Security News > 2022 > June > There are 24.6 billion pairs of credentials for sale on dark web

There are 24.6 billion pairs of credentials for sale on dark web
2022-06-20 12:15

More than half of the 24.6 billion stolen credential pairs available for sale on the dark web were exposed in the past year, the Digital Shadows Research Team has found.

Of the 24.6 billion credentials for sale, 6.7 billion of the pairs are unique, an increase of 1.7 billion over two years.

Bug bounty platform Bugcrowd founder and CTO Casey John Ellis has admitted his company's mistake in banning security researcher Soatok from its platform for, by all accounts, doing exactly what they told him to do.

A submission Soatok made was deemed invalid for not including an example of exploit code, which Soatok maintains was left out because cryptographic exploits are complicated to develop.

Because the bug had already been reported on Bugcrowd, Soatok's account was suspended for violating Bugcrowd's code of conduct.

Soatok said Bugcrowd's senior director of security ops, Michael Skelton, told him that Bugcrowd is prioritizing updates to its SecOps runbooks for cryptography, and are also working on filling a knowledge gap in the field.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/06/20/in_brief_security/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Billion 2 0 1 6 3 10