analysis June 24, 2019
New Research: Terbium Labs Uncovers Pervasive Links Between Fraud and Transnational Crime

Terbium Labs investigated the links between payment fraud and serious transnational crime. This research begins to fill a gap in understanding about the use of fraudulent financing in some of the most heinous crimes...

analysis April 17, 2019
Terbium Labs Investigates Dark Web Fraud Guides for an Inside Look on Cyber Crime

With our latest research, Fraud Guides 101: Dark Web Lessons on How to Defraud Companies and Exploit Data, Terbium Labs investigates dark web fraud guides to create a detailed, first-hand account of the illicit...

analysis March 29, 2019
Category Is: Another Data Aggregator Breach

The size of data breaches is only increasing – to the point that data exposure at another lead-gen firm in recent months barely registered in the news because it only exposed 44.3 million individuals....

analysis March 20, 2019
Trends and Projections: Shifting Law Enforcement

For the first post in the Trends and Projections series, we unpack the increased law enforcement attention toward cyber-enabled fraud and the shift in resources allocated to taking down dark web communities trading compromised...

analysis January 24, 2019
Collection #1: Why You Should Care but Not Panic

January is not yet over and 2019 has already brought us the second biggest collection of stolen data in history. Unlike traditional data breaches, Collection #1 is actually a massive collection of smaller credential...

analysis January 08, 2019
New Commodities, New Consequences: Child Data on the Dark Web

In recent years, child data has begun to circulate more regularly in the dark web fraud communities. This data marks the beginning of a new commodity in the criminal economy, with far-reaching consequences.

analysis December 06, 2018
The Year Ahead: Developments in the Dark Web Data Trade

Sensitive data had a very bad year in 2018—and the year isn’t over yet. With the increase of large-scale breaches, what drives the underground economy for data on dark web markets? How will that...

analysis October 08, 2018
The Nine Lives of a Stolen Payment Card

For financial institutions, simply cancelling and issuing a new card will only prevent fraudulent charges on that specific payment card—a canceled card does nothing to stop future fraudulent activity stemming from other compromised cardholder...

analysis October 02, 2018
The Truth About Dark Web Pricing

Asking how much data costs on the dark web is a good question, but the line of inquiry should not end there. In our research of the dark web, Terbium Labs not only examines...

analysis September 24, 2018
Should Companies Try to “Buy Back” Their Stolen Data?

Data is always at risk. Once a data breach occurs, a mad dash to figure out what went wrong soon follows: determine where the vulnerabilities are, where the stolen data is going, and what...

analysis July 18, 2018
Book Review: Into the Web of Profit

Dr. Michael McGuire’s recent book, “Into the Web of Profit: Understanding the Growth of the Cybercrime Economy,” approaches the issue of cybercrime from a new and sorely needed perspective.

analysis July 09, 2018
The Terbium Take: Synthesizing Academia's Insights on Stolen Data

In an industry lacking a shared understanding of or framework for digital assets, we at Terbium Labs appreciate the analytical contributions from the academic and policy communities. In this post, we examine three papers...

analysis June 28, 2018
Shady Business: Commoditization of Data in the Dark Web Economy

Terbium's new report, Shady Business: Commoditization of Data in the Dark Web Economy, examines the underground data trade, investigates the shady business side of dark web operations, and challenges existing ideas about data valuation....

analysis May 30, 2018
How Does the Dark Web Fit into New York State’s New Cyber Risk Regulation?

A new regulation from New York state provides both an opportunity and a challenge for cyber risk management: an opportunity to increase visibility of a cyber security program and the challenge of assessing, measuring,...

analysis January 18, 2018
Excuse Me, Are You Using That Child Tax Credit?

Even with the turmoil taking over the dark web’s major marketplaces earlier this year, fraud vendors have set up new shops just in time for tax season. While many people won’t think about filing...

analysis October 27, 2017
Dark Web Instability: What Happened To All The Markets?

The last few months have not been kind to dark web markets. After a year-long period of relative stability, two major markets went dark in July - and that’s just the beginning. In the...

analysis September 13, 2017
The Equifax Breach, the Dark Web, and the Power of Lifetime Data

Individuals are not the only ones being impacted by the Equifax breach. Companies, whose employees, customers, and executives are among the consumers affected, will be at risk from this breach for a long time...

analysis August 25, 2017
One Month Later: Reactions to the Alphabay and Hansa Takedowns

It's been just over a month since the Alphabay and Hansa market takedowns. How has the dark web community reacted, and what does this mean for the future of the dark web markets?

analysis June 06, 2017
Inside the Dark Web: Fraud Guides

In an effort to further combat the fear, uncertainty, and doubt surrounding the dark web, our new report Inside the Dark Web: Fraud Guides provides a transparent look into this seldom discussed corner of...

analysis May 10, 2017
DiamondFox: New Joint Research from Check Point & Terbium Labs

We recently partnered with researchers at Check Point to investigate the DiamondFox ransomware - an insidious platform wreaking havoc on victims across the world.

analysis March 15, 2017
Excuse Me, Could I Borrow Your W-2?

Tax season is prime time for phishing attacks. While many PII leaks come from malicious attacks, we must also remember the danger inherent in human error.

analysis March 03, 2017
This Week: Rising Fraud, and Cute But Dangerous

This week brings rising payment card fraud levels and a disconcerting data breach that affects hundreds of thousands of children.

analysis February 24, 2017
This Week: Steep Discounts and Limited Loyalty

Verizon gets another discount on the Yahoo deal, and researchers at Carnegie Mellon find the limits to customer loyalty after a bank breach.

analysis February 10, 2017
This Week: Scams "R" Us and Police Database Mischief

This week a toy retailer found evidence of rewards scamming, and the government discovered that password re-use is just a hop-skip-and-a-jump away from a major breach.

analysis February 08, 2017
Dark Web Forums: the Underbelly’s Underbelly

While dark web markets are illicitly alluring, there are conversations in the forgotten forums that could be even bigger threats.

analysis January 27, 2017
This Week: Dark Web Chats and User Error

This week a major dark web market saw thousands of customer details dumped online, while an Australian agency had yet another accidental data leak exposing vulnerable minors. Plus, bowling.

analysis January 20, 2017
This Week: Ransomware Goes Gold

This week we saw a new strain of ransomware with the Midas touch. The FBI breach from earlier in the month may not be what it appears. Plus, squirrels.

analysis January 13, 2017
This Week: Unhappy Accidents and Avoidable Leaks

What do a typo, a hacked database, and a tweet have in common? Leaked credentials. This week we saw three major leaks that could have been avoided. While we are constantly advised to be...

analysis January 13, 2017
Economics of the Dark Web: Let It Be, Let It Be

The dark web is a near perfect example of laissez faire economics, the theory of letting things take their own path without interference. Free of an overarching governing body, if offers us an opportunity...

analysis January 06, 2017
This Week: TheDarkOverlord Expands His Coverage

The Dark Overlord welcomed 2017 with new high-profile data leaks from an array of companies, and customers of collectable trading cards were compromised in a breach.

analysis December 19, 2016
The Yahoo Breach, or How Dark Web Data Intelligence can Inform M&A Decisions

Dark web data intelligence can provide unique measures of security and data breach risk, especially when it comes to M&A negotiations.

analysis November 29, 2016
Seasons Greetings from the Dark Web

What's the dark web equivalent of a doorbuster deal? Depends on if you're looking for specials on stolen credit cards or just some discounted edibles.

analysis November 18, 2016
This Week: Dark Web Jail Time and Facebook Buying Stolen Data

While Facebook tried a new method to protect their user information, another social site fell victim to a data breach. These criminals may have gotten away this time, but others were not quite so...

analysis November 15, 2016
The Rise of Hacking as a Service on the Dark Web

The hacking-as-a-service market on the dark web exists, but isn’t necessarily sophisticated. The development of malware which uses the Internet of Things may change that.

analysis November 04, 2016
This Week: Halloween on the Dark Web

This week we saw vendors break out Halloween-themed sales and other dark web offers. Oh, and your crockpot may be a security risk.

analysis October 21, 2016
This Week: Weebly, Indian Banks, and CyberMaryland

This week, Indian banks faced one of the largest breaches to ever hit the country. Meanwhile, web-hosting platform Weebly saw over 43 million users with exposed credentials.

analysis October 14, 2016
This Week: Verizon and Turkey React To Stolen Data

On the eve of an acquisition, Yahoo finds itself facing a billion-dollar discount request from Verizon and Turkey restricted access to Dropbox, Google Drive, Github, and more (all to prevent government information making the...

analysis October 04, 2016
Built On Blind Trust: Risky Business on the Dark Web

Buying credit cards, drugs, or software exploits on the dark web is not like your everyday shopping.

analysis September 30, 2016
This Week: Yahoo Still Has A Problem (And So Does Azerbaijan)

The Yahoo breach is still making headlines, and tensions continue to brew between Azerbaijan and Armenia surrounding the Armenian Independence Day.

analysis September 16, 2016
This Week: Hospitals Hit Again (And The Olympics Aren't Over)

This week we saw a lot of Personal Health Information appear online. Fancy Bear's Hack Team dumped a series of confidential files on Olympians, and even though many on the dark web consider hospitals...

analysis September 13, 2016
Hack To School: Education Exploits on the Dark Web

Gone are the days of stealing a test from a copier in the break room. Now, students need only go online to access a trove of educational exploits to change their grades, increase performance,...

analysis September 02, 2016
This Week: All Eyes on the Election and Even More Dropbox Creds

This week, we’re reminded once again that the electoral system is an ever-increasing target for cybercriminals. Meanwhile, the credentials for over 68 million Dropbox accounts were exposed online.

analysis August 26, 2016
This Week: Hacking for Harambe and Safer Drugs On The Dark Web

Researchers continue to approach the dark web drug trade with interest and apprehension, while governments attempt to convince citizens that sharing personal data is better for everyone in the long run.

analysis August 23, 2016
What's The Deal With Brazil?

The Olympics highlight a systemic problem in the data intelligence community: the quiet leaks are often the ones you need to worry about the most.

analysis August 19, 2016
This Week: Brazilian Banks Still Hit Hard, Gun Vendor Resurfaces

As the Olympics are winding down in Brazil, cyberattacks are not.

analysis August 12, 2016
This Week: Olympic Security, Russian Databases, and Google tries YOLO

The Olympics, payment fraud, and ongoing struggles between government oversight and privacy topped the news this week.

analysis July 19, 2016
The Rise Of Politically Identifiable Information

We're seeing more and more political information floating around the dark web, including everything from voter PII to delegate and candidate doxes to sensitive documents stolen from political parties.

analysis April 07, 2016
#OpIsrael is in Full Swing

#OpIsrael is an annual campaign against Israeli government and business sites originally timed to coincide with the eve of Holocaust Remembrance Day in 2013.

analysis March 03, 2016
Tax - and Peak PII - Season is Here

Tax fraud is one of the most prevalent forms of crime on the internet, and while Americans rush to prepare their returns, stolen personally identifiable information (PII) continues to appear in large quantities across...

analysis February 15, 2016
Poseiden and the Brazilian Data Deluge

The Poseiden Group is just one of several growing groups of hackers based out of Brazil, and we have recently seen a significant increase in the number of Brazilian data leaks and compromised credit...

analysis January 25, 2016
Not Your Breach, Still Your Problem

Given the increase in large and widespread data breaches, organizations find themselves facing issues of user security and fraudulent activity — even if their systems were never breached.

analysis December 07, 2015
Holiday Sales on the Dark Web

Retailers aren't the only ones offering holiday sales. Vendors on the Dark Web are taking advantage of Black Friday, Cyber Monday, and the rest of holiday season for some promotions of their own. All...

analysis November 04, 2015
Fast Detection Makes All the Difference

According to the 2015 Cost of Cyber Crime Study from the Ponemon Institute, the mean number of days to resolve a data breach is 46, at an average cost of over $21,000 per day...

analysis October 26, 2015
Weathering An Insecure World

Weather is a risk management problem. You can neither measure a storm by counting the raindrops, nor can you be safe from every hurricane. Increasingly, information security must be considered in a similar way,...