Should a VM specialist be aware of what is happening in the Darknet?

Should a VM specialist be aware of what is happening in the Darknet? Of course. At least roughly. Otherwise, he’ll fall for the “nobody’s attacking us” myth. 😏

The reality is that every organization is under attack all the time. It’s like commercial fishing with trawlers. Anything that gets caught in the nets will be classified, priced, and put up for sale. 🐟 In today’s world of cybercrime, access to an organization’s infrastructure is a commodity. 🏪 The same is true for vulnerabilities, exploits, and ready-made malware.

Attacker groups have specialized:

🔻 some research vulnerabilities and write exploits
🔻 others embed them in malware
🔻 still others implement bypass of the InfoSec systems
🔻 the fourth get primary access
🔻 fifth people monetize this access 💰
🔻 sixth support the operation of trading platforms

And whether these guys can break your organization depends on you, VM specialist!

🟥 PT has published a large study on this topic (rus). 👍

На русском

Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.

А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.