Security News

Threat actors have leaked 1 million stolen credit cards for free online as a way to promote a fairly new and increasingly popular cybercriminal site dedicated toselling payment-card credentials. The leaked credit cards include the following fields: Credit-card number, expiration date, CVV, name, country, state, city, address, ZIP code, email and phone number, according to threat actors.

In its latest research, security specialist Positive Technologies documents how the market enabling initial access to corporate networks has evolved through 2020 and into early 2021, and reveals that the number of 'access-for-sale' ads on the dark web has increased seven-fold compared with previous years. The company's researchers believe the cybercriminal profile is changing in multiple ways; the profile of an external intruder who gains initial access to a corporate network is different from the criminal who follows through with the attack once inside-most importantly, the two have different skillsets.

The number of ads selling access to corporate networks has continued to increase from 2019 to 2020 and into 2021, says Positive Technologies. A report released Wednesday by security provider Positive Technologies looks at the selling of network access on the Dark Web and examines how this threat continues to grow.

Last year saw a 429% increase in the number of corporate login details with plaintext passwords exposed on the dark web. Luckily, organizations are not totally helpless when it comes to its passwords being put up for sale on the dark web.

The U.S. Department of Justice has charged an individual for engaging in insider trading on the darknet. Greece-based Apostolos Trovias, known as the "The Bull" frequently used encrypted messaging services and the dark web for soliciting, exchanging and selling inside information.

ZeroFox announced it has joined forces with Vigilante, a globally recognized expert in Dark Web Threat Intelligence, adding to its intelligence portfolio. ZeroFox's now-enhanced platform delivers the ability to understand public attack surface exposure and protect organizations from dark web activity at an even greater scale.

Researchers added the attack also included public and private keys of LimeVPN users. "The hacker informed us that they have the private keys of every user, which is a serious security issue as it means they can easily decrypt every LimeVPN user's traffic," the firm said in a posting.

Bogus COVID-19 test results, fraudulent vaccination cards, and questionable vaccines are emerging a hot commodity on the dark web in what's the latest in a long list of cybercrimes capitalizing on the coronavirus pandemic. "As a result, illegal COVID-19 vaccines and vaccination records are in high demand on darknet marketplaces."

An unknown threat actor managed to control more than 27% of the entire Tor network exit capacity in early February 2021, a new study on the dark web infrastructure revealed. "The entity attacking Tor users is actively exploiting tor users since over a year and expanded the scale of their attacks to a new record level," an independent security researcher who goes by the name nusenu said in a write-up published on Sunday.

We look at the big-money hacks from the 2021 Pwn2Own competition. We investigate the difficulties of hiring an assassin via the dark web.