Security News

The owner and operator of Incognito Market, a dark web marketplace for selling illegal narcotics online, was arrested at the John F. Kennedy Airport in New York on May 18. "LIN had ultimate control over more than one thousand vendors, more than 200,000 customers, and at least one other employee who assisted LIN in the management of the site," according to the indictment [PDF].

With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attackers. From account takeovers to malicious extensions to...

Europol, the European Union's law enforcement agency, confirmed that its Europol Platform for Experts portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only documents containing classified data."No operational information is processed on this EPE application. No core systems of Europol are affected and therefore, no operational data from Europol has been compromised."

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

ReNgine is an open-source automated reconnaissance framework for web applications that focuses on a highly configurable and streamlined recon process. ReNgine was developed to overcome the constraints of conventional reconnaissance tools.

Reddit is investigating a major outage blocking users worldwide from accessing the social network's websites and mobile apps. Mobile users also report seeing an "Error: Choose failed Missing field 'user id'" error or an outage icon with the Reddit alien logo on the mobile app.

Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests.

Since June 2023, Sophos X-Ops has discovered 19 junk gun ransomware variants - cheap, independently produced, and crudely constructed - on the dark web. "Over the past two months some of the biggest players in the ransomware ecosystem have disappeared or shut down, and, in the past, we've also seen ransomware affiliates vent their anger over the profit-sharing scheme of RaaS. Nothing within the cybercrime world stays static forever, and these cheap versions of off-the-shelf ransomware may be the next evolution in the ransomware ecosystem-especially for lower-skilled cyber attackers simply looking to make a profit rather than a name for themselves," Budd concluded.

In many cases, practitioners have struggled to find value in monitoring the dark web, particularly where a vendor sells them on a comprehensive package but doesn't align the value with the organization's security needs. In other cases organizations may believe they are too small for dark web monitoring to be valuable, but in many cases startups and other small organizations are targeted because they are small.

Despite this, there are still things that you can do to make your web apps more resistant to social engineering. With this in mind, consider implementing these strategies at your organization to protect your web applications and reduce the chance of falling victim to social engineering.