A new press release by Privacy Affairs offers an updated estimate about what we are worth on the dark web. The researchers’ Dark Web Price Index indicates: Online banking logins cost an average of $35 Full credit card details including associated data cost $12-20 A full range of documents and account details allowing identity theft can be…
Category: Commentaries and Analyses
Boffins find that over nine out of ten ‘ethical’ hackers are being a bit naughty when it comes to cloud services
Thomas Claburn reports: Infosec pros and hackers regularly abuse cloud service providers to conduct reconnaissance and attacks, despite efforts by cloud providers to limit such activity. In a recent research paper titled “Cloud as an Attack Platform” [PDF], five boffins from Texas Tech University – Moitrayee Chatterjee, Prerit Datta, Faranak Abri, Akbar Siami-Namin, and Keith…
If you’re despairing at staff sharing admin passwords, look on the bright side. That’s CIA-grade security
Shaun Nichols reports: The CIA was so focused on developing whizzbang exploit code, it left any thought of basic computer security principles on the kitchen counter before dashing off to work each morning. That oversight led to the super-agency inadvertently spilling its hacking tools ultimately into the hands of WikiLeaks, which duly disclosed details of the spies’…
North Korea’s state hackers caught engaging in BEC scams
Catalin Cimpanu reports: At the ESET Virtual World security conference on Tuesday, security researchers from Slovak antivirus maker ESET have disclosed a new operation orchestrated by the Pyongyang regime’s infamous state-sponsored hacker crews. Codenamed “Operation In(ter)ception,” this campaign targeted victims for both cyber-espionage and financial theft. Read more on ZDNet.
Warning issued over hackable security cameras
Amer Owaida reports: Around 3.5 million security cameras installed in homes and offices mainly in Asia and Europe have serious vulnerabilities that expose the gadgets’ owners to the risk that attackers will spy on them, steal their data or target other devices on the same networks, the United Kingdom’s consumer watchdog Which? has warned. “Brands with…
Lessons learned from the ANPR data leak that shook Britain
Ax Sharma reports: On April 28, 2020, The Register reported the massive Automatic Number-Plate Recognition (ANPR) system used by the Sheffield government authorities was leaking some 8.6 million driver records. An online ANPR dashboard responsible for managing the cameras, tracking license plate numbers and viewing vehicle images was left exposed on the internet, without any password or…