Inexperienced Malicious Actors Leak Data about Themselves
There has been a flurry of news reports about malicious actors taking advantage of the COVID-19 pandemic to steal personal and financial information from victims. Bleeping Computer recently reported that malicious actors were sending fake invitations to get vaccinated by the UK National Health Service. To receive their vaccine, the victims were asked to share […]
The Russians or the Victims: Who’s to Blame for Carding?
Whenever Russians are mentioned in a story about the criminal underground, they were most likely part of some illicit activity. A few years ago, Russians appeared to be deeply involved in spam campaigns and sending illicit pharmaceuticals online. More recently, there have been increasing mentions of Russians participating in ransomware distribution, as well as in […]
What Are Malicious Actors Secretly Doing with Your Data?
A well-known malicious actor recently published on a forum the information of millions of customers of a popular T-shirt printing service. While no passwords were leaked, the criminal did publish the email addresses and personal information (names, addresses, and phone numbers) of millions of people. Why is this leak significant? First, this basic information is […]
Human Error Triggers Ransomware Attack, Largest Healthcare Security Breach in Sask.’s History
Some time between December 2019 and January 2020, eHealth Saskatchewan, the province-wide health delivery service, fell victim to a Ryuk crypto-ransomware attack, exposing the personal and medical information of more than 500,000 people. According to Ron Kruzeniski, Saskatchewan’s Information and Privacy Commissioner, the incident has been declared the largest data breach in the province’s history. […]
Another one bites the dust: goodbye Joker’s Stash. What’s next?
Last week DarkMarket, the second largest dark web marketplace, was shut down by law enforcement in Europe. This takedown is the result of increasing joint efforts to take down dark web facilitated crime. Some dark web market administrators are taking notice, and deciding to retire on their own terms, before the police come knocking on […]
DarkMarket Shut Down by Law Enforcement: New Lessons Learned
Over the weekend, German law enforcement shut down DarkMarket, a dark web marketplace, and arrested its administrator, an Australian living in Europe. According to the official press release, DarkMarket had: almost 500,000 users; more than 2,400 sellers; over 320,000 transactions; more than 4,650 bitcoin and 12,800 monero transferred for a total of CAD$217 million in […]
Malicious Actors Show Little Interest in Automotive Source Code Leak
Technical data leakage strikes again, this time affecting a major manufacturer in the automotive industry. Bleeping Computer reported this week that a misconfigured Git server has leaked source code from Nissan North America. The server had been secured with a default username and password, respectively admin:admin. It contained 20GB of data including code for mobile […]
U.S. Capitol Riots: What May Happen After the Physical Penetration of A Network
Recent events at the Capitol in Washington D.C. were condemned for their impact on the democracy of the United States. What was much less discussed, however, is their impact on the integrity of U.S. government networks and databases. Data Breach Today reported this week that: Computers in [Speaker of the House] Nancy Pelosi’s office were […]
Our Take on the Top 5 Predictions for 2021
Every December, analysts make predictions about the key events in the following months. These lists range from the most obvious (ex. ransomware will be a big risk in the next 12 months) to the most industry insider (ex. investments in endpoint security cloud services from Europe precisely will grow by 2.4%), which may be of […]
What do fraudsters want for Christmas in 2020?
‘Tis the season to be jolly, even though this year has been a challenge, to say the least. While some are thinking about end of year reports and others are looking ahead for a hopeful 2021, fraudsters remain active on dark web marketplaces. What is the criminal underground doing this holiday season? Our team investigated […]
