Tag: dark-web
-
Massive Cyberattack Hits Italian Hotels: Tens of Thousands of Passports Stolen and Sold on the Dark Web
The Italian Agency for Digitalization (Agid) has confirmed a large-scale cyberattack targeting hotel servers across Italy. Tens of thousands of high-resolution scans of identification documents, such as passports and ID cards, have been stolen and are now being illegally sold on the dark web. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/agid-confirms-italy-hotel-hack/
-
Kimsuky APT Exposed: GPKI Certificates, Rootkits, and Cobalt Strike Assets Uncovered
A comprehensive operational dump from the North Korean Kimsuky APT organization, also known as APT43, Thallium, or Velvet Chollima, appeared on a dark web forum in an uncommon instance of state-sponsored cyber espionage. This leak, comprising virtual machine images, VPS dumps, phishing kits, rootkits, and over 20,000 browser history records, provides an unparalleled glimpse into…
-
New macOS Installer Boasts Lightning-Fast Data Theft, Marketed on Dark Web
A novel macOS infostealer malware, designated as Mac.c, has emerged as a formidable contender in the underground malware-as-a-service (MaaS) ecosystem. Developed openly by a threat actor operating under the pseudonym >>mentalpositive,
-
Dialysis Chain Tells Feds Hack Affects Nearly 2.7 Million
Stolen DaVita Data Leaked on Dark Web by Ransomware Gang Interlock. Months after cybercriminal gang Interlock claimed to have stolen more than 1.5 terabytes of patient data from kidney dialysis chain DaVita, the company told federal regulators that the cyberattack first disclosed in April has affected nearly 2.7 million people. First seen on govinfosecurity.com Jump…
-
BQTLOCK Ransomware-as-a-Service Emerges, Boasting Sophisticated Evasion Tactics
Ransomware-as-a-Service (RaaS) models continue to democratize sophisticated attacks in the ever-changing world of cybercrime by allowing affiliates with little technical know-how to distribute ransomware through profit-sharing or subscription models. A newly identified strain, BQTLock, has emerged since mid-July 2025, operating under this RaaS paradigm and marketed aggressively on dark web forums and Telegram channels. Overview…
-
Colt Admits Customer Data Likely Stolen in Cyber-Attack
Colt customers can request a list of filenames posted on the dark web via a dedicated call center First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/colt-customer-data-likely-stolen/
-
Colt changes tune, admits data theft as Warlock gang begins auction
Worried about your data? Not to worry, we’ll check the dark web for you! Yes really First seen on theregister.com Jump to article: www.theregister.com/2025/08/21/colt_warlock_auction/
-
Police & Government Email Access for Sale on Dark Web
Cybercriminals are auctioning off live email credentials, giving other criminals access to sensitive systems, confidential intelligence, and, potentially, a higher success rate than ever. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/government-email-sale-dark-web
-
US reveals it seized $1 million worth of Bitcoin from Russian BlackSuit ransomware gang
The United States Department of Justice has revealed that the recent takedown of the BlackSuit ransomware gang’s servers, domains, and dark web extortion site, also saw the seizure of US $1,091,453 worth of cryptocurrency. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/us-reveals-it-seized-1-million-worth-of-bitcoin-from-russian-blacksuit-ransomware-gang
-
9 things CISOs need know about the dark web
Tags: 2fa, access, ai, attack, automation, backup, blockchain, botnet, breach, captcha, ceo, ciso, communications, corporate, credentials, crypto, cyber, cybercrime, cybersecurity, dark-web, data, data-breach, ddos, deep-fake, defense, detection, dns, exploit, extortion, finance, fraud, group, guide, hacking, identity, incident, incident response, infrastructure, intelligence, international, jobs, law, leak, lockbit, malicious, malware, marketplace, mfa, monitoring, network, open-source, phishing, privacy, ransomware, resilience, risk, russia, saas, scam, service, strategy, tactics, technology, threat, tool, training, vpn, vulnerability, zero-dayNew groups form after major marketplaces are disrupted: International takedown efforts damage infrastructure and curb cybercrime operations by disrupting larger operations, removing major players from the ecosystem and scattering user bases.However, the dark web is highly adaptive and sophisticated actors often maintain contingency plans, including mirrors, backups, and alternative forums, according to Edward Currie, associate…
-
How Insurers Use Threat Intelligence to Reduce Losses
Tokio Marine HCC Targets Vulnerabilities Before They’re Exploited. With ransomware incidents at record highs, Tokio Marine HCC integrates dark web monitoring, vulnerability scanning and incident data into its underwriting process to help clients close gaps and lower the chance of costly breaches. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/how-insurers-use-threat-intelligence-to-reduce-losses-a-29180
-
60 RubyGems Packages Steal Data From Annoying Spammers
A Dark Web antihero has been stealing and then reselling credentials from unsavory online characters. Their motives are questionable, but the schadenfreude is irresistible. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/60-rubygems-packages-steal-spammers
-
Flipper Zero Dark Web Firmware Cracks Rolling Code Security in Modern Cars
Security researchers have discovered alarming new firmware for the popular Flipper Zero device that can completely bypass the rolling code security systems protecting millions of modern vehicles. The breakthrough attack, demonstrated by YouTube channel Talking Sasquatch, represents a significant escalation in automotive cybersecurity threats, requiring only a single intercepted signal to compromise a vehicle’s entire…
-
Flipper Zero Dark Web Firmware Cracks Rolling Code Security in Modern Cars
Security researchers have discovered alarming new firmware for the popular Flipper Zero device that can completely bypass the rolling code security systems protecting millions of modern vehicles. The breakthrough attack, demonstrated by YouTube channel Talking Sasquatch, represents a significant escalation in automotive cybersecurity threats, requiring only a single intercepted signal to compromise a vehicle’s entire…
-
Black Hat 2025 Recap: A look at new offerings announced at the show
Tags: access, ai, api, application-security, automation, chatgpt, cisco, cloud, compliance, control, crowdstrike, dark-web, data, detection, google, governance, group, identity, intelligence, LLM, malware, microsoft, monitoring, network, openai, password, risk, saas, service, soc, software, threat, tool, vulnerability, zero-trustSnyk secures AI from inception: Snyk’s new platform capability, Secure at Inception, includes real-time security scanning that begins at the moment of code generation or execution. It offers visibility into generative AI, agentic, and model context protocol (MCP) components in software, and also features a new, experimental scanner for detecting AI-specific MCP vulnerabilities.Secure AI Inception…
-
US confirms takedown of BlackSuit ransomware gang that racked up $370 million in ransoms
Two weeks ago, the ransomware gang’s darknet extortion sites were seized in an operation involving police from more than nine countries including Germany, France and the United Kingdom. First seen on therecord.media Jump to article: therecord.media/us-confirms-blacksuit-takedown
-
Hacking group D4rk4rmy claimed the hack of Monte-Carlo Société des Bains de Mer
The cybercrime D4rk4rmy added the Monte-Carlo Société des Bains de Mer to the list of victims on its Tor dark web leak site. The cybercrime group D4rk4rmy claimed the hack of Monte-Carlo Société des Bains de Mer (SBM). The company is Monaco’s premier luxury hospitality group, established in 1863. It operates iconic properties like the…
-
10 Best Dark Web Monitoring Tools in 2025
Choosing the right dark web monitoring tool is a critical decision for both individuals and organizations seeking to protect their digital assets and identity. With the dark web serving as a hub for illegal data trading, from leaked credentials to intellectual property, a robust monitoring solution is essential for proactive defense. The best tool for…
-
Qilin Ransomware Gains Momentum with Legal Assistance Option for Affiliates
The Qilin ransomware gang has introduced a >>Call Lawyer>legal department
-
Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims
A newly emerged ransomware-as-a-service (RaaS) gang called Chaos is likely made up of former members of the BlackSuit crew, as the latter’s dark web infrastructure has been the subject of a law enforcement seizure.Chaos, which sprang forth in February 2025, is the latest entrant in the ransomware landscape to conduct big-game hunting and double extortion…
-
Lionishackers Exfiltrate Sensitive Corporate Databases for Sale on the Dark Web
Outpost24’s threat intelligence researchers have uncovered the operations of Lionishackers, a financially motivated cyber threat actor specializing in the exfiltration and illicit sale of corporate databases. This group employs an opportunistic approach to target selection, with a notable preference for entities in Asian countries such as Thailand, Syria, and India. While primarily driven by profit,…
-
Leak Zone Dark Web Forum Breach Exposes 22 Million User IPs and Locations
A significant data breach has exposed sensitive information about users of Leakzone, a prominent dark web forum known for trading hacking tools and compromised accounts. Security firm UpGuard discovered an unprotected Elasticsearch database containing approximately 22 million web request records, revealing user IP addresses, geographical locations, and internet service provider details from visitors to the…
-
Security Affairs newsletter Round 534 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Law enforcement operations seized BlackSuit ransomware gang’s darknet sites Arizona woman sentenced for aiding North Korea…
-
Law enforcement operations seized BlackSuit ransomware gang’s darknet sites
An international law enforcement operation seized the dark web data leak site of the BlackSuit ransomware group. A banner on the BlackSuit ransomware group’s TOR data leak sites informs visitors that they were seized by U.S. Homeland Security Investigations in a global law enforcement operation. The notice features logos of 17 law enforcement agencies and…
-
After BlackSuit is taken down, new ransomware group Chaos emerges
As BlackSuit’s dark web site goes dark, Chaos is already around to pick up the slack. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/after-blacksuit-is-taken-down-new-ransomware-group-chaos-emerges/
-
BreachForums Resurfaces on Original Dark Web (.onion) Address
BreachForums resurfaces on its original .onion domain amid law enforcement crackdowns, raising questions about its admin, safety and future. First seen on hackread.com Jump to article: hackread.com/breachforums-resurface-original-dark-web-onion-address/
-
Operation Checkmate: BlackSuit Ransomware’s Dark Web Domains Seized
International law enforcement agencies, including the FBI and Europol, have successfully seized the infrastructure of the notorious BlackSuit ransomware gang in Operation Checkmate. This article details the takedown, BlackSuit’s origins, and the ongoing fight against evolving cyber threats. First seen on hackread.com Jump to article: hackread.com/operation-checkmate-dark-web-blacksuit-ransomware-seized/