Security News

Once your personal data is up for sale, buyers can use it for financial gain or for doxing, a practice where malicious actors publicly reveal private information about you for all to see. In a blog post published Tuesday, security provider Kaspersky looks at the sale of personal data on the Dark Web and offers advice on how to protect your own data.

Animal Jam, just the latest in a string of attacks on gaming apps, has adopted a transparent communications strategy after stolen data turned up on a criminal forum. The company behind the wildly popular kids' game Animal Jam has announced that hackers stole a menagerie of account records during a breach of a third-party vendor's server in October - more than 46 million of them, in fact.

The Dark Web/Darknet continues to be an environment for bad actors to share stolen credentials and discuss successful attacks. Just as there's a lot of bad on the Dark Web, there is also good - mostly in the form of intel that can be used to help protect organizations from attacks.

In closed forums on the dark web, criminals are trading vast databases of consumer information gathered via data breaches and phishing attacks, but also through readily-available government databases. Already a marketplace for drugs, weapons, stolen bank details and leaked website databases, the dark web has now become a thriving underground community where individuals discuss and trade techniques for capitalizing on COVID-19.

While there has been a year-over-year decrease in publicly disclosed data breaches, an Arctic Wolf report reveals that the number of corporate credentials with plaintext passwords on the dark web has increased by 429 percent since March. For a typical organization, this means there are now, on average, 17 sets of corporate credentials available on the dark web that could be used by hackers.

Some claim that the Dark Web is another definition of the anonymizing network TOR, while others claim that the Dark Web is mainly comprised of dissident sites, with illegal activity only being a small part of it. Considering the fact that in the security industry, the Dark Web is mainly referenced in the context of intelligence work, to best define the scope of the Dark Web we need to look at it from that perspective - with the eyes of an intelligence operation.

A nine-month international operation spearheaded by the FBI has led to the arrest of 179 people across the world for selling drugs on the dark web. Operation DisrupTor, announced on Tuesday, also resulted in the seizure of $6.5m in cash and cryptocurrency as well as a 500kg haul of illegal drugs and 63 guns.

A global police sting has netted 179 vendors selling illegal goods online and seized millions in currency, drugs and guns, heralding an end to the "Golden age" of dark web markets, Europol said Tuesday. Led by the German federal criminal police "This takedown provided investigators with... data and materials to identify suspects behind dark web accounts used for illegal activity", Europol said.

In a new report into the global cybersecurity industry's exposure on the Dark Web this year, global application security company, ImmuniWeb, uncovered that 97% of leading cybersecurity companies have data leaks or other security incidents exposed on the Dark Web, while on average, there are over 4,000 stolen credentials and other sensitive data exposed per cybersecurity company. Key findings that the research found relating to the leading global cybersecurity companies' exposure on the Dark Web included:97% of companies have data leaks and other security incidents exposed on the Dark Web.

A Colorado man was sentenced this week to eleven years in prison for his role as a moderator on the AlphaBay cybercrime marketplace. When taken down in 2017, AlphaBay was the most popular Dark Web marketplace for illegal products, and had over 400,000 users.