Security Report: Median Price for DIY Ransomware Kit is $10.50

The median price for a do-it-yourself (DIY) ransomware kit is just $10.50, helping to fuel a 2,502 percent year-over-year increase in the size of the ransomware marketplace on the dark web, according to new research from security vendor Carbon Black.

Prices for the DIY kits ranged from $.50 to $3,000.

In a report entitled The Ransomware Economy, security experts found that the dark web marketplace has grown from $249,287.05 in 2016, to $6,237,248.90 this year.

The latest FBI figures on ransomware extortions show roughly $1 billion in ransoms paid in 2016, and it’s not clear how that figure has grown given the proliferation of ransomware sales.

Researchers found more 6,300 sites on the dark web that sell ransomware, with roughly 45,000 products listed.

The motive behind the explosion is clearly economic.

Makers of ransomware often earn more than $100,000, compared with a typical salary of about $69,000 for legitimate software developers, the report states.

Atera adds Webroot: Atera, maker of an all-in-one RMM, PSA and remote access platform, has announced the integration of Webroot’s SecureAnywhere DNS Protection.

The announcement was made during the CompTIA EMEA Member and Partner Conference, which was held last week in London, England.

AttackIQ launches continuous security validation platform: San Diego based security vendor AttackIQ has launched its new FireDrill platform with support for the MITRE ATT&CK Matrix database, which facilitates security testing and planning.

The tool, billed as the first commercial continuous security validation platform with MITRE support, is aimed at helping organizations to better automate security tasks and provide broader and deeper validation testing for vulnerabilities and risk.

The MITRE ATT&CK Matrix is a curated knowledge base that models cyber-adversary behavior.

“Commercial and federal government entities alike can gain significant insight into organizational security postures, products and processes by assessing themselves against the known threat,” AttackIQ said in a statement. “Describing this threat via the ATT&CK Matrix enables a common way of communicating their organization’s security, as well as identifying potential weaknesses to enable improvement.”

ID Agent seeks resellers for identity protection: ID Agent, which specializes in Dark Web monitoring, has launched a channel-only offering of comprehensive personal identity protection.

Spotlight ID enables MSPs, VARs and other channel partners to resell comprehensive personal identity protection for clients’ employees and customers.

The product is aimed at ultimately making customers’ business systems more secure.

“Customers, employees, key executives and high-risk personnel are often targeted and exploited on the Dark Web, the portion of the Internet that is hidden from conventional search engines, holding a wealth of stolen data and illegal activity,” Dana Liedholm, vice president of global channel products at ID Agent, said in a statement. “With data breaches at a record high, ID Agent’s SpotLight ID is an opportunity for MSPs to provide identity protection to their customers at a fraction of what it would cost through the leading credit bureaus.”

Skybox Security lands $150 million investment: Security software vendor Skybox Security announced it has reached agreement on $150 million growth equity deal from a pair of private equity firms.

The deal calls for $100 million to be provided by private equity firm CVC Capital Partners’ Growth Fund, and another $50 million from Pantheon.

“This is good news for the company’s channel partners as the funding will be used to accelerate investment in sales and marketing, customer care and R&D, as well as M&A activity to capitalize on the $10 billion market opportunity in cybersecurity management,” Skybox Security said in a statement.

Send tips and news to [email protected].