Join our followers
DarkSide extracts $4.4m ransom from German chemical distribution company
Sunday, May 16, 2021
All these stolen login credentials belonging to Fortune 500 companies were found pasted on resources within the TOR network, across various web forums, Pastebin, IRC channels, social networks, messenger chats and many other locations notorious for offering, selling or distributing stolen or leaked data," ImmuniWeb said.
"These numbers are both frustrating and alarming. The great wealth of stolen credentials accessible on the Dark Web is a modern-day Klondike for mushrooming threat actors who don’t even need to invest in expensive zero-day or time-consuming APTs. With some persistence, they easily break-in being unnoticed by security systems and grab what they want. Worse, many such intrusions are technically uninvestigable due to lack of logs or control over the breached [third-party] systems," said Ilia Kolochenko, CEO and Founder of ImmuniWeb.
"In the era of cloud, containers and continuous outsourcing of critical business processes, most organizations have lost visibility and thus control over their digital assets and data. You cannot protect what you don’t see, likewise you cannot safeguard the data if you don’t know where it’s being stored and who can access it. Third-party risks immensely exacerbate the situation by adding even more perilous unknowns into the game.
"A well-thought, coherent and holistic cyber security and risk management programme should encompass not just your organisation but third parties in a continuous and data-driven manner," he added. Read Full Article
CPO Magazine: France’s Largest Insurer Will No Longer Cover Ransomware Payments
Infosecurity Magazine: AXA to Stop Reimbursing Ransom Payments
