_security/
Related news
- Companies mentioned on the dark web at higher risk for cyber attacks (source)
- Dutch police arrest admin of 'Bohemia/Cannabia' dark web market (source)
- Dutch cops reveal takedown of 'world's largest dark web market' (source)
- Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation (source)
- Finland seizes servers of 'Sipultie' dark web drugs market (source)
- Dark web crypto laundering kingpin sentenced to 12.5 years in prison (source)