Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/10/2019
03:00 PM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Demystifying the Dark Web: What You Need to Know

The Dark Web and Deep Web are not the same, neither is fully criminal, and more await in this guide to the Internet's mysterious corners.
Previous
1 of 8
Next

If you ask the average consumer about the Dark Web, chances are good they won't have a positive response. Most people assume the Dark Web is malicious – if they know about it at all.

Over the years, and especially of late with breaches and hackers making headlines, the Dark Web's reputation has been crafted by high-profile arrests and sensational news stories. Films and television shows have also shaped public perception. Even four to five years ago, people within the technology and security industries had a skewed opinion of what the Dark Web is.

"Anyone who was familiar with it typically had an outlandish view of what was happening there," says Emily Wilson, vice president of research at Terbium Labs. In recent years, the industry has begun to have more developed conversations, discussing how the Dark Web is changing, how it's responding to different events, and how it fits into their cyber-risk strategies. Employees in the finance and tech spaces, where security is paramount, are especially aware.

Still, she adds, most modern consumers are a few years behind. More have heard of the Dark Web, but those who have are afraid of it. "Their feeling about the Deep and Dark Web is it's just this bad place," adds Flashpoint chief strategy officer Chris Camacho.

So what exactly is the Dark Web, and how is it different from the Deep Web? How do they both work, and what goes on there? Here, we hope to fill in the gaps. We spoke with Dark Web experts, who answer your FAQs about the unknown Internet.

 

 

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
matty37
50%
50%
matty37,
User Rank: Apprentice
10/29/2019 | 9:08:32 AM
the dark web
But isn't it right? I do think that most people don't have their fears out of nowhere, and this perception about the dark web was created based on something. It might be not as bad as it's portrayed, but it's definitely not a safe place as well. I would like to try it out and see how it looks like, but I'm currently still debating if it's worth it. I heard that you have to use Tor to access it, although I also have SurfsharkVPN; hopefully, that will increase my safety if I decide to take a glimpse
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/28/2020
GDPR Enforcement Loosens Amid Pandemic
Seth Rosenblatt, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Can you smell me now?
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11018
PUBLISHED: 2020-05-29
In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0.
CVE-2020-13634
PUBLISHED: 2020-05-29
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xF1002558
CVE-2020-12675
PUBLISHED: 2020-05-29
The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-202...
CVE-2020-11017
PUBLISHED: 2020-05-29
In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0.
CVE-2020-4306
PUBLISHED: 2020-05-29
IBM Planning Analytics Local 2.0.0 through 2.0.9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 17...