The online cybercrime marketplace, Russian Market, has evolved from selling Remote Desktop Protocol (RDP) access to becoming one of the most active underground hubs for information-stealing malware logs, where stolen user credentials are traded daily.
Each compromised login represents a potential gateway into corporate systems, enabling threat actors to launch credential-based attacks that put businesses, governments, and individuals at risk of account compromise and follow-on cyberattacks. Notably, several high-profile breaches have been traced back to credentials purchased on marketplaces like Russian Market—demonstrating how a single exposed password can lead to significant data loss, financial damage, and reputational harm.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Critical Linux Flaw Opens the Door to Full Root Access
May 16, 2018
Red Hat has patched a vulnerability affecting the DHCP client packages that shipped with Red Hat Enterprise Linux 6 and 7. A successful exploit could give an attacker root access and full control over enterprise endpoints. According to an alert issued Wednesday from US-CERT, the critical-rated flaw, first reported by Google researcher Felix Wilhelm, would “allow attackers to ...
- Nethammer—Exploiting DRAM Rowhammer Bug Through Network Requests
May 16, 2018
Last week, we reported about the first network-based remote Rowhammer attack, dubbed Throwhammer, which involves the exploitation a known vulnerability in DRAM through network cards using remote direct memory access (RDMA) channels. However, a separate team of security researchers has now demonstrated a second network-based remote Rowhammer technique that can be used to attack systems using uncached memory or ...
- Shadowy Hackers Accidentally Reveal Two Zero-Days to Security Researchers
May 15, 2018
An unidentified hacker group appears to have accidentally exposed two fully-working zero-days when they’ve uploaded a weaponized PDF file to a public malware scanning engine. The zero-days where spotted by security researchers from Slovak antivirus vendor ESET, who reported the issues to Adobe and Microsoft, which in turn, had them patched within two months. Anton Cherepanov, ...
- This malware checks your system temperature to sidestep sandboxing
May 1, 2018
GravityRAT is a Trojan which checks the temperature of a system to detect the presence of virtual machines (VMs) and prevent efforts at analysis by researchers. By taking thermal readings, the Remote Access Trojan (RAT), which has become a recent menace in India, attempts to find out whether or not VMs are being employed for the ...
- Millions of Home Fiber Routers Vulnerable to Complete Takeover
May 1, 2018
Consumers lucky enough to have blazing-fast 1Gbps internet access in their homes are likely to use the internet more than lower-broadband households; however, millions of them are at risk for hackers to gain wide-ranging access to their internet activities (including being able to view full browsing histories). A comprehensive assessment of various GPON home routers by vpnMentor has ...
- How to Steal Bitcoin Wallet Keys (Cold Storage) from Air-Gapped PCs
April 23, 2018
Dr. Mordechai Guri, the head of R&D team at Israel’s Ben Gurion University, who previously demonstrated various methods to steal data from an air-gapped computer, has now published new research named “BeatCoin.” BeatCoin is not a new hacking technique; instead, it’s an experiment wherein the researcher demonstrates how all previously discovered out-of-band communication methods can be ...