A quick glimpse of operations on the dark web. “'Fullz' is a slang term used by cybercriminals trading in stolen data," Barracuda’s Tony Burgess writes. "It refers to data packages that contain full sets of data needed to steal someone’s identity ..." [3 min. read] https://bryl.link/13h #cybersecurity #stolendata
#StolenData
(trustwave.com) Babuk2 Bjorka: The Evolution of Ransomware for 'Data Commoditization'
I have long awaited the moment when RaaS-operators and the ecosystem surrounding it would start to really dig through the data and find the juicy bits.
I know that Ransomhub have been quite good at making the data browsable but perhaps this "new" group is spearheading a new modus or trend.
Short Summary:
Trustwave SpiderLabs has uncovered a significant evolution in ransomware operations through their investigation of the apparent revival of the Babuk ransomware group. Rather than finding a traditional ransomware operation, they discovered a sophisticated threat actor named Bjorka who has transformed the ransomware model into an industrial-scale data commoditization enterprise. Bjorka is recycling previously leaked data from other ransomware groups and selling it through multiple platforms while impersonating the Babuk brand (as Babuk2).
🧵 …AI needs slavery to classify stolen data:
«Labelers training AI say they're overworked, underpaid and exploited by big American tech companies:
[…] Like modern day slavery, says Nerima Wako-Ojiwa, a Kenyan civil rights activist, because big American tech companies come here and advertise the jobs as a ticket to the future. But really, she says, it's exploitation. […]»
#ai #america #kenya #africa #slavery #us #usa #overwork #stolendata #expoitation
BreachForums Reappears After Law Enforcement Seizure
Date: May 28, 2024
CVE: N/A
Vulnerability Type: Data Breach
CWE: N.A.
Sources: cybersecuritynews.com Dark Web Informer
Issue Summary
BreachForums, a notorious platform for trading stolen data, has resurfaced after being seized by the FBI and international law enforcement on May 15, 2024. The site, which had previously facilitated the sale of stolen personal and corporate data, was taken down as part of a coordinated effort to combat cybercrime. Despite the seizure and arrest of key operators, the forum quickly re-emerged, causing significant concern among cybersecurity professionals.
Technical Key Findings
BreachForums operated by allowing cybercriminals to buy, sell, and trade stolen data, including personal details, financial records, and login credentials. The FBI's seizure involved taking control of the site's servers and backend data, potentially exposing the identities of forum users through collected IP addresses, email addresses, and private messages. The forum primarily targeted data from various sectors, including personal user information, corporate data, and government-related data breaches. Specific recent breaches involved data from Europol and Dell.
Impact Assessment
The re-emergence of BreachForums indicates a persistent threat to data security, with potential increases in data breaches and the dissemination of stolen information.
Patches or Workaround
N.A.
Tags
#DataBreach #Cybercrime #BreachForums #StolenData #FBI #CyberSecurity #DataProtection #Europol
AI is stolen public data, AI is not ownable as a product, its use must be regulated as a public good, a public utility, owned both cooperatively and as a regulated utility.
AI is theft only if AI is owned privately. End the pretence of AI ownership.
Like "owning" the wallet of Batman's father, or "discovering" America.
20M User Data Breach Reported by #PeopleConnect
Data for 20.22 million potential #TruthFinder and #InstantCheckmate users breached.
https://www.cysecurity.news/2023/02/20m-user-data-breach-reported-by.html
#DataBreach #Breach #StolenData #BackgroundChecks
#LockBit gang claims it stole data from French Ministry of Justice. #LockBit is threatening to leak stolen documents, but the ransomware gang has a reputation for crying wolf.
https://www.zdnet.com/article/french-officials-investigating-lockbit-claim-of-ransomware-attack/#ftag=RSSbaffb68
#France #security #stolendata
Japanese Aerospace Firm Kawasaki Warns of Data Breach - The Japanese aerospace manufacturer said that starting in June, overseas unauthorized access to it... https://threatpost.com/japanese-aerospace-firm-kawasaki-warns-of-data-breach/162642/ #kawasakiheavyindustries #compromiseddata #customerdata #databreach #stolendata #kawasaki #breach #hacks
PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers - Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently... https://threatpost.com/please_read_me-ransomware-mysql-servers/162136/ #ransomwareextortion #vulnerabilities #compromiseddata #please_read_me #cyberattack #ransomware #stolendata #ransom #server #hacks #mysql
Post-Breach, Peatix Data Reportedly Found on Instagram, Telegram - Events application Peatix this week disclosed a data breach, after user account information report... https://threatpost.com/breach-peatix-data-instagram-telegram/161560/ #credentialstuffing #passwordspraying #useraccountdata #phishingattack #websecurity #databreach #stolendata #instagram #telegram #breach #peatix #hacks
Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut - A report on the underground economy finds that malicious actors are offering cloud-based troves of... https://threatpost.com/cybercrime-cloud-accelerate-attacks-data-glut/161243/ #mostrecentthreatlists #undergroundeconomy #cloudacceleration #credentialtheft #cloudsecurity #cloudsoflogs #cyberattacks #monetization #payforaccess #websecurity #cybercrime #databreach #stolendata #trendmicro #datacache #darkweb #breach
Animal Jam Hacked, 46M Records Roam the Dark Web - Animal Jam, just the latest in a string of attacks on gaming apps, has adopted a transparent commu... https://threatpost.com/animal-jam-hack-data-breach/161177/ #gamingattacks #parentemails #websecurity #cyberattack #hackerforum #userrecords #databreach #ransomware #stolendata #animaljam #minecraft #wildworks #kidsgame #password #phishing #darkweb #breach #gaming #hacks #hack
Ragnar Locker Ransomware Gang Takes Out Facebook Ads in Key New Tactic - Following a Nov. 3 ransomware attack against Campari, Ragnar Locker group took out public Facebook... https://threatpost.com/ragnar-locker-ransomware-facebook-ads/161133/ #ransomwareattack #doubleextortion #ragnarlocker #facebookads #ransomware #stolendata #facebook #malware #campari #breach #hacks
$100M Botnet Scheme Lands Cybercriminal 8 Years in Jail - Aleksandr Brovko faces jail time after stealing $100 million worth of personal identifiable inform... https://threatpost.com/100m-botnet-russian-cybercriminal-8-years-jail/160852/ #personalidentifiableinformation #russiancybercriminal #departmentofjustice #vulnerabilities #aleksandrbrovko #hackerjailtime #financialdata #stolendata #malware #darkweb #botnet #hacker #hacks #hack #pii
‘Copyright Violation’ Notices Lead to Facebook 2FA Bypass - Fraudulent Facebook messages allege copyright infringement and threaten to take down pages, unless... https://threatpost.com/copyright-violation-facebook-2fa-bypass/160690/ #copyrightviolationemail #twofactorauthentication #copyrightviolation #phishingemail #websecurity #credentials #stolendata #2fabreach #2fabypass #facebook #phishing #2facode #scam #2fa
Stolen data of company that refused REvil ransom payment now on sale - A comment from one buyer of data purportedly from Brooks International: "It even has credit card n... more: https://nakedsecurity.sophos.com/2020/03/23/stolen-data-of-company-that-refused-revil-ransom-payment-now-on-sale/ #brooksinternational #securitythreats #hackingforums #ransomware #sodinokibi #stolendata #gandcrab #malware #revil #sodin #raas
FBI seizes credentials-for-sale site WeLeakInfo.com - The FBI has seized the domain for WeLeakInfo.com, a site that sold breached data records, after a ... more: https://nakedsecurity.sophos.com/2020/01/20/fbi-seizes-credentials-for-sale-site-weleakinfo-com/ #credentials-for-sale #stolencredentials #securitythreats #northernireland #weleakinfo.com #netherlands #databreach #stolendata #law&order #dataloss #dataleak #fbi #uk #us
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst