One Second Analysis Followup: Credentials Posted to Pastebin

As a followup to last week’s post regarding the number of stolen account credentials that show up on Pastebin daily, I’ve collected enough data to get a more accurate picture of the posting rate. As a reminder, here was the first day’s data: Start time: 20171113 2100UTC Credentials parsed to date: 792,488 Clean (unproblematic) credentials: 734,807 Unique clean credentials: 475,653 Credentials parsed to date: I’ve had a homebrew pastebin scraper analyzing new pastes, watching for email addresses, for a while now. [Read more...]

How To: Building A Dark Web Scraper

In a previous post, I demonstrated a way to run Linux command-line tools through Tor. Let’s take it a step further, and come up with a way to scrape sites on the dark web. This will allow us to hunt for mentions of various pieces of information we may want to be alerted to, such as the presence of company names, email addresses, etc. We’re going to need some code. [Read more...]

How To: Get Started In Cybersecurity

Cybersecurity is a broad field that encompasses many disciplines. So broad, in fact, that no one person can master everything. Where do you start? Where to start First and foremost, you’ll need a solid understanding of computer and network fundamentals. However, even that is a multi-faceted statement. You’ll need to understand the various components of a computer, and how they all work together at a low level: how the CPU, memory, storage, peripherals, and network connectivity all function as an interconnected whole. [Read more...]