

Ilia Kolochenko
Founder and CEOfeature_status*/ ?>
ImmuniWeb
Comments Dotted :
54
November 23, 2020
At ImmuniWeb, we have started to see proposals on the Dark Web related to implementation and maintenance of Machine Learning models.
Cybercriminals have been leveraging Machine Learning (ML) and Artificial Intelligence (AI) for years already. Thanks to the growing abundance of different Machine Learning frameworks and data processing available at a very affordable price, Machine Learning has become omnipresent and easily accessible even to small cyber gangs.
At ImmuniWeb, we have started to see proposals on the Dark Web related to implementation and maintenance of Machine Learning models for a wide spectrum of criminal.....Read More

August 12, 2020
The volume of personal data available in web forums is huge.
Combined with the peak of summer holidays and Covid-19 disruption, this vulnerability may have quite disastrous and long-lasting consequences compared to similar ones disclosed in the past. The volume of personal data available in web forums is huge. Attackers will launch large-scale and automated hacking campaigns to later run password re-use and identity theft attacks, and extort money from those victims whose sensitive data was exposed in the forum’s private messages for example.
Worse,.....Read More

July 29, 2020
Less sophisticated gangs may use black SEO or even lawful DMCA takedown requests to make legitimate websites disappear from Google.
The situation we observe at ImmuniWeb is largely exacerbated by SMBs' insecure websites. Frequently, fraudsters swiftly take control of outdated WordPress or Drupal websites, and modify phone numbers and email addresses listed there. Then it becomes virtually impossible to recognize the fraud for would-be lenders. Worse, such security incidents maybe later assigned to the victimized business owners as a negligent failure to protect their business, making them liable for fraudulent transactions.....Read More

July 13, 2020
The statements made by the intruders should be thoroughly investigated and assessed prior to making any conclusions.
Cybercriminals are increasingly targeting MSPs and trusted third-parties including cybersecurity companies as recently highlighted by the US Secret Service. Modern cyber gangs prefer the indirect approach to frontal attacks given that it is usually faster, easier and much less risky.
This specific case, however, seems to be a personal revenge incident primarily directed to damage reputation of the allegedly breached cybersecurity firm. The statements made by the intruders should be thoroughly.....Read More

June 22, 2020
The eventual outcome of this leak will likely have disastrous effects for many innocent people.
The eventual outcome of this leak will likely have disastrous effects for many innocent people. First, it will likely inflict irreparable reputational, financial and even physical harm to suspects and people charged with crimes who later were acquitted in a court of law.
Furthermore, it will jeopardize legally protected people, like witnesses, who helped investigators convict dangerous criminals. The disclosure will now literally cause the death of the witnesses if their identity is revealed.....Read More

June 22, 2020
Large scale phishing campaigns is a matter of daily routine.
Large scale phishing campaigns is a matter of daily routine. Some of them involve 0day vulnerabilities, or very recent and not yet patched vulnerabilities, while most of them have carefully selected contacts stolen from various sources or purchased on the Dark Web. There, you have readily available contacts of hundreds of millions of people available for sale, including recent law enforcement databases and governmental resources. Five millions contacts can be located in one day with a web.....Read More

June 18, 2020
These attacks are particularly dangerous because they aptly leverage inherent human weaknesses.
Financially motivated cyber gangs and nation-state threat actors have been successfully exploiting HR for many years to steal valuable trade secrets and conduct economic espionage. These attacks are particularly dangerous because they aptly leverage inherent human weaknesses.
Often, you don’t even need any hacking but to stumble upon a talkative or disgruntled employee who will readily share a great wealth of confidential information either unwittingly or maliciously.
Amid the pandemic, the .....Read More

June 09, 2020
It is nonetheless perfectly possible to identify the “heart and the brain” of the system.
Modern enterprises are characterized by a skyrocketing complexity of their IT infrastructure that may be dispersed across a hundred of countries and maintained by thousands of third parties. On one side, this makes organizations extremely vulnerable and susceptible to cyber-attacks such as ransomware, which exploit shadow IT devices, unprotected cloud and abandoned servers as an entry point into their victim’s premises. On the other side, however, this convoluted intricacy makes global attack .....Read More

June 03, 2020
Organizations have limited visibility of their 'attack surface', including corporate data.
An Interesting trend that one may observe in today's cybercrime landscape are fake threats to publish allegedly stolen data. Many organizations, whose business largely depends on its reputation, are well prepared to pay a fortune to avoid negative publicity.
Another relatively new but rapidly growing scenario is exaggeration of nature or value of data stolen and encrypted by a ransomware. Organizations have limited visibility of their 'attack surface', including corporate data which is.....Read More

May 28, 2020
Many young people were earning their living by doing some ad hoc programming and other IT work.
I think it’s a false plummet that substantially stems from a rapid proliferation of amateur and unskilled cybercriminals. Many young people were earning their living by doing some ad hoc programming and other IT work. With the pandemic, demand for their services crashed, leaving them without a choice but to join the dark side. Unsurprisingly, their cheap services are often of substandard quality, while when dealing with goods such as credit cards you will likely pay for blocked or expired.....Read More
