Jump to content
OpenSecurity.global

Leaderboard


Popular Content

Showing content with the highest reputation since 11/06/2019 in all areas

  1. 1 point
    This got more clear with a blog later in the day. https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/
  2. 1 point
    I've just released a new video Matthew Haynes and I put together on exposed RDP servers on the net and how we are seeing people get ransomwared via an initial RDP brute force or cred stuffing vector. Hopefully people find this useful, it's our first collaborative video and was a blast to make!
  3. 1 point
    What solutions exist for dark web monitoring? Both commercial and open-source (regardless of cost). I'd like to monitor for threat detections that may exist in dark web oriented communities by searching for any mentions of a company's name in third-party data breach leaks, dark web search engines, dark web forums, and dark web marketplaces. Money is no issue. For data dumps + credentials (don't shame me for calling these 'dark web' oriented): Have I Been Pwned API WeLeakInfo API DeHashed API SnusBase API For general dark web forums and marketplaces, it seems that commercial solutions are the way to go: DarkOwl RecordedFuture (Kind of) Flashpoint-Intelligence as well I'd like to emphasize on third-party commercial platforms that are capable of monitoring dark web forums, marketplaces, and ideally more community types that I did not mention. I haven't seen any discussions in security communities covering this, and this discussion will help some threat intelligence analysts and leaders somewhere in the world, surely. What other solutions exist for "dark web" monitoring solutions, based around the topics discussed in this post? How does your company monitor for "dark web" threats? Let's get creative!
×
×
  • Create New...

Important Information

We use cookies as we're cookie monsters. Privacy Policy