Tag: Expanding | SpinSafe

The Dark Web Is Expanding (As Is the Value of Monitoring It)

August 7, 2023/in Internet Security

Many security professionals today associate the Dark Web with named leaks, which are leaked credentials from employee password reuse. This is still a relevant threat; in the last six years, the Flare platform has counted over 12 billion leaked credentials. The Dark Web is rapidly growing along with the variety of cybercrime. So is the value in monitoring it.

The cybercrime ecosystem now not only includes private communications platforms like I2P and Tor but also reaches across clear websites and Telegram channels.

Dark Web Monitoring: What to Watch For

There is tangible value in monitoring the Dark Web for potential risks. Following are some of the threats you might encounter.

Infostealer Malware

Stealer logs with corporate access are likely one of the most significant vectors for data breaches and ransomware attacks today.

Infostealer variants such as RedLine, Raccoon, Vidar, Titan, and Aurora infect computers, then exfiltrate the browser fingerprint containing all the saved passwords in the browser. Threat actors then sell the results on Dark Web marketplaces or Telegram channels.

Screenshot of a threat actor promoting RedLine stealer malware

These logs are then used for account takeover attacks, stealing cryptocurrency, or as initial access for ransomware attacks. Flare monitors more than 20 million infostealer logs and is adding 1 million new logs per month, many of which contain credentials to multiple corporate applications. We believe that somewhere between 2% and 4% of logs contain access to corporate IT environments that could pose significant risk if compromised.

To detect malicious actors distributing stealer logs across the Dark Web and Telegram, companies can monitor for any logs that contain an internal corporate domain access, such as sso.companyname.com.

Initial Access Brokers

Initial access brokers (IABs) are active across Dark Web forums, such as XSS and Exploit.in. IABs establish initial access to companies, which they resell in auction and forum threads, typically for $10,000 to $500,000 per listing, depending on the company and level of access. A listing usually contains:

Number of devices and services compromised
Industry of the victim company
Antivirus or endpoint…

Source…

GBT is Expanding its Cybersecurity R&D Efforts with the goal of Developing Threat Intelligence Technology

September 8, 2022/in Mobile Security

News and research before you hear about it on CNBC and others. Claim your 1-week free trial to StreetInsider Premium here.

SAN DIEGO, Sept. 08, 2022 (GLOBE NEWSWIRE) — GBT Technologies Inc. (OTC PINK: GTCH) (“GBT” or the “Company”), is expanding its cybersecurity research and development efforts with the goal of developing threat intelligence technology. The Company intends to invest further R&D resources to detect and track ever-evolving, global, cyber threats and to provide real time, automated incident response and remediation. Cyber incidents have become a big data challenge. A significant amount of data requires rapid analysis to make a decision and take a proper action; quickly. GBT is seeking to develop advanced security algorithms and techniques to evaluate the nature, severeness and possible impacts of threats, providing intelligent categorization and prioritization to make accurate decisions, and taking the necessary actions. The planned technology will proactively hunt for hidden threats that have bypassed security mechanisms with deep learning algorithms to investigate suspicious threats, predicting possible incidents, and prepare ahead-of-time responses. The Company plans to develop a global platform that can handle the necessary huge data capacity and have an intelligent skillset to handle complex security incidents. The Company is seeking to develop a system that will have the ability to be fully automated, within global networks and cybersecurity systems, monitoring, predicting, detecting and responding to threats targeting individuals and businesses, 24/7. The goal of GBT’s planned automated security system will be to significantly strengthen defenses and resilience against cyber criminals.

“Cybersecurity incidents are constantly on the rise and we are preparing an intelligent solution with the goal of addressing malicious attacks against individuals, businesses and governmental institutions. With today’s vast amount of information, cyber threats are becoming a big data case. Networks, sensitive apparatus, industrial systems and personal devices are operating with huge data and bandwidths which makes it harder to detect, identify and differentiate…

Source…

Rising Popularity of IoT: Expanding Challenges for Security Leaders

December 7, 2021/in Computer Security

Read Article

By Argha Bose, Head Cyber Security and Risk Business, TATA Advanced Systems Limited- Cyber Security Practice

Security risks in the world of IoT or the Internet of Things are constantly on the rise with the growth in its popularity. Although IoT has provided businesses with opportunities to create more value and improve efficiencies, the continual connectivity (along with constant information sharing) has provided adversaries with options to compromise the integrity and confidentiality of sensitive data. Consequently, the risks have grown significantly.

There is a broad range of smart devices available nowadays, which are being widely used by individuals in every business vertical. These connected devices include Alexa-enabled digital assistants, smartwatches/fitness bands, smart bulbs, etc. While, if we talk about IoT technology on the industrial level, multiple organizations had already incorporated IIoT and are reaping its benefits. For instance, Magna Steyr, an Austrian automotive manufacturer, is using the concept of smart factories to offer production flexibility. Also, ABB, a power and robotics firm, is utilizing connected, low-cost sensors to observe the maintenance of its robots to timely repair parts before they go down.

I believe that the adoption of IoT & IIoT will keep increasing with time. It is expected that the total number of IoT devices globally will reach 30.9 billion by 2025 (Source: Statista), while the global IIoT market is projected to reach USD 1.1 trillion by 2028 (Source: Grand View Research). Hence, it becomes important for us to step up and understand the security challenges of IoT technology so that the defence can be strengthened.

IoT: Things of Benefit for Threat Actors
Cyber attacks are not new to IoT, the difference is that they are becoming complex than before along with the increasing IT threat landscape. Threats actors view connected devices as an extremely valuable asset because of several reasons, including:

• Interoperability Issue: Industrial IoT (IIoT) environments usually include numerous devices, software, hardware and legacy equipment, which were primarily not designed to work collaboratively. This engenders a…

Source…