Dark Web

Uber paid $100,000 to a Florida man to keep quiet about the theft of its customer data. The repercussions could damage the reputation of bounty programs, experts warn.

Podcast: will Uber’s Florida Man Problem chill Bug Bounties?

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn our latest podcast: the ride sharing firm Uber finds itself on the wrong side of a Florida Man story after paying $100,000 in hush money to a man from The Sunshine State who stole information on 57 million Uber customers. We speak with Katie Moussouris about how the company’s actions could affect the future of the young vulnerability disclosure industry. Also: with BitCoins trading for $16,000 each, Wandera researcher Dan Cuddeford joins us to talk about mobile crypto-jacking schemes that hijack mobile devices to mine crypto currencies. And we invite Alan Brill of the firm Kroll back to discuss recent House of Representatives hearings on the future of authentication in an age of rampant data sharing and data theft.

The tactics of cyber criminal hacking crews are indistinguishable from those of sophisticated, state sponsored "advanced persistent threat" groups, the firm FireEye said in its most recent M-Trends report.

Dark Markets do it better, surveying the Phishing underground and dissecting a Fancy Bear attack

In episode 69 of The Security Ledger podcast, we speak with Luca Allodi of The University of Eindhoven in The Netherlands about research on the functioning of dark markets. Also: DUO Security researched the trade in phishing toolkits – you’ll be surprised at what they learned. And we deconstruct a campaign against the citizen journalism website Bellingcat.com to understand how the Russian Group known as Fancy Bear works.