All Posts

Show
How cybercriminals are taking advantage of COVID-19: Scams, fraud, and misinformation
March 12, 2020 read more

Red Team Blues: A 10 step security program for Windows Active Directory environments

February 6, 2020

  A fun tweet crossed our path recently, the author asked, “Redteam operators: Which defensive settings have you encountered that …

read more

How to Operationalize Threat Intelligence: Actionability and Context

February 5, 2020

  In 1988 the idea of a Computer Emergency Response Team was first introduced at Carnegie Mellon University. Fast-forward through …

read more

Dark web travel agencies: Take a trip on the dark side

February 4, 2020

  For at least the last two years, an ecosystem of fraud has been perpetrated by cybercriminals against nearly every …

read more

ShadowTalk Update – SANS CTI Summit, Snake Ransomware, CacheOut, and Citrix Vuln Update

February 3, 2020

Rick Holland jumps in to kick-off this week’s episode to recap the 2020 SANS CTI Summit with Harrison. Then Harrison, …

read more

Competitions on Russian-language cybercriminal forums: Sharing expertise or threat actor showboating?

January 30, 2020

  You might be feeling the pinch at this time of year… The financial demands of Christmas have taken their …

read more

Cyber Threat Intelligence Frameworks: 5 Rules for Integrating These Frameworks

January 29, 2020

  As the cyber threat intelligence (CTI) industry continues to grow, so does the discipline’s thinking tools. Whether your intelligence …

read more

SANS Cyber Threat Intelligence Summit 2020: A Recap

January 28, 2020

  Last week I attended the eighth annual SANS Cyber Threat Intelligence Summit in Crystal City, Virginia. I want to …

read more

ShadowTalk Update – Citrix Vulnerability, Microsoft Data Breach, and Telnet Credentials Published

January 27, 2020

Following on from last week, Citrix released a first set of patches to fix a vulnerability (CVE-2019 -19781) affecting the …

read more

How Digital Shadows Helped Find and Remediate an Exposed Admin Password on Github

January 23, 2020

  I often get asked to share examples of the types of alerts we send to clients. I work on …

read more

Inside Digital Shadows: Davitt Potter Joins as Director of MSSP and Channels in the Americas

January 22, 2020

  I’ve spent over 25 years now in the channel supporting enterprise IT in some form or fashion.  After a …

read more

How the Cybercriminal Underground Mirrors the Real World

January 21, 2020

Mirror, Mirror, on the wall. Who’s the best cybercriminal of them all? The terms cybercriminal and hacker often conjure up …

read more

ShadowTalk Update – NSA Vulnerability Disclosure, Ransomware News, and Iran Updates

January 20, 2020

Kacey, Charles, Alex, and Harrison host this week’s threat intelligence update from Dallas. We kick off with vulnerabilities from the …

read more

Third Party Risk: 4 ways to manage your security ecosystem

January 16, 2020

  The digital economy has multiplied the number of suppliers that organizations work and interact with. Using a supplier can …

read more

NSA Vulnerability Disclosure: Pros and Cons

January 15, 2020

  On Monday, January 13th, Brian Krebs reported that Microsoft would be releasing “a software update on Tuesday to fix …

read more

CVE-2019-19781: Analyzing the Exploit

January 14, 2020

  On December 17th 2019, CVE-2019-19781 was disclosed. The vulnerability allows for directory traversal and remote code execution on Citrix …

read more

Cryptonite: Ransomware’s answer to Superman…

January 14, 2020

  Update: It appears that the Cryptonite website is no longer active, such is the rapidly changing nature of cybercrime. …

read more

Iran and the United States – start of the long war or return to normal?

January 13, 2020

  On 03 Jan 2020, the United States conducted a targeted killing of Major General Qasem Soleimani, commander of the …

read more

ShadowTalk Update – Iranian Cyber Threats, Travelex Ransomware Attack, and Exploit Forum updates

January 10, 2020

We’re back with our weekly ShadowTalk episodes! Viktoria hosts this week and introduces the episode bringing Sammy on to provide …

read more

Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and the ASD Essential 8

January 7, 2020

  With the recent news of Qasem Soleimani on Friday 3rd January 2020, many organizations have been reviewing their security …

read more

Iran and Soleimani: Monitoring the Situation

January 7, 2020

*This blog has been updated as of Jan 9, 2020.  Welcome to 2020. Have a good holiday? Back to work …

read more

Iranian Cyber Threats: Practical Advice for Security Professionals

January 6, 2020

Unless you went very dark for an extended holiday break, you are no doubt very well aware of the United …

read more

ShadowTalk Update – Jingle Bell Ryuk: NOLA Ransomware, Ring Doorbells, and 2020 Predictions

December 23, 2019

CISO Rick Holland joins our ShadowTalk hosts (Viktoria, Alex, and Harrison) for our holiday special! This week the team covers: …

read more

Top Security Blogs of 2019 from Digital Shadows

December 20, 2019

  As we approach the end of 2019, we wanted to share some of the most popular security trends and …

read more

The Closure of Market.ms: A Cybercriminal Marketplace Ahead of Its Time

December 18, 2019

In the world of “what could have been,” the cybercriminal marketplace market[.]ms would be a leader in the cybercriminal underground. …

read more

2020 Cybersecurity Forecasts: 5 trends and predictions for the new year

December 18, 2019

  If all the holiday fuss isn’t reminder enough, 2020 is almost upon us. 2019 was an unusual year in …

read more