Where do we find dark web data source locations?
- Dark Web Chatroom: compromised data discovered in a hidden IRC;
- Hacking Site: compromised data exposed on a hacked Website or data dump site;
- Hidden Theft Forum: compromised data published within a hacking forum or community;
- P2P File Leak: compromised data leaked from a Peer-to-Peer file sharing program or network;
- Social Media Post: compromised data posted on a social media platform;
- C2 Server/Malware: compromised data harvested through botnets or on a command and control (C2) server.
Some of our data is old and includes employees that are no longer working for us. Doesn’t this mean we are not at risk?
While employees may have moved on from your organisation, their company issued credentials can still be active and valid within the 3rd party systems they used while employed. In many cases, the 3rd party systems or databases that have been compromised have been in existence for 10+ years holding millions of “zombie” accounts that can be used to exploit an organisation. Discovery of credentials from legacy employees should be a good reminder to confirm you’ve shut down any active internal and 3rd party accounts that could be used for exploit.