shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

268
active users

#DarkWeb

1 post1 participant0 posts today

We now know who the prolific hacker “IntelBroker” allegedly is. These court filings always seem like a tutorial on how to be a better cybercriminal: Only accept payment in the most private cryptocurrencies and don’t intermingle personal and online accounts and IP addresses. #Cybercrime #Arrests #BreachForums #Hackers #ShinyHunters #DarkWeb
thecyberexpress.com/british-na

The Cyber Express · British National Alleged to be ‘IntelBroker’ by U.S.By Paul Shread

So, another day, another data breach. This one is the motherload. 16 Billion, with a B, credentials, ie usernames and passwords. Almost all of the data is new, there’s about 200 million records that were known breaches. The breach stretches across providers, operating systems and vendors. It is not from a singular attack, but a compilation of a long exfiltration of data via infostealers and similar.

What does that mean for you? Go change your important passwords, again. Use a password manager. Passkeys are becoming more common, but I haven’t researched them so have no opinion. The ones I’ve seen use biometrics, and my work systems don’t have cameras.

This is a big deal, and you should pay attention to it.

#infosec #passwords #hack #darkweb #16billionrecords

cybernews.com/security/billion

All surveillance technology is bad.

“The surveillance company Flock told employees at an all-hands meeting Friday that its new people search product, Nova, will not include hacked data from the dark web. The announcement comes a little over a week after 404 Media broke the news about internal tension at the company about plans to use breached data, including from a 2021 Park Mobile data break.

Immediately following the all-hands meeting, Flock published details of its decision in a public blog post it says is designed to "correct the record on what Flock Nova actually does and does not do." The company said that following a "lengthy, intentional process" about what data sources it would use and how the product would work, it has decided not to supply customers with dark web data.”

#surveillance #flock #data #people #search #public #tool #darkweb #product #privacy #tech #news
404media.co/flock-decides-not-

404 Media · Flock Decides Not to Use Hacked Data in People Search ToolThe move comes after internal pressure and 404 Media’s reporting.

AIL 6.2 released - Smarter Analysis, Search and Enhanced User Experience

We’re excited to release AIL Framework v6.2, a major update with new features and improved performance. This version makes analysis easier and the overall experience faster and more user-friendly.

Among the highlights are a fully revamped search engine powered by MeiliSearch, improved language detection for short text, local AI-driven image descriptions, and a yara-hunting editor tool.

🔗 ail-project.org/blog/2025/05/2

We implemented a major new feature in the AIL Project that addresses a long-standing issue related to the collection of images or screenshots that may be harmful to analysts (e.g., violent content, CSAM, etc.). The feature allows users to trigger the description of an image before actually viewing it.

The feature will be included in the upcoming release of AIL (version 6.2).

This work is co-funded in the AIPITCH project. We would like to thank Qwen for the open source Qwen2-VL vision-language models which provide an excellent basis for image detection and description while allowing local inferences.

@aipitch @circl @ail_project

Update:

Doesn't appear to be a breach, but, ya know, it's still good security practice to change your password and use 2FA anyway.

Original:

Two-factor your accounts, too, if you haven't!

You should probably change your Steam password: data from over 89 million Steam users is reportedly on the dark web following a vendor breach

vg247.com/steam-vendor-data-br

Have you ever walked into a supermarket, pharmacy, or department store looking to buy a specific item, only to find the layout confusing? Perhaps you ended up aimlessly strolling around, purchasing other items? This is deliberate, and known as the Gruen Transfer. The 'Transfer' part is the moment that you, as a consumer surrounded by a deliberately confusing layout, lose track of your original intentions.
We've all experienced it, and now it's starting to consume the internet. #Internet #GruenTransfer #DarkWeb #WWW #Enshitification

sebs.website/blog/the%20gruen-

sebs.websiteThe Gruen Transfer is consuming the internet<p>The Gruen Transfer is taking over social media. What is it and how can we avoid it?</p>

I had the pleasure of presenting at #FIRSTCTI25 in Berlin:

"The Art of Pivoting – How You Can Discover More from Adversaries with Existing Information."

The talk explored how unconventional indicators, like cookie names, QR codes, HTTP headers (HHHash), DOM structures, and reused Google Analytics IDs, can reveal surprising links across threat actor infrastructure and behavior.

We also shared real-world insights from our crawling and analysis with AIL, including:

  • How “weak” indicators can gain strength through composite correlation
  • Unexpected metadata reuse across Tor services and social platforms
  • How AIL enables more creative and effective pivoting workflows

🔗 Slides ail-project.org/assets/img/sli

#threatintel #threatintelligence #cti #opensource #cybersecurity #darkweb

@misp @ail_project @circl

Thanks to @terrtia for the crazy discussions around correlations!