The online cybercrime marketplace, Russian Market, has evolved from selling Remote Desktop Protocol (RDP) access to becoming one of the most active underground hubs for information-stealing malware logs, where stolen user credentials are traded daily.
Each compromised login represents a potential gateway into corporate systems, enabling threat actors to launch credential-based attacks that put businesses, governments, and individuals at risk of account compromise and follow-on cyberattacks. Notably, several high-profile breaches have been traced back to credentials purchased on marketplaces like Russian Market—demonstrating how a single exposed password can lead to significant data loss, financial damage, and reputational harm.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- LibSSH Flaw Allows Hackers to Take Over Servers Without Password
October 16, 2018
A four-year-old severe vulnerability has been discovered in the Secure Shell (SSH) implementation library known as Libssh that could allow anyone to completely bypass authentication and gain unfettered administrative control over a vulnerable server without requiring a password. The security vulnerability, tracked as CVE-2018-10933, is an authentication-bypass issue that was introduced in Libssh version 0.6 released earlier 2014, leaving ...
- Security researchers find solid evidence linking Industroyer to NotPetya
October 11, 2018
Malware analysts from Slovak cyber-security firm ESET have found substantial evidence that links cyber-attacks performed against Ukraine’s power grid to the same group behind the NotPetya ransomware outbreak of June 2017. The link is not a direct one, but through a third malware strain that was spotted in an unrelated hacking operation in April this year. Researchers ...
- New Drupalgeddon Attacks Enlist Shellbot to Open Backdoors
October 11, 2018
Drupalgeddon 2.0 vulnerability is being exploited again by attackers using a time-honored technique of Shellbot, or PerlBot. Researchers are warning of a new wave of cyberattacks targeting unpatched Drupal websites that are vulnerable to Drupalgeddon 2.0. What’s unique about this latest series of attacks is that adversaries are using PowerBot malware, an IRC-controlled bot also called ...
- Innovative Phishing Tactic Makes Inroads Using Azure Blob
October 10, 2018
A brand-new approach to harvesting credentials hinges on users’ lack of cloud savvy. A fresh tactic for phishing Office 365 users employs credential-harvesting forms hosted on Azure Blob storage – signed with legitimate Microsoft SSL certificates to lend an air of legitimacy. Azure Blob Storage is a cloud storage solution for hosting unstructured data such as images, ...
- Over nine million cameras and DVRs open to APTs, botnet herders, and voyeurs
October 9, 2018
Millions of security cameras, DVRs, and NVRs contain vulnerabilities that can allow a remote attacker to take over devices with little effort, security researchers have revealed today. All vulnerable devices have been manufactured by Hangzhou Xiongmai Technology Co., Ltd.(Xiongmai hereinafter), a Chinese company based in the city of Hangzhou. But end users won’t be able to tell that ...
- PoC Attack Escalates MikroTik Router Bug to ‘As Bad As It Gets’
October 7, 2018
A new hacking technique used against vulnerable MikroTik routers gives attackers the ability to execute remote code on affected devices. The technique is yet another security blow against the MikroTik router family. Previous hacks have left the routers open to device failures, cyptojacking and network eavesdropping. The hacking technique, found by Tenable Research and outlined on ...