As we approach the end of 2019, we wanted to share some of the most popular security trends and blogs from this year that we saw on our blog. Thanks to all of our loyal readers for tuning in each week to check out the latest stories in the threat intelligence and digital risk space.
Dark Web and Cybercrime Stories
By far the most popular blogs from 2019 pertained to cybercrime and the deep and dark web. With a lot of FUD concerning the dark web, this does not come as a surprise. Our dedicated team of experts who monitor dark web sources for our clients shared some of the more interesting findings on our blog this year.
This included stories around reader favorites such as thedarkoverlord (TDO), the forums Exploit and XSS, Black Friday deals we found on the dark web, cybercriminal credit card stores, and more.
And at the end of this year, we also released some in-depth research into dark web and cybercriminal forums’ continued popularity despite law-enforcement takedowns and the emergence of more efficient and secure alternatives.
Since the dark web continued to be a request for our blog, we decided to also write a few guides for our readers who want to learn more about dark web monitoring for their businesses. Check it out here:
For more of our favorite dark web and cybercrime reads from 2019, check out these blogs:
- Forums are Forever Series: Part 1, Part 2, Part 3
- Understanding the Different Cybercriminal Platforms: AVCs, Marketplaces, and Forums
- Fresh blow for dark web markets: Nightmare market in disarray
- Black Friday Deals on the Dark Web
- Probiv: The missing pieces to a cybercriminal’s puzzle
- DarkMarket’s Feminist Flight Towards Equality and the Curious Case of Canaries
- Cybercriminal credit card stores: Is Brian out of the club?
Typosquatting takes many forms. From sites which redirect traffic to malicious domains to cloned websites that impersonate popular brands. Surprisingly, typosquatting can be just as much of an issue on the dark web as it is on the clear web. Our research in 2019 highlighted typosquatting campaigns targeting prominent candidates in the 2020 US Presidential Election and Facebook’s recently announced cryptocurrency Libra. We also discovered multiple cases of cybercriminals even targeting each other with .onion domains impersonating popular dark web forums and marketplaces.
Examples of redirect typosquats detected around the 2020 US Presidential election
For some of our top typosquatting research from 2019, check out these blogs:
- Facebook’s Libra Cryptocurrency: Cybercriminals tipping the scales in their favor
- Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground
- Dark Web Typosquatting: Scammers v Tor
Breaches and Data Exposure
Just like last year, data breaches and exposures continued to be a major issue for companies of all sizes and across all sectors. In our 2019 research Too Much Information: The Sequel we identified over 2.3 billion files being made publicly available by misconfigured and non-secured technologies used to store this data such as Amazon S3 buckets, Server Message Block (SMB), File Transfer Protocol (FTP) and rsync servers, as well as network-attached storage drives-a huge jump from our 2018 research, which identified 1.5 billion files. European countries collectively exposed the highest number of files (1 billion!), with another 400 million coming from the Asia-Pacific region and 590 million from across the Americas. Even with new legislation like the EU’s GDPR and California’s CCPA, data exposure is growing year after year.
Findings from Too Much Information: The Sequel
For some of our top data breach and exposure research from 2019, check out these blogs:
- 3 billion files exposed across online file storage technologies
- Leaky SMB File Shares – So Many Bytes!
- Capital One Breach: What we know and what you can do
Looking Ahead to 2020
Finally, if you’re interested in forecasts for 2020 within cybersecurity, check out our new blog: 2020 Cybersecurity Forecasts: 5 trends and predictions for the new year
More to come in 2020, so don’t forget to stay in touch and subscribe to our threat intelligence emails below!