While the dark web offers a haven for criminals and serves as inspiration for Hollywood blockbusters, it’s much more mundane in real life. Still, many businesses feed into the fallacies surrounding the dark side of the Internet, ultimately delaying their ability to protect employees and consumers.
We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Such coverage is potentially quite harmful and plays deftly into the hands of organized crime.
Data breaches are almost always a catastrophic event for privacy and security. Not only can millions of people end up with their personal data exposed, but these breaches can also spiral even further out of control once hackers start testing leaked passwords and email addresses on other platforms.
"The City of Knoxville is aware that the threat actor is publishing city data acquired in the attack," the city says. The group that hijacked the city of Knoxville's computer network system last month has begun posting personal data files of employees on the dark web.
The threat actor behind the Sodinokibi (REvil) ransomware is demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A. The company has confirmed that it was hit with a cyberattack without providing specific information on the type of compromise, but AppGate’s security researchers, who have obtained a sample of the malware believed to have been used in the attack, are confident that the incident involves the Sodinokibi ransomware.
A database of 384,319 BMW car owners in the U.K. is being offered for sale on an underground forum by the KelvinSecurity Team hacking group, according to KELA, a darknet threat intelligence firm, based in Tel Aviv.
Attackers who used the Nefilim ransomware, that works on Windows systems, to attack appliance maker Fisher & Paykel have posted links to a second lot of documents which were stolen from the company during the attack, security sources have told iTWire.