Security News

Some claim that the Dark Web is another definition of the anonymizing network TOR, while others claim that the Dark Web is mainly comprised of dissident sites, with illegal activity only being a small part of it. Considering the fact that in the security industry, the Dark Web is mainly referenced in the context of intelligence work, to best define the scope of the Dark Web we need to look at it from that perspective - with the eyes of an intelligence operation.

A nine-month international operation spearheaded by the FBI has led to the arrest of 179 people across the world for selling drugs on the dark web. Operation DisrupTor, announced on Tuesday, also resulted in the seizure of $6.5m in cash and cryptocurrency as well as a 500kg haul of illegal drugs and 63 guns.

A global police sting has netted 179 vendors selling illegal goods online and seized millions in currency, drugs and guns, heralding an end to the "Golden age" of dark web markets, Europol said Tuesday. Led by the German federal criminal police "This takedown provided investigators with... data and materials to identify suspects behind dark web accounts used for illegal activity", Europol said.

In a new report into the global cybersecurity industry's exposure on the Dark Web this year, global application security company, ImmuniWeb, uncovered that 97% of leading cybersecurity companies have data leaks or other security incidents exposed on the Dark Web, while on average, there are over 4,000 stolen credentials and other sensitive data exposed per cybersecurity company. Key findings that the research found relating to the leading global cybersecurity companies' exposure on the Dark Web included:97% of companies have data leaks and other security incidents exposed on the Dark Web.

A Colorado man was sentenced this week to eleven years in prison for his role as a moderator on the AlphaBay cybercrime marketplace. When taken down in 2017, AlphaBay was the most popular Dark Web marketplace for illegal products, and had over 400,000 users.

The personal information includes names, dates of birth, gender, physical addresses and email addresses, and election-specific data - such as when an individual registered to vote, voter registration numbers and polling stations - according to Kommersant, a Moscow-based newspaper. The outlet reported Tuesday that several databases of voter data turned up in an unnamed marketplace in late 2019.

There are three additional, sometimes overlooked sources of early warning clues of ransomware and breaches I have seen yield more direct, actionable insights in my years as an incident response leader. Ransomware attacks are a great example: A company typically calls in incident response once an attacker has detonated their ransomware payload and taken infected machines hostage.

Citrix on Wednesday denied claims that its systems have been breached and says the information being sold on the dark web actually comes from a third party and it's not very sensitive. Citrix has found no evidence that its systems have been compromised, and pointed out that hackers couldn't have moved from the third party's network to its own systems.

Citrix has taken the unusual step of rebutting dark web discourse that alleges its networks have been compromised. A Wednesday post penned by CISO Fermin J Serna says the company is aware of a "Threat intelligence report circulated concerning claims made on the dark web by a threat actor alleging compromise of the Citrix network, exfiltration of data, and attempts to escalate privileges to launch a ransomware attack."

Researchers have found 142 million personal details from former guests at the MGM Resorts hotels for sale on the Dark Web, evidence that a data leak from the hotel chain last summer may be far bigger in scope than previously thought. In the ad, the hacker makes a connection between the newly advertised credentials and a previously known leak of personal details of more than 10.6 million guests who had stayed at MGM Resorts.