Articles about Dark Web

New analysis of illicit dark web marketplaces where cybercriminals buy and sell access to corporate networks uncovers new insights into how initial access to compromised businesses is being sold -- often for less than $1,000 -- and the steps defenders can take to disrupt the process in its earliest stages.

Rapid7’s threat intelligence researchers analyzed hundreds of posts by Initial Access Brokers (IABs) offering access to compromised networks across a range of industries and regions. Their findings show that ‘initial’ access doesn’t necessarily equate to minimal; in many cases, this access represents a deep compromise.

Continue reading →

Dropbox has suddenly announced that it plans to discontinue its password manager, Dropbox Passwords. With the discontinuation coming at the end of October, users are left with very little time to find an alternative service.

The company is best known for its cloud storage service, and in announcing the impending shuttering of Dropbox Passwords it says that it wants “to focus on enhancing other features in our core product”. More than just closing down the password management side of things, Dropbox is also bringing dark web monitoring to an end.

Continue reading →

Initial access brokers (IABs) are the invisible engine of modern cybercrime. They don't execute ransomware attacks, but they do enable them.

Research from Check Point External Risk Management (formerly Cyberint) shows that IABs are increasingly targeting smaller businesses, with 60.5 percent of listings targeting SMBs (companies with $5M - $50M revenue), representing a new 'sweet spot' for attackers.

Continue reading →

User-friendly fraud kits that enable amateurs to execute complex attacks against thousands of accounts in minutes are widely available on the dark web according to the latest 2024 Report on Global Identity Fraud from AU10TIX.

FaaS platforms provide all the tools, templates and automation that fraudsters need, including deepfake generators to create synthetic selfies and videos, botnets to automate mass-scale account creation and takeover, and phishing kits for email and web-based scams.

Continue reading →

A total of 94 ransomware groups listed victims in 2024 (a 38 percent increase on 2023) with 49 new groups observed, according to a new report, reflecting further complexity in the ransomware landscape.

The study from Searchlight Cyber also finds an 11 percent increase in the number of total victims posted on ransomware leak sites in 2024 (5,728) compared to 2023 (5,081).

Continue reading →

Just as shoppers heading online for Black Friday and Cyber Monday deals a new report from Bitdefender uncovers interesting parallels with behavior on dark web marketplaces.

Cybercriminals too, it seems, browse for the best deals on an assortment of unconventional goods and services. In a digital underground that mirrors traditional e-commerce in many ways, these markets cater to buyers with specific -- and often illegal needs.

Continue reading →

A new report from Fortinet shows a range of activity around the upcoming US election including phishing scams aimed at voters and malicious domain registrations impersonating candidates.

Threat actors are selling affordable phishing kits on the dark net designed to target voters and donors by impersonating the presidential candidates and their campaigns.

Continue reading →

The presence of any data relating to an organization on the dark web demonstrably increases its risk of a cyberattack.

This probably won't come as too much of a surprise but it's confirmed by new research from Searchlight Cyber, the dark web intelligence company, and the Marsh McLennan Cyber Risk Intelligence Center.

Continue reading →

A new report from Fortinet shows that the second half of 2023 saw attackers increase the speed with which they capitalized on newly publicized vulnerabilities.

Attacks were carried out 43 percent faster than 1H 2023, starting on average 4.76 days after new exploits were publicly disclosed.

Continue reading →

One of the most common forms of cyberattack is credential stuffing, using exposed details on different sites to exploit the fact that people frequently reuse passwords.

Proton Mail is introducing a new Dark Web Monitoring feature that will alert customers if their credentials are exposed on the dark web, where stolen emails and credentials get bought and sold.

Continue reading →

The number of new posts on dark web forums about elections surged by 394 percent in 2023 compared to 2022, research released this week by cybersecurity firm NordVPN reveals. And in the first two months of 2024 alone, users have already published almost half as many posts.

With more than 60 countries holding national elections in 2024, representing over half of the world's population, this is a significant year in history for global democracy so it's unsurprising that there's an increase in interest.

Continue reading →

Web intelligence company Searchlight Cyber has released a new report on the ransomware landscape of the dark web, highlighting changing tactics and the groups that security teams need to look out for in 2024.

LockBit, BlackCat (also known as ALPHV or Noberus), and Cl0p were the most prolific ransomware groups of 2023 by the number of victims claimed on their dark web leak sites. However, a major finding of the report is that these groups' share of overall ransomware victims has actually decreased as the number of operators has grown.

Continue reading →

A new report from Delinea shows that, while still not back to 2021 levels, ransomware attacks are increasing.

What's more, mid-sized companies appeared to be in cybercriminals’ sights the most, with 65 percent saying they've been a ransomware victim over the past 12 months. Organizations are also paying ransoms more frequently, up to 76 percent from 68 percent the prior year.

Continue reading →

It's been another profitable year for the cybercriminal underworld. Once again, headlines have been regularly dominated by serious breaches such as the Royal Mail and Capita, whilst behind the scenes, criminal gangs have raked in huge profits.

The shadow economy of the dark web has continued to thrive and develop as a mirror of the legitimate business world. Threat actors are increasingly well-organized, from highly developed ransomware-as-a-service (RaaS) offerings to extremely lucrative vulnerability trading. Here, we'll delve into the most prominent trends driving the bustling dark web economy -- and how organizations can defend themselves against such threats.

Continue reading →

A new report from HP Wolf Security reveals cybercriminal marketplaces offering low-level attackers the tools needed to bypass detection and infect users in the form of so-called 'meal kits'.

These are pre-packaged malware kits which give low-level attackers all the ingredients to evade detection tools, making it easier for them to breach organizations and steal sensitive data.

Continue reading →