now browsing by tag


#deepweb | Hundreds arrested in ‘dark web’ paedophile sting

Source: National Cyber Security – Produced By Gregory Evans

A total of 337 people in 38 countries have been arrested in an international operation targetting paedophiles on one of the world’s “largest dark web child porn marketplaces”, investigators have announced.

The suspects – from nations including the UK, Ireland, the US and Saudi Arabia – were tracked down after investigators identified a website hosting more than 200,000 videos, “which had collectively been downloaded more than a million times”, says the BBC. A notice on the dark web site, called Welcome To Video, instructed users to upload only child pornography.

The US Department of Justice has charged a 23-year-old South Korean man, named as Jong Woo Son, with running the site. He is already serving an 18-month sentence in his own country for charges related to child abuse images, according to the Daily Mail.

“I’m immensely proud of the role we played in catching some very depraved and dangerous global offenders and for beginning the work that eventually caught Jong Woo Son,” said the UK’s National Crime Agency (NCA) investigations lead, Nikki Holland.

“Dark web child sex offenders…cannot hide from law enforcement,” she added. “They’re not as cloaked as they think they are, they’re not as safe as they think they are.”

For a round-up of the most important stories from around the world – and a concise, refreshing and balanced take on the week’s news agenda – try The Week magazine. Get your first six issues free

The investigation was sparked by the probe into British paedophile Matthew Falder, who was imprisoned in 2018 for 32 years after carrying out a campaign of abuse against vulnerable children and adults online, says The Telegraph.

Following the arrest of the scientist and university academic, police began investigating the dark web sites that he had been using to share abuse images and tips with fellow child abusers.

The site at the centre of the latest police sting was “one of the first to offer sickening videos for sale using the cryptocurrency bitcoin”, said the NCA. Members were identified after investigators were able to trace digital transactions back to them.

Seven men in the UK have already been convicted in connection with the site. One of the convicted abusers was jailed for 22 years for raping a five-year-old boy and appearing on Welcome To Video sexually abusing a three-year-old girl.

The international police operation is one of the biggest of its kind since 2014, when Australia’s Task Force targetted a child abuse dark web site with tens of thousands of active users. Police were able to take over the site, using the account of a user who had been arrested, and “for six months in 2014 Task Force Argos… [had] access to the forum’s every crevice, and the private messages of all 45,000 users”, according to The Guardian.

One of those users was Richard Huckle, a Briton living in Malaysia, who was given 22 life sentences in 2016 after pleading guilty to 71 charges of sex abuse of children aged between six months and 12 years.

Huckle was found stabbed to death in his cell in a Yorkshire prison earlier this week.

Source link

The post #deepweb | <p> Hundreds arrested in ‘dark web’ paedophile sting <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Dark web websites: 10 things you should know

Source: National Cyber Security – Produced By Gregory Evans

Back in the 1970s, “darknet” wasn’t an ominous term: it simply referred to networks that were isolated from the mainstream of ARPANET for security purposes. But as ARPANET became the internet and then swallowed up nearly all the other computer networks out there, the word came to identify areas that were connected to the internet but not quite of it, difficult to find if you didn’t have a map.

The so-called dark web, a catch-all phrase covering the parts of the internet not indexed by search engines, is the stuff of grim legend. But like most legends, the reality is a bit more pedestrian. That’s not to say that scary stuff isn’t available on dark web websites, but some of the whispered horror stories you might’ve heard don’t make up the bulk of the transactions there.

We spoke to some security pros who offered to give us a bit of a guided tour of the web’s nether regions. Hopefully it will demystify things a bit.

Here are ten things you might not know about the dark web.

New dark web sites pop up every day…

A 2015 white paper from threat intelligence firm Recorded Future examines the linkages between the Web you know and the darknet. The paths usually begin on sites like Pastebin, originally intended as an easy place to upload long code samples or other text but now often where links to the anonymous Tor network are stashed for a few days or hours for interested parties. 

While searching for dark web sites isn’t as easy as using Google—the point is to be somewhat secretive, after all—there are ways to find out what’s there.  The screenshot below was provided by Radware security researcher Daniel Smith, and he says it’s the product of “automatic scripts that go out there and find new URLs, new onions, every day, and then list them. It’s kind of like Geocities, but 2018″—a vibe that’s helped along by pages with names like “My Deepweb Site,” which you can see on the screenshot.

fresh onions Daniel Smith

…and many are perfectly innocent

Matt Wilson, chief information security advisor at BTB Security, says that “there is a tame/lame side to the dark web that would probably surprise most people. You can exchange some cooking recipes—with video!—send email, or read a book. People use the dark web for these benign things for a variety of reasons: a sense of community, avoiding surveillance or tracking of internet habits, or just to do something in a different way.”

It’s worth remembering that what flourishes on darknet is material that’s been banned elsewhere online. For example, in 2015, in the wake of the Chinese government cracking down on VPN connections through the so-called “great firewall,” Chinese-language discussions started popping up on the darknet — mostly full of people who just wanted to talk to each other in peace.

Radware’s Smith points out that there are a variety of news outlets on the dark web, ranging from the news website from the hacking group Anonymous to the New York Times, shown in the screenshot here, all catering to people in countries that censor the open internet.

nytimes Daniel Smith

Some spaces are by invitation only

Of course, not everything is so innocent, or you wouldn’t be bothering to read this article. Still, “you can’t just fire up your Tor browser and request 10,000 credit card records, or passwords to your neighbor’s webcam,” says Mukul Kumar, CISO and VP of Cyber Practice at Cavirin. “Most of the verified ‘sensitive’ data is only available to those that have been vetted or invited to certain groups.”

How do you earn an invite into these kinds of dark web sites? “They’re going to want to see history of crime,” says Radware’s Smith. “Basically it’s like a mafia trust test. They want you to prove that you’re not a researcher and you’re not law enforcement. And a lot of those tests are going to be something that a researcher or law enforcement legally can’t do.”

There is bad stuff, and crackdowns means it’s harder to trust

As recently as last year, many dark web marketplaces for drugs and hacking services featured corporate-level customer service and customer reviews, making navigating simpler and safer for newbies. But now that law enforcement has begun to crack down on such sites, the experience is more chaotic and more dangerous.

“The whole idea of this darknet marketplace, where you have a peer review, where people are able to review drugs that they’re buying from vendors and get up on a forum and say, ‘Yes, this is real’ or ‘No, this actually hurt me’—that’s been curtailed now that dark marketplaces have been taken offline,” says Radware’s Smith. “You’re seeing third-party vendors open up their own shops, which are almost impossible to vet yourself personally. There’s not going to be any reviews, there’s not a lot of escrow services. And hence, by these takedowns, they’ve actually opened up a market for more scams to pop up.”

Reviews can be wrong, products sold under false pretenses—and stakes are high

There are still sites where drugs are reviewed, says Radware’s Smith, but keep in mind that they have to be taken with a huge grain of salt. A reviewer might get a high from something they bought online, but not understand what the drug was that provided it.

One reason these kinds of mistakes are made? Many dark web drug manufacturers will also purchase pill presses and dyes, which retail for only a few hundred dollars and can create dangerous lookalike drugs. “One of the more recent scares that I could cite would be Red Devil Xanax,” he said. “These were sold as some super Xanax bars, when in reality, they were nothing but horrible drugs designed to hurt you.”

The dark web provides wholesale goods for enterprising local retailers…

Smith says that some traditional drug cartels make use of the dark web networks for distribution—”it takes away the middleman and allows the cartels to send from their own warehouses and distribute it if they want to”—but small-time operators can also provide the personal touch at the local level after buying drug chemicals wholesale from China or elsewhere from sites like the one in the screenshot here. “You know how there are lots of local IPA microbreweries?” he says. “We also have a lot of local micro-laboratories. In every city, there’s probably at least one kid that’s gotten smart and knows how to order drugs on the darknet, and make a small amount of drugs to sell to his local network.”

xanax Daniel Smith

…who make extensive use of the gig economy

Smith describes how the darknet intersects with the unregulated and distributed world of the gig economy to help distribute contraband. “Say I want to have something purchased from the darknet shipped to me,” he says. “I’m not going expose my real address, right? I would have something like that shipped to an AirBnB—an address that can be thrown away, a burner. The box shows up the day they rent it, then they put the product in an Uber and send it to another location. It becomes very difficult for law enforcement to track, especially if you’re going across multiple counties.”

Not everything is for sale on the dark web

We’ve spent a lot of time talking about drugs here for a reason. Smith calls narcotics “the physical cornerstone” of the dark web; “cybercrime—selling exploits and vulnerabilities, web application attacks—that’s the digital cornerstone. Basically, I’d say a majority of the darknet is actually just drugs and kids talking about little crimes on forums.”

Some of the scarier sounding stuff you hear about being for sale often turns out to be largely rumors. Take firearms, for instance: as Smith puts it, “it would be easier for a criminal to purchase a gun in real life versus the internet. Going to the darknet is adding an extra step that isn’t necessary in the process. When you’re dealing with real criminals, they’re going to know someone that’s selling a gun.”

Specific niches are in

Still, there are some very specific darknet niche markets out there, even if they don’t have the same footprint that narcotics does. One that Smith drew my attention to was the world of skimmers, devices that fit into the slots of legitimate credit and ATM card readers and grab your bank account data.

And, providing another example of how the darknet marries physical objects for sale with data for sale, the same sites also provide data manual sheets for various popular ATM models. Among the gems available in these sheets are the default passwords for many popular internet-connected models; we won’t spill the beans here, but for many it’s the same digit repeated five times.

atm skinners Daniel Smith

It’s still mimicking the corporate world

Despite the crackdown on larger marketplaces, many dark web sites are still doing their best to simulate the look and feel of more corporate sites. 

elude Daniel Smith

The occasional swear word aside, for instance, the onion site for the Elude anonymous email service shown in this screenshot looks like it could come from any above-board company.

One odd feature of corporate software that has migrated to the dark web: the omnipresent software EULA. “A lot of times there’s malware I’m looking at that offers terms of services that try to prevent researchers from buying it,” he says. “And often I have to ask myself, ‘Is this person really going to come out of the dark and trying to sue someone for doing this?”https://www.csoonline.com/”

And you can use the dark web to buy more dark web

And, to prove that any online service can, eventually, be used to bootstrap itself, we have this final screenshot from our tour: a dark web site that will sell you everything you need to start your own dark web site.

docker Daniel Smith

Think of everything you can do there—until the next crackdown comes along.

Copyright © 2018 IDG Communications, Inc.

Source link

The post #deepweb | <p> Dark web websites: 10 things you should know <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Don’t be scared of the Dark (Web)!

Source: National Cyber Security – Produced By Gregory Evans

Zur’s premise is that the Dark Web can be a tool as useful as the Internet browsers we use every day in our work. Here are his five things to know about the Dark Web.

1. Anyone can access the Dark Web, even you

Accessing the Dark Web is a lot easier than you think. There are a few dark web browsers that you can download, just as you would with Google Chrome or Safari, but the most notable of them is Tor. Tor, otherwise known as the ‘Onion Router’ for all of the deep layers of web, allows you to surf the dark web through multiple routing server connections around the world that are encrypted at each step. This allows users to access so-called hidden services underground while maintaining anonymity online.

2. It’s not all bad

So, it’s definitely true that the Dark Web is home to the darkest corners of the earth, including platforms where you can buy illegal goods, launder currency, get fake passports, and even hire killers. However, there’s a much more innocent side of the Dark Web that would surprise most people. There are cookie recipe sites, book recommendations, and communities of people who are simply looking to avoid Internet tracking.

3. Using the Dark Web won’t give you a virus, but you do need to be safe

Surfing sites on Tor alone shouldn’t cause you alarm, but habits such as having multiple browsers open at once are what lead to trouble. For example, having Tor open while also browsing on websites we use every day means you can throw your anonymity out the window. Information can cross between two browsers through embedded JavaScript code and other ways. You’ll also want to avoid using any credentials or handles that may give away your real-life identity. Remember, Tor is still full of very clever hackers, whether they’re exchanging cookie recipes or not.

4. You may find your data or your company’s

Distasteful as you may find it, doing Dark Web due diligence on yourself or your company is a useful exercise.  It’s important to know what information is out there for sale that could lead to misuse of data and theft. Knowing about your vulnerabilities is just one aspect of threat prevention.

5. Bitcoin is the currency of choice

Bitcoin digital currency offers an anonymous source of payment, which of course makes it attractive to those looking to avoid tracking. With low supply, convenience and impossible to counterfeit, Bitcoin is generally considered to be the most popular digital currency on the Dark Web.

Cybint offers numerous resources to help professionals navigate the world of cyber and its risk and opportunities.

  • Join us for a threat intelligence webinar Friday, April 5, 2019 at 3:30 p.m. Eastern.
  • Download Cybint Solutions free Dark Web 101 Guide 
  • Learn more about Cybint’s network of regional cyber centers of excellence for leading-edge training and education opportunities for professionals and organizations.

About Cybint Solutions

Cybint Solutions is a Cyber Education company committed to solving the skills-gap and market shortage in cybersecurity through innovative education and training solutions for all levels of expertise. Cybint integrates emerging cyber technologies, hands-on environments and evergreen content into a cutting-edge learning platform for businesses, higher-education institutions, government agencies and regional cyber centers worldwide. With an eye toward preparing the next generation of cyber experts, Cybint creates a deep and powerful global network of cyber knowledge that goes far beyond typical technical expertise. To further address the critical workforce shortage in the industry, Cybint launched the Cyber Talent Network platform which helps match qualified cyber professionals with employers in their region based on the candidates’ skills and capabilities. Cybint was founded as a collaboration of military-trained cybersecurity and intelligence experts, industry professionals and well-seasoned educators.

SOURCE Cybint Solutions

Source link

The post #deepweb | <p> Don’t be scared of the Dark (Web)! <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Dark Web Drug Seller Sinmed Goes Down—Thanks to ATM Withdrawals

Source: National Cyber Security – Produced By Gregory Evans

Until a few weeks ago, sinmed was one of the largest drug vendors at Dream Market, the foremost dark web bazaar. It took in millions of dollars shipping fentanyl-laced heroin, methamphetamines, and hundreds of thousands of counterfeit Xanax tablets across the US—until the New York district attorney’s office shut it down, and arrested the three men who allegedly ran it.

Dark web takedowns happen all the time. But sinmed was a power player, among Dream Market’s top 3 percent of vendors in terms of sheer transactions. And its rise and fall, as detailed by Manhattan DA Cyrus Vance and a recently unsealed indictment, shows not only how dark web storefronts operate, but also how law enforcement at every level has become increasingly savvy at tracking them down.

Act Local

When you read about dark web takedowns, they typically involve sweeping actions by federal agencies. The Joint Criminal Opioid and Darknet Enforcement team—made up of agents from the FBI, DEA, CBP, and more—announced in March that it had made 61 arrests and shuttered 50 accounts related to dark web activity as part of Operation SaboTor, a crackdown months in the making.

“It is definitely a significant arrest.”

Nicolas Christin, Carnegie Mellon University

But while the sinmed case involved cooperation from the Secret Service, US Postal Inspection Service, and Homeland Security Investigations, it originated—unusually—with the Manhattan DA. More precisely, with a tip the DA’s office received in 2017 about good old-fashioned suspicious ATM withdrawals.

“For time immemorial we have been saying that in cases of economic crime, it’s really all about following the money,” Manhattan district attorney Cy Vance said at a press conference Tuesday announcing the charges. “Pulling the thread and following the money in 2019 today is about knowing where to look on the internet and in cyberspace.”

Sinmed Inc.

In late March 2016, the unsealed indictment alleges, 51-year-old Ronald MacCarty ordered 10 kilograms of microcrystalline cellulose from an unspecified vendor. It was the first of at least nine such orders he and Chester Arthur would place over the following two years; by May 2018, the size had grown to 500 kilograms.

On its own, MCC is harmless, mostly used as a binding agent. You can buy it on Amazon. But you can also use it to make pills. According to court documents, Anderson and MacCarty methodically worked their way up to doing just that. In July 2016, the two incorporated a company called Next Level Research and Development. From there, they attempted to buy a kilogram of alprazolam—sold commercially as Xanax—as well as a vial filling and capping machine, a powder mixer, a tablet press machine, and Xanax punch dies. Everything you need, as the indictment says, “to manufacture and sell tablets containing controlled substances.”

Over the course of their operation, according to the Manhattan district attorney’s office, Anderson and MacCarty—along with Jarrette Codd—shipped more than 1,000 packages to buyers in 43 states, laundering $2.3 million in cryptocurrency along the way. At the time of the trio’s arrest on April 4, investigators seized 420,000 to 620,000 alprazolam tablets, 500 glassines of fentanyl-laced heroin, and assorted other drugs. All three men have pleaded not guilty.

Law enforcement seized hundreds of thousands of counterfeit Xanax pills this month as part of the sinmed takedown.Manhattan District Attorney

Source link

The post #deepweb | <p> Dark Web Drug Seller Sinmed Goes Down—Thanks to ATM Withdrawals <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Panorays Unveils Dark Web Insights Security Intelligence Solution | Security News

Source: National Cyber Security – Produced By Gregory Evans

Opportunities For Security Integrators In The Healthcare Vertical

The healthcare market is rife with opportunity for security systems integrators. Hospitals have a continuous need for security, to update their systems, to make repairs, says David Alessandrini, Vice President, Pasek Corp., a systems integrator. “It’s cyclical. Funding for large projects might span one to two years, and then they go into a maintenance mode. Departments are changing constantly, and they need us to maintain the equipment to make sure it’s operating to its full potential.”
The experience of Pasek Corp. is typical of the opportunities available for security integrator companies in the healthcare vertical. A single large hospital system can supply a dependable ongoing source of revenue to integrator companies, says Alessandrini. Hospitals are “usually large enough to provide enough work for several people for an extended length of time.”  Healthcare customers in Pasek’s service area around Boston provide the potential for plenty of work. “We have four major hospitals, each with in excess of 250 card readers and 200 cameras, in the Boston area,” Alessandrini says.
One appeal of the healthcare market for North Carolina Sound, an integrator covering central North Carolina, is the breadth of possible equipment they can sell into the healthcare market, including access control and video, of course, but also other technologies, such as audio-video systems in a dining room. North Carolina Sound has also installed sound masking in some areas with waiting rooms to protect private patient information from being overheard. Locking systems on pharmaceutical doors are another opportunity.
Data capture form to appear here!
IP based networked video systems
A facility’s IT folks must be convinced an IP solution will function seamlessly on their network
Among North Carolina Sound’s customers is Wayne Memorial Hospital, Goldsboro, N.C., which uses about 340 video cameras, with 80 percent or more of them converted to IP. The hospital is replacing analog with IP cameras as budget allows, building network infrastructure to support the system. The healthcare market tends to have a long sales cycle; in general, sales don’t happen overnight or even within a month or two. In fact, the period between an initial meeting with a healthcare facility and installation of a system could stretch to a year or longer. A lot happens during that time.
Healthcare systems involve extensive planning, engineering, and meetings among various departments. Physical security systems that involve the information technology (IT) department, as do most systems today, can be especially complex. Installation of networked video systems based on Internet protocol (IP) requires deep and probing discussions with the IT team about how a system fits into the facility’s network infrastructure. A facility’s IT folks must be convinced an IP solution will function seamlessly on their network.
Compatible with the network
They must vet the technology to ensure the devices and solutions will be compatible with the network, and must sign off on technology choices. And even more important is determining if the security system will adhere to cybersecurity requirements of the facility. A complete solution that integrates nearly any system that lives on or uses a facility’s network is ultimately what the healthcare vertical is moving toward, says Jason Ouellette, General Manager – Enterprise Access Control & Video, Johnson Controls.
Healthcare security professionals are early adopters of technology, implementing the best technology available”“We are hearing more and more from customers across industries that they want to be able to use their security systems and devices for more than just security: they want added value,” says Ouellette. Many want to use access control, video surveillance and other data sources to assess their business operations and/or workflows with the goal of improving efficiency.
Upgrade cost-effectively
Historically, three factors have prevented many organizations from moving forward with new technologies: lack of money, proprietary systems, and the need to “rip and replace” large parts of the installed systems, says Robert Laughlin, CEO and Chairman, Galaxy Control Systems. “Today, while funding is almost always a limiting factor at some level, the progression of industry standards and ‘open’ systems has made a big positive impact on the ability of organizations to upgrade cost-effectively,” he says.
Despite any obstacles, healthcare customers generally welcome new innovations. “I would say healthcare security professionals in general are early adopters of technology and like to implement the best technology available,” says Jim Stankevich, Global Manager – Healthcare Security, Johnson Controls/Tyco Security Products. “For most, rapid implementation is limited by budgets and available funding.”
Missed part one of our healthcare mini series? Click here.

Source link

The post #deepweb | <p> Panorays Unveils Dark Web Insights Security Intelligence Solution | Security News <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Instagram now supports dark mode on iOS 13 — here’s how to enable it

Source: National Cyber Security – Produced By Gregory Evans

Welcome to TNW Basics, a collection of tips, guides, and advice on how to easily get the most out of your gadgets, apps, and other stuff.

Instagram has joined the dark side. Well, not really, sort of. The Facebook-owned social media platform has updated its app for iOS 13 with support for dark mode.

The setting is an extension of iOS‘ system-wide dark mode, and Instagram has basically revamped its UI to match the theme.

In case you haven’t already caught a glimpse, here’s what it looks like:

No surprises there, it’s the standard combo of black and grey, mixed with white text and icon layouts.

How to turn on dark mode

To get the dark look, you’ll need to enable iOS 13‘s own dark mode. That seems to be the only way for now, since Instagram has yet to include a native switch in its app.

Anyways, here are the steps you need to follow:

  • Pull the control center on your iPhone
  • Long-press on the brightness indicator
  • Select dark mode from the toggle options below to enable it
  • Boom! You’re done

Alternatively, you can ask Siri to enable dark mode by uttering the magic phrase “Hey Siri, turn on/off the dark mode.”

A third way to do it is by going to Settings > Display & Brightness, and then tapping on the “Dark” theme option. As easy as that.

Once you’ve used any of these three approaches, Instagram will automatically switch to dark mode too.

Unfortunately, Instagram‘s dark mode is currently exclusively available on iOS. Don’t fret, though: it seems that the Facebook subsidiary is testing the feature on Android, so chances are it’ll make its way to Google’s operating system soon.

Read next:

Satoshi Nakaboto: ‘Bitcoin volume hits all-time high in Hong Kong’

Source link

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference

The post #deepweb | Instagram now supports dark mode on iOS 13 — here’s how to enable it appeared first on National Cyber Security.

View full post on National Cyber Security

Belgrade #Suspect #Arrested over Being #Part of #Hackers’ Group ‘The #Dark #Overlord’

Officials from Serbia recently detained a Belgrade resident who’s doubted as belonging to a hacking group named DarkOverlord or The Dark Overlord.

The resident, a man aged 38, uses the initials “S.S” for his name and is a Belgrade citizen.
Except for these, nothing about his identity is known.

The Federal Bureau of Investigation has kept silent giving no remarks about the arrest. However, Serbian officials state they executed the detention when they were conducting an operation for exposing the people using the moniker “The Dark Overlord” online.

Running active from 2016, DarkOverlord has gained notoriety for hacking schools and medical providers to seize their personal files followed with blackmailing the institutions into paying money if they don’t want their information to be sold on the underground world. Earlier, the hackers had apparently seized addresses, phone numbers and Social Security Numbers belonging to innumerable medical patients that could’ve been utilized for committing ID-theft. In.pcmag.com posted this, May 17, 2018.

Beginning from June 2016, The Dark Overlord infiltrated the systems of 50-or-so victims, stealing a variety of data such as intellectual property and crucial health information followed with demanding ransoms in exchange of leaving the filched data safe.

The hackers’ syndicate is well-known with regards to executing one cyber-crime series spanning 2-yrs and comprising extortion along with hacking followed with revealing episodes contained in a Netflix sequence namely “Orange-is-the-New-Black” and also breaking into U.S. school computers as well as threatening the country’s students with murder.

At times the crooks weren’t satisfied with hacking they’d start physical violence threat against the hacked entities. During 2017, an infamous campaign carried out in USA included breach of systems of high schools and then theft of personal data to be followed with holding those data for ransoms. And in case the schools did not pay up, the gang would find out the contact details of staff and students from the filched data and then threaten them.

It’s not clear whether The Dark Overlord group consists of one person or several individuals. However on Twitter, it frequently uses the words “us” and “we” as reference to the gang while blackmailing hacked victims.


The post Belgrade #Suspect #Arrested over Being #Part of #Hackers’ Group ‘The #Dark #Overlord’ appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Ransomware Sales on the Dark Web Surged by 2,502 Percent in the Past Year

Source: National Cyber Security – Produced By Gregory Evans

Ransomware Sales on the Dark Web Surged by 2,502 Percent in the Past Year

The past year saw a 2,502 percent increase in sales of ransomware on the dark Web, from just under $250,000 to more than $6.2 million, according to a recent Carbon Black report.

“This increase is largely due to a simple economic principle — supply and demand,” the report states. “Cyber criminals are increasingly seeing opportunities to enter the market and looking to make a quick buck via one of the many ransomware offerings available via illicit economies.”

There are now more than 6,300 dark Web marketplaces selling ransomware, with 45,000 product listings priced from $0.50 to $3,000, and a median price of $10.50.

“Based on our research, ransomware can no longer be perceived as petty criminals performing stick-ups and kidnappings,” Carbon Black security strategist Rick McElroy said in a statement. “Instead, ransomware has become a rapidly growing, cloud-based black market economy focused on destruction and profit.”

“Today, legitimate enterprises avoid heavy investments in infrastruture — and hackers are no different,” McElroy added. “In fact, with ransomware, hackers have set a model for a cloud-based, high-profit and effective turnkey service economy.”

A Growing Threat

A recent Crowd Research Partners survey of 516 cyber security professionals, commissioned by Cybersecurity Insiders, found that while 80 percent of respondents view ransomware a moderate or extreme threat, only a small fraction say they would pay the ransom or negotiate with attackers.

The most common ransomware infection vectors, the survey found, are from employees opening malicious email attachments (73 percent), responding to a phishing email (54 percent), or visiting a compromised website (28 percent).

The most effective way of blocking ransomware, respondents said, is user awareness (77 percent), followed by endpoint security solutions (73 percent) and patching operating systems (72 percent).

Fifty-one percent of respondents are only slightly to moderately confident of their organization’s ransomware defenses, and 39 percent say it would take as long as a few weeks to recover from an attack.

“In many respects, ransomware is a game changer,” Cybersecurity Insiders founder and CEO Holger Schulze said in a statement. “It is incredibly easy and inexpensive for cyber criminals to execute highly profitable attacks on a global scale.”

No Defenses

A separate Magnet Networks survey of 205 companies in Ireland found that fully 48 percent of respondents have no cyber security policy in place. Another 27 percent either said they’re completely unsecure or their security needs tightening.

“We found that only 13 percent of respondents think that their business is very secure — and in the absolute world of cyber attacks you are either totally secure or you are vulnerable in some way,” Magnet Networks cyber security expert James Canty said in a statement.

In 72 percent of companies with under 10 employees, network security is handled either by the business owner, the office manager, or in 9 percent of cases, no one at all.

That means that as many as 171,000 Irish businesses, Canty said, “have no one qualified looking after their network security and may not be protected against a ransomware and cybercrime industry which is growing at a rapid rate.”


The post Ransomware Sales on the Dark Web Surged by 2,502 Percent in the Past Year appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

‘Did you know your electronic health records can sell for as much as €40 on the dark web?’

Source: National Cyber Security – Produced By Gregory Evans

AS THE PERSONAL details of half of all Americans are stolen, Ronan Murphy asks how prepared is Ireland to face the €1.6 trillion cyber-threat? The breach at US credit reporting company Equifax is one of the biggest to date. Sometime in late July, cyber criminals infiltrated their supposedly secure system to steal…

The post ‘Did you know your electronic health records can sell for as much as €40 on the dark web?’ appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers can buy the new ‘Disdain’ exploit kit for as little as £60 on the dark web

Source: National Cyber Security – Produced By Gregory Evans

For just over £60 per day, tech-savvy criminals can now buy access to a new exploit kit (EK) which has been designed to remotely infect computers, experts have warned. Known as “Disdain”, the hacking tool was recently put up for sale on an underground Russian forum hosted on the dark…

The post Hackers can buy the new ‘Disdain’ exploit kit for as little as £60 on the dark web appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures