Important: BreachAware does not operate under any other brand name and will never provide unauthorised access to compromised credentials. We ask our users to beware of illegitimate websites imitating BreachAware.

Global News Feed

POPULAR CYBERSECURITY PUBLICATIONS
2023-01-18 15:04:00 UTC
Dark Reading
Dark Reading
New Coalfire Report Reveals CISOs Rising Influence
2023-01-18 15:00:00 UTC
Dark Reading
Dark Reading
Cybersecurity and the Myth of Quiet Quitting

People are working harder than ever, but they're not happy about it — and the insider threat is all too real.

2023-01-18 14:50:00 UTC
Dark Reading
Dark Reading
Lares Research Highlights Top 5 Penetration Test Findings From 2022

Range of Addressable Concerns Includes "Brute Forcing Accounts with Weak Passwords" and "Excessive File System Permissions."

2023-01-18 10:55:00 UTC
HackRead
HackRead
Hack the Pentagon 3.0: Groundbreaking Bug Bounty Program Is Back

By Habiba Rashid

The US military seeks public help in securing its critical cyber infrastructure with "Hack the Pentagon 3.0" bug bounty program.

This is a post from HackRead.com Read the original post: Hack the Pentagon 3.0: Groundbreaking Bug Bounty Program Is Back

Security Bug Bounty Cyber Security Ethical Hacking Hack The Pentagon Hacking Military Security
2023-01-18 02:30:00 UTC
Krebs on Security
Krebs on Security
Thinking of Hiring or Running a Booter Service? Think Again.

Most people who operate DDoS-for-hire services attempt to hide their true identities and location. Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. But until recently, their biggest concern wasn’t avoiding capture or shutdown by the feds: It was minimizing harassment from unhappy customers or victims, and insulating themselves against incessant attacks from competing DDoS-for-hire services.

And then there are booter store operators like John Dobbs, a 32-year-old computer science graduate student living in Honolulu, Hawaii. For at least a decade until late last year, Dobbs openly operated IPStresser[.]com, a popular and powerful attack-for-hire service that he registered with the state of Hawaii using his real name and address. Likewise, the domain was registered in Dobbs’s name and hometown in Pennsylvania.

The only work experience Dobbs listed on his resume was as a freelance developer from 2013 to the present day. Dobbs’s resume doesn’t name his booter service, but in it he brags about maintaining websites with half a million page views daily, and “designing server deployments for performance, high-availability and security.”

In December 2022, the U.S. Department of Justice seized Dobbs’s IPStresser website and charged him with one count of aiding and abetting computer intrusions. Prosecutors say his service attracted more than two million registered users, and was responsible for launching a staggering 30 million distinct DDoS attacks.

DDoS-for-Hire Ne'er-Do-Well News Allison Nixon Booter Services Ddos-for-hire IPStresser John Dobbs Matthew Gatrel Stresser Services Unit 221B
2023-01-18 01:00:00 UTC
Dark Reading
Dark Reading
Okta Expands No-Code Offerings for Identity Cloud

With Actions Integrations, Okta is expanding its no-code offerings to help administrators manage and customize their identity workflow.

2023-01-17 22:08:00 UTC
Dark Reading
Dark Reading
Initial Access Broker Market Booms, Posing Growing Threat to Enterprises

A rapid increase in the number of operators in the space — the "locksmiths" of the cyber underground — has made it substantially cheaper for cybercriminals to buy access to target networks.

2023-01-17 21:45:00 UTC
Dark Reading
Dark Reading
Secrets Rotation Recommended After CircleCI Security Incident

Companies are being urged to update 0Auth, runner, and project API tokens, along with other secrets stashed with CircleCI.

2023-01-17 19:03:00 UTC
Dark Reading
Dark Reading
VIPRE Security Group Launches New Endpoint Detection and Response (EDR) Technology Built for SMEs

VIPRE Endpoint Detection & Response (EDR) delivers streamlined, sophisticated, high-performing cloud-based EDR management in a single, easy-to-navigate console.

2023-01-17 19:00:00 UTC
Dark Reading
Dark Reading
Unpatched Zoho MangeEngine Products Under Active Cyberattack

The latest critical bug is exploitable in dozens of ManageEngine products and exposes systems to catastrophic risks, researchers warn.

BreachAware Insight

THE LATEST CURATED INTEL FROM OUR RESEARCH CENTRE
BreachAware Podcast

Listen to our podcast, where Andrew, the visionary CEO of BreachAware, sits down with unsung heroes of the cyber security industry. Get ready to uncover the stories and insights of industry trailblazers you might not have heard of before, as they share their experiences, opinions, and insider intel. But beware, it's not all serious talk—expect a healthy dose of humour (and the odd cussing) sprinkled throughout the conversation.

Amazon Music Apple Podcasts Spotify Podcast BreachAware YouTube Channel

Point of View

OUR TAKE ON TRENDING STORIES

Weekly Summary

SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES