This report compiles information gained by the Trustwave SpiderLabs who maintain a presence in some of the more prominent recess of the online criminal underground. The provide information on the dark web’s code of honor, reputation systems, job market, and techniques used by cybercriminals to hide their tracks from law enforcement.

This report takes a look at how Russia’s nationalism along with new internet laws are fueling Russian cybercrime.

A necessary pillar of an effective cyber defense strategy is the capability to detect and mitigate threats at the earliest stages of the cyber kill chain. While internal and perimeter security solutions are critical to your security program, external threat intelligence gives you the ability to defend forward by eliminating threats outside the wire. This ebook is designed to provide a framework for security professionals on how to conduct effective external threat hunting on the dark web.

This technical whitepaper explains the challenges cybersecurity professionals face, how they’re prioritizing vulnerabilities today and how they can dramatically improve cyber risk management with Predictive Prioritization – the process of re-prioritizing vulnerabilities based on the probability that they will be leveraged in an attack.

20 Leading CISO’s from the healthcare industry offer their perspective on evolving cyberattacks, ransomware & the biggest concerns to their organizations.

To shine a light on the availability of SSL/TLS certificates on the dark web, the Evidence-based Cybersecurity Research Group at the Andrew Young School of Policy Studies at Georgia State University and the University of Surrey spearheaded a research program, sponsored by Venafi. This report details the preliminary findings of the research and outlines the volume of SSL/TLS certificates for sale on the dark web, including information on how they are packaged and sold to attackers. These certificates can be used to eavesdrop on sensitive communications, spoof websites, trick consumers and steal data. The long-term goal of this research is to gain a more thorough understanding of the role SSL/TLS certificates play in the economy of the dark web as well as how they are being used by attackers.

This e-book provides a practical guide for security teams to “unlock” the power of intelligence.

This report offers insight into the need for a cyber risk ratings system.

This report offers an inside look into how accounts are hacked and taken over.

From the report, “On November 26th, Slovakian Anonymous leader ‘Abaddon’ posted in the deep web message board ‘Hidden Answers’, looking to recruit accomplices for an operation targeting NATO and EU websites. The proposed attacks would potentially arrive by means of XSS (cross-site scripting), SQL injection, or a combination of both. And by DDoS (distributed denial of service), a type of attack that is intended to make an online resource unavailable to its legitimate users by overwhelming it with traffic. It is not yet clear what the motives for the operation are, or what the official name will be.”

This report seeks to review the dramatic changes that took place in the banking industry in 2018, and lay out a strategy for those institutions in 2019.

This report offers insight into forged documents online. And how they are traded and used to commit identity fraud or evade authorities.

This report offers insight into digital threat intelligence management.

This report offers insight into global threats that occur during the Holiday shopping season.

In this report, IntSights looks to identify which mobile platforms are gaining traction and may be the future backbone of the illegal cyber-economy. The data in this report will help you understand how dark web communication is changing with mobile adoption and how this impacts the way security teams monitor dark web activity. By reading this report, security teams can better prepare for this shift and be better resourced to evolve with it

In this research report, IntSights and Riskified will show the scope and severity of the current threat and fraud landscape for retailers. We will share key research findings and common examples of retail fraud and show how fraudsters commonly target retailers using their digital assets and the dark web. Additionally, we will explore the latest threats to the retail sector, such as tools, techniques and real-life examples, and we will close with our predictions for 2019.

From the report, “From the start of 2017 through the first half of 2018, cybercrime groups have generated billions of dollars worth of profit and have caused gross losses of more than $1 trillion to the markets because of their attacks, according to the World Economic Forum1. Over the past year, we have seen a surge in attempts to attack banks across both existing and new vectors, including targeting major bank transfer platforms (such as SWIFT), phishing emails and phishing websites to steal credentials (targeting both customers and employees), mobile malware and fake mobile applications, ATM scamming methods, ATM and PoS (Point of Sale) attacks, DDoS campaigns and attacks against e-banking interfaces.”

In this research report, they uncover the Dark Side of Asia to provide you with an inside look into key trends, laws, motivations and threat actors of the increasingly threatening Asian Internet community.

IntSights provides the industry’s most comprehensive view into internal and external threats facing the Gaming and Leisure industry. This report will demonstrate and classify threats that are actively underway, or being planned. This will enable security teams to better resource and fortify their infrastructure against attacks.

Mention the dark web and many people summon imagery of a massive, mysterious online criminal underground, where all manner of products and information are bought, sold, and traded, hidden away from the prying eyes of the public and law enforcement. But is that really what it’s like, or is that just cybersecurity marketing hype?

From the report, “As the report that follows describes, SophosLabs has been observing a small but growing number of criminals forced to resort to a variety of manual hacking techniques – previously the purview of esoteric, targeted attackers – just to maintain their dishonorable income streams. The downside is that it’s much more challenging to halt these hybridized threats using conventional methods, but it also means there are fewer criminals competent enough to conduct them, and we keep driving up the cost of their operations. It’s a Darwinian process, and the sort of shift in attacker/defender economics we’ve been striving to achieve for a long time. We consider that a victory, and the start of a trend of attacker disruption that we intend to continue driving.”