All Posts

Show
SearchLight’s Biggest Ever Update: New Ways to Discover, Contextualize, and Prioritize Digital Risks
July 23, 2019 read more

Emerging Markets: Online Extortion Matures via DDoS Attacks

November 9, 2015

Unlike scenes from books or movies where shadowy figures hold manila envelopes containing information or photographs pertaining to an unsuspecting …

read more

Crackas With Attitude strike again?

October 28, 2015

Last week, the New York Post reported that hackers had compromised the personal email address of CIA Director, John Brennan. …

read more

TalkTalk: Avoiding The Hype

October 28, 2015

There has been no shortage of media coverage on the recent TalkTalk cyber attack.  The full implications of the attack …

read more

Smilex: Dangers of Poor OpSec

October 27, 2015

Background On 13 Oct 2015, it was revealed in an indictment on the US department of Justice website that Dridex …

read more

Online Carding

October 7, 2015

There is no shortage of credit card information being sold online. In the past six months alone, our spider (which covers I2P …

read more

How the Internet of Things (IoT) is Expanding Your Digital Shadow

September 9, 2015

The Internet of Things (IoT) is a development that is the direct result of objects, technology, people that have been …

read more

The Intelligence Cycle – What Is It Good For?

September 9, 2015

It seems that the concept of ‘intelligence’ is a problem. The definition isn’t agreed, and the industry is peppered with …

read more

OPSEC and Trust In An Underground Cybercriminal Forum

September 9, 2015

Introduction There are perhaps tens of thousands of forums and sites in the visible and dark webs dedicated to criminal …

read more

Digital Shadows Invited To 10 Downing Street

September 8, 2015

Interest in London’s burgeoning tech industry is growing so rapidly that even David Cameron has taken notice; at Pitch10, an event at 10 Downing Street to be held on Thursday 31st July, ten of the most promising digital companies in Britain will pitch their businesses to an audience that includes Cameron himself.

read more

Working In Multilingual Sources

September 8, 2015

This post will be about some of the challenges you are likely to face trying to handle data in different languages and how to deal with them. Most of our code is in Java so the examples here will all be written in Java

read more

The Intelligence Trinity

September 8, 2015

For several years now there has been considerable hype and hubris around the term ‘intelligence’ within the cyber security industry. It feels as if the term has been diluted as its usage has extended to include vendors dealing in a range of issues from bad IPs and Indicators of Compromise, to tip-offs that hacktivist groups are targeting particular sectors and the activities of APT groups, and everything in-between.

read more

Source Evaluation

September 8, 2015

To organisations, threat intelligence is about understanding the threat landscape – the various actors and campaigns which conduct cyber attacks – so that when they are specifically targeted it can be detected, mitigation put in place, and the risk to their business reduced. Robust source evaluation minimises the chance of crying wolf, or warning of the wrong threat entirely.

read more

Digital Shadows joins roundtable at 10 Downing Street

September 8, 2015

Alastair Paterson, CEO of Digital Shadows, recently visited 10 Downing Street to participate in a roundtable on cyber security. The session brought together leaders from industry, academia and government and sought to address the challenges surrounding cyber security policy.

read more

Remote working at Digital Shadows

September 8, 2015

Here at Digital Shadows we’ve worked hard to assemble the most dedicated and talented development team possible and that has resulted in our team being concentrated here in London, but including members both further afield in the UK and internationally. This means that we’ve had to learn how to work with a distributed team and this post will cover our experiences and some of the utilities we’re making use of to work as efficiently as possible.

read more

Analytical Tradecraft at Digital Shadows

September 8, 2015

This week my colleague and I attended the SANS Cyber Threat Intelligence conference in Washington DC. It was great to hear more from analysts and CTI users from across the community, as well as mingle with the plethora of vendors who were present. This blog explores some of the themes which arose from discussions on analytical tradecraft.

read more

Digital Shadows Works Alongside Bank of England To Develop New Testing Framework To Help Guard UK Financial Sector Against Cyber Attack

September 8, 2015

CBEST aims to improve the understanding of the types of cyber-attack that could undermine financial stability in the UK, and …

read more

The Dangers of Groupthink

September 7, 2015

Over the next few blog posts we’ll be looking at various types of cognitive bias and suggest ways of dealing with them.

read more

The Dangers of Groupthink: Part 2

September 7, 2015

This post moves on to the second cause of groupthink and tries to understand how organizational structural faults may result in manifestations of groupthink.

read more

The Adult Friend Finder Breach: A Recap

September 7, 2015

Last week, news quickly spread about a security breach that impacted the casual dating website Adult Friend Finder. Will Gragido. Head of Threat Intelligence for Digital Shadows in the USA, shares his findings.

read more

Saudi Arabia MOFA Breach

September 7, 2015

A look at the recent MOFA breach.

read more

Emerging Markets & Services: Ransomware-as-a-Service

September 7, 2015

A look at emerging markets and services, specifically at  ransomeware-as-a-service.

read more

Kaspersky Labs Discloses Duqu 2.0 Attack

September 7, 2015

Introduction Today social media channels the world over are a buzz with news of Kaspersky Labs disclosure of the discovery …

read more

Digital Shadows Integrates With Maltego Through Partnership With Malformity Labs

September 7, 2015

The need for organizations to focus on their risk exposure is growing daily, and their ability to establish a clear …

read more

What’s In a Name? The Mystery Surrounding the Identity of the Actors Responsible for the Saudi Arabia Breaches

September 7, 2015

Introduction Recently we wrote about the initial breach of the Ministry of Foreign Affairs of the Kingdom of Saudi Arabia …

read more

Online Extortion – Old Ways, New Tricks

September 7, 2015

Extortion is nothing new for organised crime. For centuries, gangs have been operating protection rackets and kidnappings to successfully extract ransom money from their victims. And as with many things in modern life, these old techniques have been successfully brought over to the cyber realm.

read more