Digital Shadows Insights Blog

The latest advice, opinions and research from our dedicated intelligence and analyst teams

Activity Based Intelligence – Activating your interest?

25 November 2015

Some threat actors love to make noise. Be it a tweet, a forum post, or a chat room message, communicating in the open often takes place.

Read More

Crackas With Attitude: What We've Learned

23 November 2015

One of the most active actors of the past several months has been a hacktivist group who identify themselves as ‘Crackas With Attitude’ (CWA).

Read More

From CTI to Cyber Situational Awareness: What you should know

16 November 2015

With more attackers trailing the digital shadows of organizations, traditional defenses have proven to be insufficient and organizations are looking at new ways of protecting themselves.

Read More

The Way of Hacking

10 November 2015

In the Japanese martial art of Aikido it is said that "Kurai Dori" is the ability of a skilled practitioner, or "aikidoka", to control the consciousness of an opponent.

Read More

Emerging Markets: Online Extortion Matures via DDoS Attacks

9 November 2015

Unlike scenes from books or movies where shadowy figures hold manila envelopes containing information or photographs pertaining to an unsuspecting victim, few of us in the real world have to...

Read More

Crackas With Attitude strike again?

28 October 2015

Last week, the New York Post reported that hackers had compromised the personal email address of CIA Director, John Brennan.

Read More

TalkTalk: Avoiding the hype

28 October 2015

There has been no shortage of media coverage on the recent TalkTalk cyber attack.  The full implications of the attack are not yet known, but reports suggest it could affect...

Read More

Smilex: Dangers of Poor OpSec

27 October 2015

On 13 Oct 2015, it was revealed in an indictment on the US department of Justice website that Dridex (AKA Bugat and Cridex) activity had been disrupted and charges filed...

Read More

CATER, For Your Threat Intelligence Needs

8 October 2015

Our white paper, Cyber Threat Intelligence: A Buyer’s Guide, provides an overview of current CTI approaches and the types of offerings available.

Read More

Online carding

7 October 2015

There is no shortage of credit card information being sold online. In the past six months alone, our spider (which covers I2P and ToR Darknet overlay networks as well as surface web carding sites) detected thousands of instances of sites offering credit...

Read More

Cyber Situational Awareness: Gain an Attacker’s Eye View

23 September 2015

Our latest white paper defines a different perspective on security – cyber situational awareness.

Read More

Greater capabilities equal greater cyber situational awareness

21 September 2015

In a recent Techworld article, one of our clients said that Digital Shadows SearchLight™ “…gives me “visibility into a world that is outside of my control.” This is the very...

Read More

How the Internet of Things (IoT) is Expanding Your Digital Shadow

10 September 2015

The Internet of Things (IoT) is a development that is the direct result of objects, technology, people that have been provided with unique identifiers, which possess the ability to transfer...

Read More

Digital Shadows and ThreatConnect Partner to Help Customers Improve Security Defenses

4 September 2015

One of the foundational values of Digital Shadows is the appreciation and value we put on our collaboration with customers and our coordination with our strategic business partners. It is because of this value that we’re delighted to announce today that we’ve entered into a new partnership with ThreatConnect, the leading provider of security software and services including the ThreatConnect® Threat Intelligence Platform (TIP).

Read More

Raising the Stakes - U.S. retaliation for Chinese cyber espionage has the potential for escalation

18 August 2015

Following the Jun 2015 announcement that the U.S. Office of Personnel Management (OPM) had been breached and the personal data of millions of current and former federal employees compromised, a...

Read More

The Intelligence cycle – what is it good for?

13 August 2015

It seems that the concept of ‘intelligence’ is a problem. The definition isn’t agreed, and the industry is peppered with vendors and organisations applying a range or meanings and interpretations.

Read More

OPSEC and Trust in an Underground Cybercriminal Forum

12 August 2015

There are perhaps tens of thousands of forums and sites in the visible and dark webs dedicated to criminal activity.

Read More

Exciting times, exciting team at Digital Shadows

30 July 2015

Yesterday we announced that Stuart McClure, founder and CEO of Cylance, Inc, is joining our Board of Directors. The entire company is excited about his joining us, and James Chappell and I are especially looking forward to working with him as we further grow the company. While we are excited, Stuart’s joining our board is not the only great team news we have at Digital Shadows. Over the last few months we’ve grown our executive leadership team to map to our business goals, and I want to introduce them.

Read More

Digital Shadows and ThreatConnect Partner to Help Customers Improve Security Defenses

20 July 2015


One of the foundational values of Digital Shadows is the appreciation and value we put on our collaboration with customers and our coordination with our strategic business partners. It is because of this value that we’re delighted to announce today that we’ve entered into a new partnership with ThreatConnect, the leading provider of security software and services including the ThreatConnect® Threat Intelligence Platform (TIP).

Read More

Exploiting is my business...and business is good

13 July 2015

In 2015 we are seeing new trends emerge with respect to Exploit Kits in the wild. These trends are particularly interesting in that they suggest that the frequency of 0-day exploits made available in these kits is growing while the time to integrate said 0-days from the time of discovery to inclusion in the kits is shrinking rapidly.

Read More

Online Extortion - Old Ways, New Tricks

6 July 2015


Extortion is nothing new for organised crime. For centuries, gangs have been operating protection rackets and kidnappings to successfully extract ransom money from their victims. And as with many things in modern life, these old techniques have been successfully brought over to the cyber realm.

Read More

Saudi Arabia MOFA Breach

1 July 2015

A look at the recent MOFA breach.

Read More

What’s In a Name? The Mystery Surrounding the Identity of the Actors Responsible for the Saudi Arabia Breaches

1 July 2015


Recently we wrote about the initial breach of the Ministry of Foreign Affairs of the Kingdom of Saudi Arabia (KSA).  We felt like this was noteworthy for several reasons: 1.  ...

Read More

Kaspersky Labs Discloses Duqu 2.0 Attack

19 June 2015

Today social media channels the world over are a buzz with news of Kaspersky Labs disclosure of the discovery of Duqu 2.0.  This news was significant for many reasons especially...

Read More

Digital Shadows integrates with Maltego through partnership with Malformity Labs

15 June 2015


The need for organizations to focus on their risk exposure is growing daily, and their ability to establish a clear picture of their environments is key to mitigating risk.

Read More

Emerging Markets & Services: Ransomware-as-a-Service

9 June 2015


A look at emerging markets and services, specifically at  ransomeware-as-a-service.

Read More

The Adult Friend Finder Breach: A Recap

27 May 2015


Last week, news quickly spread about a security breach that impacted the casual dating website Adult Friend Finder. Will Gragido. Head of Threat Intelligence for Digital Shadows in the USA, shares his findings.

Read More

The Dangers of Groupthink: Part 2

10 April 2015


This post moves on to the second cause of groupthink and tries to understand how organizational structural faults may result in manifestations of groupthink.

Read More

The Dangers of Groupthink

4 March 2015


Over the next few blog posts we’ll be looking at various types of cognitive bias and suggest ways of dealing with them.

Read More

Analytical Tradecraft at Digital Shadows

5 February 2015


This week my colleague and I attended the SANS Cyber Threat Intelligence conference in Washington DC. It was great to hear more from analysts and CTI users from across the community, as well as mingle with the plethora of vendors who were present. This blog explores some of the themes which arose from discussions on analytical tradecraft.

Read More

Remote working at Digital Shadows

27 January 2015

Here at Digital Shadows we’ve worked hard to assemble the most dedicated and talented development team possible and that has resulted in our team being concentrated here in London, but including members both further afield in the UK and internationally. This means that we’ve had to learn how to work with a distributed team and this post will cover our experiences and some of the utilities we’re making use of to work as efficiently as possible.

Read More

Digital Shadows joins roundtable at 10 Downing Street

9 January 2015


Alastair Paterson, CEO of Digital Shadows, recently visited 10 Downing Street to participate in a roundtable on cyber security. The session brought together leaders from industry, academia and government and sought to address the challenges surrounding cyber security policy.

Read More

Working in multilingual sources

12 November 2014


This post will be about some of the challenges you are likely to face trying to handle data in different languages and how to deal with them. Most of our code is in Java so the examples here will all be written in Java

Read More

Source Evaluation

12 November 2014


To organisations, threat intelligence is about understanding the threat landscape – the various actors and campaigns which conduct cyber attacks – so that when they are specifically targeted it can be detected, mitigation put in place, and the risk to their business reduced. Robust source evaluation minimises the chance of crying wolf, or warning of the wrong threat entirely.

Read More

Even the hackers are targeted by phishers

6 November 2014


We noticed a Tweet from one of the groups we are tracking which claimed that the popular football game FIFA was “offline”. Given the unspecific nature of the Tweet and the lack of any evidence suggesting that the online services of the game had been affected by any kind of cyber attack, we assessed that it was likely a false claim.

Read More

The Intelligence Trinity

30 October 2014


For several years now there has been considerable hype and hubris around the term ‘intelligence’ within the cyber security industry. It feels as if the term has been diluted as its usage has extended to include vendors dealing in a range of issues from bad IPs and Indicators of Compromise, to tip-offs that hacktivist groups are targeting particular sectors and the activities of APT groups, and everything in-between.

Read More

Digital Shadows invited to 10 Downing Street

30 July 2014


Interest in London’s burgeoning tech industry is growing so rapidly that even David Cameron has taken notice; at Pitch10, an event at 10 Downing Street to be held on Thursday 31st July, ten of the most promising digital companies in Britain will pitch their businesses to an audience that includes Cameron himself.

Read More

Watch Dogs – it’s just a game... or is it?

27 May 2014


A new video game called Watch Dogs is offering an interesting take on real life digital shadows. Sounds like a pretty scary world – Watch Dogs’ website proclaims “You are not an individual. You are a data cluster.” But just how accurate is this idea in the world that we live in? At Digital Shadows we protect organisations from data loss and targeted cyber attack.

Read More