In this blog and video a Cyberint cybersecurity expert explains how the ‘dark web’ operates and shows real live examples of actors and their criminal activity. Learn how to access the dark web and what are some of the most common behaviors that companies should be watching out for.

In 2022 & 2023 Western government agencies have managed to take down multiple prominent dark web forums such as RaidForums in April 2022, BreachedForums in March 2023, and Genesis Marketplace in April 2023. This might make threat actors in the West feel less confident in initiating activities on such monitored platforms and could shift their focus to Chinese-speaking forums.

It’s time to broaden our conception of the external attack surface to include all common attack vectors. Traditionally, the external attack surface is thought of as all of an organization’s external IT assets: domains, addresses, web servers, SSL certificates, externally-visible software, and so on.

Supply chain attacks are a growing and increasingly sophisticated form of cyber threat. They target the complex network of relationships between organizations and their suppliers, vendors, and third-party service providers. These attacks exploit vulnerabilities that emerge due to the interconnected nature of digital supply chains, which often span multiple organizations, systems, and geographies.

Cyber attacks can have a significant impact on point-of-sale (POS) services, which are used in retail environments to process transactions and collect payments from customers. POS systems typically involve the use of software, hardware, and network components, which can be vulnerable to a variety of cyber threats. A successful campaign targeting POS systems can result in credit card theft, transaction tampering, service disruption, brand damage and other severe organizational damage.

Since the beginning of the year, we have witnessed the success of numerous operations by law authorities worldwide in the war against cybercrime. Totaling 120 arrests from Hive shutdown, Pompompurin’s arrest, BreachForums Shutdown, and now Genesis market, it seems that law authorities are managing to hunt some high-profile threat actors worldwide. These arrests are only possible due to corporation between several government agencies worldwide.

The first quarter of 2023 was the best quarter we’ve seen for the ransomware industry in a long time, even exceeding Q1 2022. With 831 victims, Q1 2023’s victim count was much higher than the first quarter of 2022, with just 763 victims. Unsurprisingly, LockBit3.0 remained the number one group claiming an average of around 23 victims per week and almost 33% of all ransomware cases this quarter.