Blog & Resources

The latest advice, opinion and research from our dedicated intelligence analyst team.

View Full Resources Center

How cybercriminals are taking advantage of COVID-19: Scams, fraud, and misinformation

March 12, 2020 | 9 Min Read

In the wake of large-scale global events, cybercriminals are among the first to attempt to sow discord, spread disinformation, and seek financial gain. In February 2020, the World Health Organization...
Read Here

Categories

all Brand Protection Company Cybercrime and Dark Web Research Data Leakage DevSecOps Threat Intelligence

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

Connect with us

Digital Risk Reporting Best Practices: Top 10 Ways to Build Killer Reports in SearchLight

Digital Risk Reporting Best Practices: Top 10 Ways to Build Killer Reports in SearchLight

June 30, 2020 | 4 Min Read

We all have those days or that time of the quarter where management demands a nice glossy report with the...
Read Here
Multiple vs. Exclusive Sales on the Dark Web: What’s in a sale?

Multiple vs. Exclusive Sales on the Dark Web: What’s in a sale?

June 29, 2020 | 9 Min Read

When going out on a shopping spree, you would naturally have different expectations of price, accessibility, quality, and exclusivity of...
Read Here
ShadowTalk Update – Torigon, Nulledflix, and BlueLeaks, Plus DevSecOps Insights From DS CISO Rick

ShadowTalk Update – Torigon, Nulledflix, and BlueLeaks, Plus DevSecOps Insights From DS CISO Rick

June 29, 2020 | 2 Min Read

Alex, Kacey, Charles and Rick host this week’s ShadowTalk to bring you the latest threat intelligence stories. This week they...
Read Here
Introducing Nulledflix – Nulled forum’s own streaming service

Introducing Nulledflix – Nulled forum’s own streaming service

June 23, 2020 | 8 Min Read

Lockdowns implemented during the COVID-19 (aka coronavirus) pandemic have forced people around the world to spend a large part of...
Read Here
Torigon Forum: A sad case of all show and no go

Torigon Forum: A sad case of all show and no go

June 23, 2020 | 11 Min Read

When we review the ideal template for a successful cybercriminal forum, we are on the lookout for several key factors:...
Read Here
Modern Software Development and DevSecOps: Despite security controls, data leaks persist

Modern Software Development and DevSecOps: Despite security controls, data leaks persist

June 22, 2020 | 15 Min Read

Quick Synopsis No matter how many software developers you employ, development processes or cultures (such as DevOps or DevSecOps) that...
Read Here
ShadowTalk Update – Lookback Operators Deploy New Malware Against US Utilities Sector And Honda Cyber Attack

ShadowTalk Update – Lookback Operators Deploy New Malware Against US Utilities Sector And Honda Cyber Attack

June 22, 2020 | 2 Min Read

Demelza, Viktoria, Adam, and Stefano host this week’s ShadowTalk to bring you the latest threat intelligence stories from the week....
Read Here
Ensuring order in the underground: Recruiting moderators on cybercriminal forums

Ensuring order in the underground: Recruiting moderators on cybercriminal forums

June 18, 2020 | 10 Min Read

While there have been many predictable consequences of the ongoing global COVID-19 (aka coronavirus) pandemic, few would have foreseen significant...
Read Here
Reducing technical leakage: Detecting software exposure from the outside-in

Reducing technical leakage: Detecting software exposure from the outside-in

June 16, 2020 | 6 Min Read

Modern Development Practices Leads to Increased Exposure As customers, we can be a bit demanding when it comes to technology...
Read Here
ShadowTalk Update – Maze Ransomware Alliance, EndGame DDoS Protection Tool, And Ransomware Disguises

ShadowTalk Update – Maze Ransomware Alliance, EndGame DDoS Protection Tool, And Ransomware Disguises

June 15, 2020 | 2 Min Read

Alex is joined by Kacey and Charles this week to chat through the top threat intel stories of the week....
Read Here
Security Threat Intel Products and Services: Mapping SearchLight

Security Threat Intel Products and Services: Mapping SearchLight

June 10, 2020 | 6 Min Read

1. TI Analyst Augmentation. Very few organizations have access to vast resources that will enable them to build out a...
Read Here
CISA and FBI alert: Top vulnerabilities exploited from 2016-2019 and trends from 2020

CISA and FBI alert: Top vulnerabilities exploited from 2016-2019 and trends from 2020

June 9, 2020 | 7 Min Read

A couple of weeks ago, the United States Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation...
Read Here
New DDoS protection tool advertised on the dark web

New DDoS protection tool advertised on the dark web

June 9, 2020 | 7 Min Read

This blog examines a newly launched DDoS protection filter mechanism dubbed EndGame advertised last week on the dark web community...
Read Here
SHADOWTALK UPDATE – HACKTIVIST CHOOSES DESTRUCTION OVER PROFIT W/ RANSOMWARE AND COLLECTION 1 HACKER IDENTIFIED

SHADOWTALK UPDATE – HACKTIVIST CHOOSES DESTRUCTION OVER PROFIT W/ RANSOMWARE AND COLLECTION 1 HACKER IDENTIFIED

June 1, 2020 | 2 Min Read

Pietro, Viktoria, Adam, and Demelza cover this week’s top threat intelligence stories, including a Hacktivist group choosing destruction over profit...
Read Here
Dark Web Digest: Exploring the risk impact of dark web findings, the evolution of forums, and observed trends

Dark Web Digest: Exploring the risk impact of dark web findings, the evolution of forums, and observed trends

May 29, 2020 | 12 Min Read

This week, Digital Shadows hosted a webinar covering dark web trends that we have recently observed, the risk impact associated...
Read Here
3 Phishing Trends Organizations Should Watch Out For

3 Phishing Trends Organizations Should Watch Out For

May 20, 2020 | 16 Min Read

It’s only May, and is it just me, or has this already been the longest decade ever? Cyber-threat actors are...
Read Here
The 2020 Verizon Data Breach Investigations Report: One CISO’s View

The 2020 Verizon Data Breach Investigations Report: One CISO’s View

May 19, 2020 | 6 Min Read

Sadly, Marvel’s Black Widow release date was pushed back as a result of COVID19, but thankfully the 2020 Verizon Data...
Read Here
SHADOWTALK UPDATE – WANNACRY ANNIVERSARY, WORDPRESS PLUGIN VULNERABILITY, AND WELEAKDATA COMPROMISED

SHADOWTALK UPDATE – WANNACRY ANNIVERSARY, WORDPRESS PLUGIN VULNERABILITY, AND WELEAKDATA COMPROMISED

May 18, 2020 | 2 Min Read

The team starts this week’s episode with a retrospective look at WannaCry, discussing some core lessons learned from this ransomware...
Read Here
A NEW DECADE OF CYBER THREATS: LOOKING BACK AT THE TRENDING CYBER TOPICS OF Q1 2020

A NEW DECADE OF CYBER THREATS: LOOKING BACK AT THE TRENDING CYBER TOPICS OF Q1 2020

May 14, 2020 | 10 Min Read

Q1 2020 was packed full of significant global events, including military and geopolitical tensions and the onset of the COVID-19...
Read Here
BitBazaar Market: Deception and Manipulation on the Dark Web

BitBazaar Market: Deception and Manipulation on the Dark Web

May 12, 2020 | 8 Min Read

It’s a BitBazaar that they thought they could deceive us!: A Soap opera featuring dark web forums and marketplaces “When...
Read Here
Contact Tracing: Can ‘Big Tech’ Come to the Rescue, and at What Cost?

Contact Tracing: Can ‘Big Tech’ Come to the Rescue, and at What Cost?

May 11, 2020 | 13 Min Read

Co-authored by: Pratik Sinha MD PhD1,2, Alastair E Paterson3 M.Eng With over 215,000 dead globally and with close to 26...
Read Here
ShadowTalk Update – Competitions On English Forums, Purple Teaming, & Hacker Bribes ‘Roblox’ Insider

ShadowTalk Update – Competitions On English Forums, Purple Teaming, & Hacker Bribes ‘Roblox’ Insider

May 11, 2020 | 2 Min Read

This week Alex chats with Kacey, Charles, and Rick around competitions we’ve been seeing on English-language cybercriminal forums and how...
Read Here
Threat Intelligence Feeds: Why Context is Key

Threat Intelligence Feeds: Why Context is Key

May 7, 2020 | 10 Min Read

Key Takeaways: Choosing which threat intelligence feeds to rely on can be a daunting task: Different feeds provide varying levels...
Read Here
Competitions on English-language cybercriminal forums: A stagnant competition model?

Competitions on English-language cybercriminal forums: A stagnant competition model?

May 5, 2020 | 9 Min Read

Russian-language cybercriminal forums aren’t the only ones to host competitions.  In January 2020, we published a blog about competitions on...
Read Here
ShadowTalk Update – Microsoft Teams ATO Vulnerability, APT32, & Uptick In Ransomware

ShadowTalk Update – Microsoft Teams ATO Vulnerability, APT32, & Uptick In Ransomware

May 1, 2020 | 3 Min Read

Jamie, Adam, and Demelza join Viktoria for this week’s threat intelligence updates. Top stories this week include:– Vulnerability allowed hijacking...
Read Here
Charitable Endeavors on Cybercriminal Forums

Charitable Endeavors on Cybercriminal Forums

April 28, 2020 | 12 Min Read

One heart-warming aspect of modern society is the increased prevalence of charitable endeavors during times of crisis. Philanthropy has loomed...
Read Here
ShadowTalk Update – Maze Ransomware Infiltrates Cognizant, Czech NCISA Warning, And Third Party Risk Assessment

ShadowTalk Update – Maze Ransomware Infiltrates Cognizant, Czech NCISA Warning, And Third Party Risk Assessment

April 27, 2020 | 3 Min Read

Alex, Kacey, Charles, and Harrison host this week’s ShadowTalk for threat intel updates including Maze ransomware updates, a warning of...
Read Here
Nulled: The modern cybercriminal forum to go mobile….?

Nulled: The modern cybercriminal forum to go mobile….?

April 22, 2020 | 9 Min Read

What’s more threatening than the thought of a cybercriminal sitting at their laptop and carefully manipulating their way into your...
Read Here
What ‘The Wire’ can teach us about cybersecurity

What ‘The Wire’ can teach us about cybersecurity

April 21, 2020 | 12 Min Read

In the current era of self-isolation, remote work, and constant tweets offering epidemiological hot takes, now is the perfect time...
Read Here
ShadowTalk Update – SFO Airport Hack, Fin6, And Sodinokibi Switching From Bitcoin To Monero

ShadowTalk Update – SFO Airport Hack, Fin6, And Sodinokibi Switching From Bitcoin To Monero

April 20, 2020 | 2 Min Read

This week we have new ShadowTalk guest joining us from London, Demelza! She joins Viktoria and Jamie for our threat...
Read Here
Zoom Security and Privacy Issues: Week in Review

Zoom Security and Privacy Issues: Week in Review

April 17, 2020 | 10 Min Read

In the last month, you’ve likely been hearing about the video conferencing app Zoom more than ever before. With so...
Read Here
Top Priorities for 3rd party risk assessments

Top Priorities for 3rd party risk assessments

April 16, 2020 | 6 Min Read

If you’re like me, you’re probably tired of hearing about Zoom in the news. Whether it’s for the recent exploits...
Read Here
COVID-19, Remote Working, and The Future of Cyber Security

COVID-19, Remote Working, and The Future of Cyber Security

April 15, 2020 | 6 Min Read

The unprecedented global lockdown in the face of COVID-19 has forced companies worldwide to activate emergency business continuity plans, having...
Read Here
ShadowTalk Update – COVID-19 Third Party App Risks, Zoom, and DarkHotel Hackers

ShadowTalk Update – COVID-19 Third Party App Risks, Zoom, and DarkHotel Hackers

April 13, 2020 | 3 Min Read

Coming to you from Dallas this week – we have Kacey, Harrison, Alex, and Charles. This week the team talks...
Read Here
How to minimize cybersecurity breaches in 2020

How to minimize cybersecurity breaches in 2020

April 8, 2020 | 9 Min Read

Seriously, don’t click back or close – I promise it’s not another one of those “buy all the newest stuff...
Read Here
COVID-19: Risks of Third-Party Apps

COVID-19: Risks of Third-Party Apps

April 7, 2020 | 7 Min Read

As the global community continues to pursue critical details of COVID-19, it is imperative to consider the opportunistic behavior of...
Read Here
ShadowTalk Update – Zoom Zero-Day Vulnerabilities and Fin7 Delivering Malware Via Snail Mail

ShadowTalk Update – Zoom Zero-Day Vulnerabilities and Fin7 Delivering Malware Via Snail Mail

April 6, 2020 | 2 Min Read

Hey all you cool cats and kittens! We’ve got a brand-new threat intel episode for you coming from our virtual podcast studio with Adam, Jamie, and...
Read Here
Recon: Dark web reconnaissance made to look easy

Recon: Dark web reconnaissance made to look easy

April 3, 2020 | 4 Min Read

Just as the rest of us enjoy the ease of obtaining all sorts of products provided by the countless e-commerce...
Read Here
Coronavirus as a double-edged sword for cybercriminals: Desperation or opportunity?

Coronavirus as a double-edged sword for cybercriminals: Desperation or opportunity?

April 2, 2020 | 9 Min Read

The ongoing COVID-19 (aka coronavirus) pandemic is having a highly detrimental effect on most businesses and organizations, yet companies linked...
Read Here
The Digital Risk Underdog: Remediation

The Digital Risk Underdog: Remediation

April 1, 2020 | 4 Min Read

When it comes to evaluating threat intelligence and digital risk solutions, collection has been at the fore of the narrative...
Read Here
COVID-19: Third-party risks to businesses

COVID-19: Third-party risks to businesses

March 31, 2020 | 5 Min Read

As social distancing becomes more prevalent during the COVID-19 (Coronavirus) pandemic, many organizations are moving to a virtual workplace. Organizations...
Read Here
ShadowTalk Update – Remote Worker Threat Model And Cybercrime Updates

ShadowTalk Update – Remote Worker Threat Model And Cybercrime Updates

March 30, 2020 | 2 Min Read

This week the team looks at some Coronavirus threat intel updates including a Threat Model of the Remote Worker and...
Read Here
COVID-19: Companies and Verticals At Risk For Cyber Attacks

COVID-19: Companies and Verticals At Risk For Cyber Attacks

March 26, 2020 | 8 Min Read

  In our recent blog, How cybercriminals are taking advantage of COVID-19: Scams, fraud, and misinformation, Digital Shadows highlighted some...
Read Here
Threat Model of a Remote Worker

Threat Model of a Remote Worker

March 25, 2020 | 7 Min Read

Threat models are an often discussed but sometimes nebulous term that is frequently thrown around within the cyber-security arena. The...
Read Here
Kapusta.World: The fiendish cabbage exemplifying cybercriminal marketing in the modern era

Kapusta.World: The fiendish cabbage exemplifying cybercriminal marketing in the modern era

March 24, 2020 | 8 Min Read

  Over the last few months, the Russian-language cybercriminal landscape has been invaded by cabbages. Or, specifically, one rather friendly-looking...
Read Here
ShadowTalk Update – Slack Vulnerability, Apollon Dark Web Exit Scam, And Online Brand Protection

ShadowTalk Update – Slack Vulnerability, Apollon Dark Web Exit Scam, And Online Brand Protection

March 23, 2020 | 3 Min Read

We’ve got Adam and Jamie joining Viktoria remotely for this week’s ShadowTalk! The London crew chats through the Slack vulnerability...
Read Here
COVID-19: Dark Web Reactions

COVID-19: Dark Web Reactions

March 19, 2020 | 5 Min Read

  Digital Shadows has been researching the cybercriminal response to the COVID-19 outbreak sweeping across the globe. We’ve been monitoring...
Read Here
The Complete Guide to Online Brand Protection

The Complete Guide to Online Brand Protection

March 18, 2020 | 17 Min Read

  I’m not one for cheesy belief statements, but one of Warren Buffet’s, “It takes years to build a reputation...
Read Here
Apollon Dark Web Marketplace: Exit Scams and DDoS Campaigns

Apollon Dark Web Marketplace: Exit Scams and DDoS Campaigns

March 17, 2020 | 8 Min Read

  Imagine logging on to your favorite e-commerce site, finding your favorite author’s newest book for sale, making the purchase,...
Read Here
ShadowTalk Update – Necurs Botnet, SMB Vulnerability, Coronavirus Scams, And Dark Web Updates

ShadowTalk Update – Necurs Botnet, SMB Vulnerability, Coronavirus Scams, And Dark Web Updates

March 16, 2020 | 2 Min Read

  Dallas is packing up the podcast… don’t fret. The team is just moving offices. RIP (rest in podcast). The...
Read Here
How cybercriminals are taking advantage of COVID-19: Scams, fraud, and misinformation

How cybercriminals are taking advantage of COVID-19: Scams, fraud, and misinformation

March 12, 2020 | 9 Min Read

In the wake of large-scale global events, cybercriminals are among the first to attempt to sow discord, spread disinformation, and...
Read Here
Love Where You Work – Near and Far We Celebrate Our Team

Love Where You Work – Near and Far We Celebrate Our Team

March 12, 2020 | 6 Min Read

#LoveWhereYouWork Entering into 2020 felt a bit like a meteor hitting Earth for me (and I think a lot of...
Read Here
How One Cybercriminal Forum is Helping to Address Suicide Awareness

How One Cybercriminal Forum is Helping to Address Suicide Awareness

March 10, 2020 | 4 Min Read

  The world can be a stressful place regardless of circumstance. Yet we do not normally associate mental health awareness...
Read Here
ShadowTalk Update – Banking Trojan Steals Google Authenticator Codes, Ransomware Attacks Epiq, And Tesco Clubcard Fraud

ShadowTalk Update – Banking Trojan Steals Google Authenticator Codes, Ransomware Attacks Epiq, And Tesco Clubcard Fraud

March 9, 2020 | 2 Min Read

Lots of threat intelligence news updates in this week’s ShadowTalk episode with Jamie Collier, Adam Cook, and Viktoria Austin. Top...
Read Here
Dark Web Search Engine Kilos: Tipping the Scales in Favor of Cybercrime

Dark Web Search Engine Kilos: Tipping the Scales in Favor of Cybercrime

March 5, 2020 | 7 Min Read

  With the recent indictment of Larry Harmon, alleged operator of the Bitcoin tumbling service Helix and darknet search engine...
Read Here
Want to Control Your Ever-Changing Perimeter? Focus on Integrations.

Want to Control Your Ever-Changing Perimeter? Focus on Integrations.

March 4, 2020 | 5 Min Read

An ever changing perimeter? Over the past few years we have seen the commercial threat landscape evolve from simply combating...
Read Here
FBI IC3 2019: Cybercrime results in over $3.5 billion in reported losses

FBI IC3 2019: Cybercrime results in over $3.5 billion in reported losses

March 3, 2020 | 8 Min Read

  On February 11th, we were treated to an early surprise: The US Federal Bureau of Investigation (FBI) released its...
Read Here
ShadowTalk Update – Data Breaches, Stalkerware, and Dopplepaymer ransomware

ShadowTalk Update – Data Breaches, Stalkerware, and Dopplepaymer ransomware

March 2, 2020 | 2 Min Read

Coming to you from Dallas this week – we’ve got Charles, Kacey, Harrison, and Alex. First up – 3 data...
Read Here
Mapping MITRE ATT&CK to the Equifax Indictment

Mapping MITRE ATT&CK to the Equifax Indictment

February 24, 2020 | 6 Min Read

  On Monday, February 10th, the United States Department of Justice (DoJ) released a nine-count indictment alleging that four members...
Read Here
ShadowTalk Update – OurMine hacks FC Barcelona & Olympics twitter handles, Adsense email extortion, & phishing research

ShadowTalk Update – OurMine hacks FC Barcelona & Olympics twitter handles, Adsense email extortion, & phishing research

February 24, 2020 | 2 Min Read

Adam and Phil join Viktoria to ‘cause a storm’ on this week’s episode. But first – we get a rundown...
Read Here
The Ecosystem of Phishing: From Minnows to Marlins

The Ecosystem of Phishing: From Minnows to Marlins

February 20, 2020 | 31 Min Read

YOU JUST WON $1,000. CLICK HERE TO CLAIM YOUR REWARD!  IMMEDIATE! NEED WIRE DETAILS. Check out this cat doing cat...
Read Here
RSA Conference 2020: CISO Tips for Making the Most of Conference Sessions

RSA Conference 2020: CISO Tips for Making the Most of Conference Sessions

February 19, 2020 | 5 Min Read

  RSA Conference is just days away, and as I have done in the past, I thought I’d suggest a...
Read Here
The evolving story of the Citrix ADC Vulnerability: Ears to the Ground

The evolving story of the Citrix ADC Vulnerability: Ears to the Ground

February 18, 2020 | 4 Min Read

  The dust hasn’t quite settled on the Citrix ADC vulnerability technically known as CVE-2019-19781, and affectionately known as “Sh*&rix”...
Read Here
Cybercriminal Forums on Valentine’s Day – A nice night to “Netflix and steal”…

Cybercriminal Forums on Valentine’s Day – A nice night to “Netflix and steal”…

February 17, 2020 | 6 Min Read

  It’s the night before Valentine’s Day, and it suddenly clicks in your mind that you have totally overlooked one...
Read Here
ShadowTalk Update – OurMine Hacks, Equifax Indictment, and SWIFT POC attack

ShadowTalk Update – OurMine Hacks, Equifax Indictment, and SWIFT POC attack

February 17, 2020 | 2 Min Read

Roses are red, violets are blue, here’s our threat intel podcast, just for you! Kacey, Charles, Alex, and Harrison have...
Read Here
The Devil, the Details, and the Analysis of Competing Hypothesis

The Devil, the Details, and the Analysis of Competing Hypothesis

February 13, 2020 | 5 Min Read

  Digital Shadows’ Photon Research Team recently released a comprehensive examination of the Analysis of Competing Hypothesis (ACH) method, in...
Read Here
ShadowTalk Update – CTI Frameworks, Wawa Breach Updates, APT34, and Coronavirus Phishing Scams

ShadowTalk Update – CTI Frameworks, Wawa Breach Updates, APT34, and Coronavirus Phishing Scams

February 10, 2020 | 3 Min Read

In this week’s episode, Jamie starts by talking about his recent blog, Cyber Threat Intelligence Frameworks, with 5 rules for...
Read Here
The Iowa Caucus: Third-Party Apps Can Be Risky Business

The Iowa Caucus: Third-Party Apps Can Be Risky Business

February 6, 2020 | 7 Min Read

  If you’ve seen HBO’s Silicon Valley, then you’re familiar with the epic fails endured by the Pied Piper team....
Read Here
Red Team Blues: A 10 step security program for Windows Active Directory environments

Red Team Blues: A 10 step security program for Windows Active Directory environments

February 6, 2020 | 9 Min Read

  A fun tweet crossed our path recently, the author asked, “Redteam operators: Which defensive settings have you encountered that...
Read Here
How to Operationalize Threat Intelligence: Actionability and Context

How to Operationalize Threat Intelligence: Actionability and Context

February 5, 2020 | 5 Min Read

  In 1988 the idea of a Computer Emergency Response Team was first introduced at Carnegie Mellon University. Fast-forward through...
Read Here
Dark web travel agencies: Take a trip on the dark side

Dark web travel agencies: Take a trip on the dark side

February 4, 2020 | 11 Min Read

For at least the last two years, an ecosystem of fraud has been perpetrated by cybercriminals against nearly every major...
Read Here
ShadowTalk Update – SANS CTI Summit, Snake Ransomware, CacheOut, and Citrix Vuln Update

ShadowTalk Update – SANS CTI Summit, Snake Ransomware, CacheOut, and Citrix Vuln Update

February 3, 2020 | 3 Min Read

Rick Holland jumps in to kick-off this week’s episode to recap the 2020 SANS CTI Summit with Harrison. Then Harrison,...
Read Here
Competitions on Russian-language cybercriminal forums: Sharing expertise or threat actor showboating?

Competitions on Russian-language cybercriminal forums: Sharing expertise or threat actor showboating?

January 30, 2020 | 9 Min Read

  You might be feeling the pinch at this time of year… The financial demands of Christmas have taken their...
Read Here
Cyber Threat Intelligence Frameworks: 5 Rules for Integrating These Frameworks

Cyber Threat Intelligence Frameworks: 5 Rules for Integrating These Frameworks

January 29, 2020 | 7 Min Read

  As the cyber threat intelligence (CTI) industry continues to grow, so does the discipline’s thinking tools. Whether your intelligence...
Read Here
SANS Cyber Threat Intelligence Summit 2020: A Recap

SANS Cyber Threat Intelligence Summit 2020: A Recap

January 28, 2020 | 9 Min Read

  Last week I attended the eighth annual SANS Cyber Threat Intelligence Summit in Crystal City, Virginia. I want to...
Read Here
ShadowTalk Update – Citrix Vulnerability, Microsoft Data Breach, and Telnet Credentials Published

ShadowTalk Update – Citrix Vulnerability, Microsoft Data Breach, and Telnet Credentials Published

January 27, 2020 | 3 Min Read

Following on from last week, Citrix released a first set of patches to fix a vulnerability (CVE-2019 -19781) affecting the...
Read Here
How Digital Shadows Helped Find and Remediate an Exposed Admin Password on Github

How Digital Shadows Helped Find and Remediate an Exposed Admin Password on Github

January 23, 2020 | 5 Min Read

  I often get asked to share examples of the types of alerts we send to clients. I work on...
Read Here
Inside Digital Shadows: Davitt Potter Joins as Director of MSSP and Channels in the Americas

Inside Digital Shadows: Davitt Potter Joins as Director of MSSP and Channels in the Americas

January 22, 2020 | 5 Min Read

  I’ve spent over 25 years now in the channel supporting enterprise IT in some form or fashion.  After a...
Read Here
How the Cybercriminal Underground Mirrors the Real World

How the Cybercriminal Underground Mirrors the Real World

January 21, 2020 | 7 Min Read

Mirror, Mirror, on the wall. Who’s the best cybercriminal of them all? The terms cybercriminal and hacker often conjure up...
Read Here
ShadowTalk Update – NSA Vulnerability Disclosure, Ransomware News, and Iran Updates

ShadowTalk Update – NSA Vulnerability Disclosure, Ransomware News, and Iran Updates

January 20, 2020 | 3 Min Read

Kacey, Charles, Alex, and Harrison host this week’s threat intelligence update from Dallas. We kick off with vulnerabilities from the...
Read Here
Third Party Risk: 4 ways to manage your security ecosystem

Third Party Risk: 4 ways to manage your security ecosystem

January 16, 2020 | 5 Min Read

  The digital economy has multiplied the number of suppliers that organizations work and interact with. Using a supplier can...
Read Here
NSA Vulnerability Disclosure: Pros and Cons

NSA Vulnerability Disclosure: Pros and Cons

January 15, 2020 | 5 Min Read

  On Monday, January 13th, Brian Krebs reported that Microsoft would be releasing “a software update on Tuesday to fix...
Read Here
CVE-2019-19781: Analyzing the Exploit

CVE-2019-19781: Analyzing the Exploit

January 14, 2020 | 4 Min Read

  On December 17th 2019, CVE-2019-19781 was disclosed. The vulnerability allows for directory traversal and remote code execution on Citrix...
Read Here
Cryptonite: Ransomware’s answer to Superman…

Cryptonite: Ransomware’s answer to Superman…

January 14, 2020 | 4 Min Read

  Update: It appears that the Cryptonite website is no longer active, such is the rapidly changing nature of cybercrime....
Read Here
Iran and the United States – start of the long war or return to normal?

Iran and the United States – start of the long war or return to normal?

January 13, 2020 | 9 Min Read

  On 03 Jan 2020, the United States conducted a targeted killing of Major General Qasem Soleimani, commander of the...
Read Here
ShadowTalk Update – Iranian Cyber Threats, Travelex Ransomware Attack, and Exploit Forum updates

ShadowTalk Update – Iranian Cyber Threats, Travelex Ransomware Attack, and Exploit Forum updates

January 10, 2020 | 3 Min Read

We’re back with our weekly ShadowTalk episodes! Viktoria hosts this week and introduces the episode bringing Sammy on to provide...
Read Here
Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and the ASD Essential 8

Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and the ASD Essential 8

January 7, 2020 | 6 Min Read

  With the recent news of Qasem Soleimani on Friday 3rd January 2020, many organizations have been reviewing their security...
Read Here
Iran and Soleimani: Monitoring the Situation

Iran and Soleimani: Monitoring the Situation

January 7, 2020 | 9 Min Read

*This blog has been updated as of Jan 9, 2020.  Welcome to 2020. Have a good holiday? Back to work...
Read Here
Iranian Cyber Threats: Practical Advice for Security Professionals

Iranian Cyber Threats: Practical Advice for Security Professionals

January 6, 2020 | 8 Min Read

Unless you went very dark for an extended holiday break, you are no doubt very well aware of the United...
Read Here
ShadowTalk Update – Jingle Bell Ryuk: NOLA Ransomware, Ring Doorbells, and 2020 Predictions

ShadowTalk Update – Jingle Bell Ryuk: NOLA Ransomware, Ring Doorbells, and 2020 Predictions

December 23, 2019 | 3 Min Read

CISO Rick Holland joins our ShadowTalk hosts (Viktoria, Alex, and Harrison) for our holiday special! This week the team covers:...
Read Here
Top Security Blogs of 2019 from Digital Shadows

Top Security Blogs of 2019 from Digital Shadows

December 20, 2019 | 4 Min Read

  As we approach the end of 2019, we wanted to share some of the most popular security trends and...
Read Here
The Closure of Market.ms: A Cybercriminal Marketplace Ahead of Its Time

The Closure of Market.ms: A Cybercriminal Marketplace Ahead of Its Time

December 18, 2019 | 9 Min Read

In the world of “what could have been,” the cybercriminal marketplace market[.]ms would be a leader in the cybercriminal underground....
Read Here
2020 Cybersecurity Forecasts: 5 trends and predictions for the new year

2020 Cybersecurity Forecasts: 5 trends and predictions for the new year

December 18, 2019 | 10 Min Read

  If all the holiday fuss isn’t reminder enough, 2020 is almost upon us. 2019 was an unusual year in...
Read Here
Forums are Forever – Part 3: From Runet with Love

Forums are Forever – Part 3: From Runet with Love

December 17, 2019 | 24 Min Read

  The rise of alternative technologies hasn’t spelled the end of forums, which seem to be prospering against all odds....
Read Here
ShadowTalk Update – Tochka Dark Web Market Offline, Market.ms Closes, and Data Leakage Stories

ShadowTalk Update – Tochka Dark Web Market Offline, Market.ms Closes, and Data Leakage Stories

December 16, 2019 | 3 Min Read

Alex, Harrison, Kacey, and Charles chat this week on some dark web and cybercriminal updates, data leakage stories that have...
Read Here
Threat Intelligence: A Deep Dive

Threat Intelligence: A Deep Dive

December 12, 2019 | 21 Min Read

Welcome to our deep dive on threat intelligence: intended to help security professionals embarking on creating and building a threat...
Read Here
Forums are Forever – Part 2: Shaken, but not Stirred

Forums are Forever – Part 2: Shaken, but not Stirred

December 10, 2019 | 5 Min Read

  Cybercriminal forums continue to thrive despite law-enforcement takedowns and the emergence of more efficient and secure alternatives. Digital Shadows...
Read Here
ShadowTalk Update – Cybercriminal Forum Research, Mixcloud Breach, and International Crackdown on RAT Spyware

ShadowTalk Update – Cybercriminal Forum Research, Mixcloud Breach, and International Crackdown on RAT Spyware

December 9, 2019 | 3 Min Read

Viktoria invites Stewart Bertram to kick-off this week’s episode around new cybercrime research we put out on the Modern Cybercriminal...
Read Here
A Threat Intelligence Analyst’s Guide to Today’s Sources of Bias

A Threat Intelligence Analyst’s Guide to Today’s Sources of Bias

December 5, 2019 | 9 Min Read

  In an industry prone to going overboard with fear-based marketing, the cyber threat intelligence (CTI) community has a refreshing...
Read Here
Forums are Forever – Part 1: Cybercrime Never Dies

Forums are Forever – Part 1: Cybercrime Never Dies

December 4, 2019 | 10 Min Read

If one could predict the future back in the late 1990s when the first cybercriminal web forums emerged, few would...
Read Here