What to do if your company was mentioned on Darknet?

Every year is abundant with major data leaks, biggest data breaches and hacks drawing massive media attention.
While the darknet does facilitate the sale of diverse data types, for example, bank card information, driver licenses and ID photos, etc.
As a result of our research, we found out that 223 in 700 companies were mentioned across Darknet in different data breach-related topics.
Statistically, it means that every third company was referenced in dark web posts associated with the sales of data or access, while from the news we know that even the companies with high cybersecurity maturity level were hacked.
Further in the article, we present a statistical overview encompassing all dark web posts regarding the sale, purchase, or free distribution of compromised accounts, data sourced from breaches, and corporate accesses spanning January 2022 to November 2023.
A data breach exposes confidential, sensitive information and can cause major problems.
The most common example are databases and internal documents, since every company of all sizes operate with confidential data which has a price.
The leaks can affect the company itself, the employees, and the customers.
According to Kaspersky DFI Portal, around 1,700 unique posts appeared on Darknet every month related to sale, distribution, or purchase of data breaches.
Other popular type of recirculating leakages are databases with scraped public data, such as names, profiles IDs and emails, from popular social networks.
Another popular type of data sold on Darknet is infrastructure accesses.
The reason for the infrastructure accesses popularity is simple: complex attacks almost invariably include several phases, such as reconnaissance, initial access to the infrastructure, gaining access to target systems and/or privileges, and the actual malicious acts.
For a business that wants to mitigate the risks related to infrastructure access sale, the very first challenge is to get to know about the sale.
The huge difference of this data type compared to other types is that cybercriminals prefer not to mention the company's name in the message so not to lose the access.
A few examples of forum messages with companies' attributes.
Typically, hacked access to corporate infrastructure includes accounts for a corporate VPN service and some servers or hosts in the internal networks.
There is another category of data which is a real find for gaining initial access - compromised accounts.
They still can do it if they do not need the data anymore and want to level up their rate among cybercriminal community on a specific darknet forum.
All three types of leaked credentials threaten companies since, despite prohibitions, employees use corporate email addresses to register on third-party websites.
In a typical scenario, company employees are using the same passwords for external services and for corporate resources, which can help cybercriminals to get unauthorized access to the corporate infrastructure.


This Cyber News was published on securelist.com. Publication date: Tue, 12 Dec 2023 10:13:05 +0000


Cyber News related to What to do if your company was mentioned on Darknet?

What to do if your company was mentioned on Darknet? - Every year is abundant with major data leaks, biggest data breaches and hacks drawing massive media attention. While the darknet does facilitate the sale of diverse data types, for example, bank card information, driver licenses and ID photos, etc. ...
10 months ago Securelist.com
Revenue from Darknet Markets Dropped to 13 Billion in 2022 - The amount of money earned by darknet markets decreased from $2.6 billion in 2021 to $1.3 billion in 2022, according to a new study. Researchers from blockchain analysis firm Chainalysis attributed much of the decline to the closure of Hydra Market, ...
1 year ago Therecord.media
A Cybersecurity Risk Assessment Guide for Leaders - Now more than ever, keeping your cyber risk in check is crucial. In the first half of 2022's Cyber Risk Index, 85% of the survey's 4,100 global respondents said it's somewhat to very likely they will experience a cyber attack in the next 12 months. ...
1 year ago Trendmicro.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 month ago Aws.amazon.com
US Man Jailed 8 Years for SIM Swapping and Apple Support Impersonation - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
11 months ago Hackread.com
Is it possible to use an external SSD to speed up your Mac - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
9 months ago Hackread.com
Defend Your Business: Testing Your Security Against QakBot and Black Basta Ransomware - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
5 months ago Securityboulevard.com
How to Temporarily Deactivate Instagram? - Instagram is an amazing social platform where you can stay in touch with your friends and influencers, but sometimes it can be too much. If Instagram has become too distracting or overwhelming for you to use effectively-whether for mental peace, ...
10 months ago Hackercombat.com
What is Biometric Security? Your Body Becomes Your Key - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
9 months ago Hackersonlineclub.com
Lee County student Chromebooks hacked in 'Cyber Monday prank' - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Nbc-2.com
Google to Delete Inactive Gmail Accounts From Today - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Particle Network's Intent-Centric Approach Aims to Simplify and Secure Web3 - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Stellar Cyber Bridges Cybersecurity Skills Gap with First-of-Its-Kind University Program - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Microsoft Outlook Vulnerability Exploited by Russian Forest Blizzard APT - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Int'l Dog Breeding Org WALA Exposes 25GB of Pet Owners Data - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
11 months ago Hackread.com
Q3 2023 Cyber Attacks Statistics - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackmageddon.com
Fake Lockdown Mode Exposes iOS Users to Malware Attacks - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Adobe ColdFusion Flaw Used by Hackers to Access US Govt Servers - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
11 months ago Hackread.com
Cryptocurrency losses reach $1.75 Billion in 2023; CeFi and Hacks Blamed - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Flashpoint Uncovers 100,000+ Hidden Vulnerabilities, Including Zero-Days - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
New XorDdos-Linked Linux RAT Krasue Targeting Telecom Firms - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Hacker IntelBroker Leaks Alleged Sensitive US DoD Documents - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Bluetooth Vulnerability Enables Keystroke Injection on Android, Linux, macOS, iOS - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
10 months ago Hackread.com
Fake hotel reservation phishing scam uses PDF links to spread MrAnon Stealer - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
10 months ago Hackread.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)