Total Tests:

Majority of top cybersecurity organizations have leaked data on dark web – report

By Jessica Haworth for The Daily Swig
Tuesday, September 8, 2020

The leaked data was discovered using ImmuniWeb’s machine learning model, and while the company took steps to verify the findings, it cannot be certain that datasets are 100% legitimate without testing them.

Ilia Kolochenko, ImmuniWeb CEO, told The Daily Swig: “For some incidents, there is no technical way to be 100% certain that the incident is real unless you have the full data in your possession and try to exploit the data – an act that may be criminally punishable in many jurisdictions.

“For example, one would need to try to login to an employee’s email with his or her [leaked] password or to try running an SQL injection on a production website to get 100% certainty.”

Despite these caveats, however, Kolochenko said there are a “myriad of interrelated indicators that can reliably validate almost 99% authenticity of an incident”.

These indicators include if the data related to a publicly announced breach, the dark web seller’s reputation, and whether the leak has been verified by an independent broker. Read Full Article


Previous Media Publications:

Infosecurity Magazine: Cybersecurity Companies Expose Sensitive Data Online

BCS, The Chartered Institute for IT: Gone phishing: How COVID-19 has extended the security battlefield

Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential