Security News

An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material, indicating how such information could be used to combat serious crimes. Distributed via phishing, spam campaigns, cracked software, fake update websites, SEO poisoning, and malvertising, data harvested using such programs typically find their way onto the dark web in the form of stealer logs from where they are purchased by other cybercriminals to further their schemes.

Google is working on a new Unrestricted WebUSB feature, which allows trusted isolated web apps to bypass security restrictions in the WebUSB API. WebUSB is a JavaScript API that allows web applications to access local USB devices on a computer. Google is now testing an "Unrestricted WebUSB" feature that allows Isolated Web Apps to access these restricted devices and interfaces.

A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user's web activity....

Bots compose 42% of overall web traffic, and 65% of these bots are malicious, according to Akamai. Web scraping is not just a fraud or security problem, it is also a business problem.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Two men have been charged in a Chicago federal court for operating "Empire Market," a dark web marketplace that facilitated over $430 million in illegal transactions between February 2018 and August 2020. Empire Market was a popular dark web marketplace that sold illegal drugs, chemicals, jewelry, credit card numbers, counterfeit money bills, malware, and other illicit goods, offering payment options including Monero, Litecoin, and Bitcoin.

American financial services holding company Globe Life says attackers may have accessed consumer and policyholder data after breaching one of its web portals.The insurance company believes that taking down the affected web portal will not significantly impact its operations.

Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. The web shell enables further exploitation of the breached endpoints, such as enlisting them as part of the attackers' infrastructure to evade detection in subsequent operations.

The owner and operator of Incognito Market, a dark web marketplace for selling illegal narcotics online, was arrested at the John F. Kennedy Airport in New York on May 18. "LIN had ultimate control over more than one thousand vendors, more than 200,000 customers, and at least one other employee who assisted LIN in the management of the site," according to the indictment [PDF].