All Posts

Digital Shadows Opens New State of the Art London Office in Canary Wharf
April 26, 2018 read more

Shadow Talk Update – 05.21.2018

May 21, 2018

In this week’s episode of Shadow Talk, Digital Shadows’ Head of Security Engineering, Dr Richard Gold, joins the pod to …

read more

Patch Priorities: 10 Vulnerabilities You Should Pay Attention To

May 17, 2018

Not all vulnerabilities are created equal, and those that have been exploited by threat actors carry more weight. Last month, …

read more

Digital Shadows 7th Anniversary – A Look Back

May 16, 2018

Today marks the 7th anniversary of Digital Shadows. As James and I looked back on the year, we were amazed …

read more

Shadow Talk Update – 05.14.2018

May 14, 2018

In this week’s episode Shadow Talk we look at the Winnti Umbrella group, asking what this means for organizations. We …

read more

Offsetting Dunbar by Developing Diversity

May 8, 2018

Some of you may be familiar with the Dunbar Number, 150, being the maximum amount of relationships one individual can …

read more

Shadow Talk Update – 05.07.2018

May 7, 2018

In this week’s episode Shadow Talk, it’s a vulnerability extravaganza. We cover malicious use of legitimate software, as APT28 is …

read more

The Other Side of the Counter: DDoS, Social Engineering, Spambots and Insider Risks to Criminal Locations

May 2, 2018

An enduring characteristic of dark web marketplaces is how frequently they’re offline, often through denial of services attacks. While marketplace …

read more

Shadow Talk Update – 04.30.2018

April 30, 2018

In this week’s episode of Shadow Talk, we cover the targeting of healthcare organizations by Orangeworm, BGP hijacking, vulnerabilities in …

read more

Keys to the Kingdom: Exposed Security Assessments

April 24, 2018

Organizations employ external consultants and suppliers to perform assessments and penetration tests that help to bolster their overall internal security. …

read more

Shadow Talk Update – 04.23.2018

April 23, 2018

This week’s Shadow Talk discusses Russia’s attempts to ban the social messaging app, and also read between the lines of the joint US …

read more

Out In The Open: Corporate Secrets Exposed Through Misconfigured Services

April 18, 2018

For organizations dealing with proprietary information or assets, one of the greatest concerns is the threat of competitors getting hold …

read more

When There’s No Need to Hack: Exposed Personal Information

April 17, 2018

With Equifax‘s breach of 145 million records still fresh in everyone’s memory and the recent Facebook data privacy controversy, protecting personal …

read more

Shadow Talk Update – 04.16.2018

April 16, 2018

This week’s Shadow Talk discusses a Cisco Smart Install Client flaw exploited in disruption attack, an information leak vulnerability discovered …

read more

Escalation in Cyberspace: Not as Deniable as We All Seem to Think?

April 12, 2018

The recent assassination attempt on former Russian spy Sergey Skripal has led to a deluge of cyber-based conspiracy theories within …

read more

Leveraging the 2018 Verizon Data Breach Investigations Report

April 10, 2018

Today, the 11th edition of the Verizon Data Breach Investigations Report (DBIR) has been released. This year’s report includes 53,308 …

read more

Introducing Shadow Search – Quickly enable deeper research and investigation

April 10, 2018

All enterprises face key challenges in their quest to protect their organization from cyber threats. One challenge I hear consistently …

read more

Shadow Talk Update – 04.09.2018

April 9, 2018

Back from the Easter break, this week’s Shadow Talk discusses what the re-emergence of WannaCry, exposure of Aggregate IQ data, …

read more

One CISO’s Recommendations for Making the Most of RSA Conference Sessions

April 9, 2018

Last week, Enterprise Strategy Group (ESG) principal analyst, Jon Oltsik, wrote an article for CSO titled: “RSA Conference: CISOs’ top …

read more

When Sharing Is Not Caring: Over 1.5 Billion Files Exposed Through Misconfigured Services

April 5, 2018

Our recent report “Too Much Information”, discovered over 1.5 billion files from a host of services, including Amazon S3 buckets, …

read more

Genesis Botnet: The Market Claiming to Sell Bots That Bypass Fingerprinting Controls

April 3, 2018

An emerging criminal market, Genesis store, provides more effective ways to impersonate a victim’s browser activity, focusing on individual bots …

read more

RSA Conference 2018 – Digital Shadows

March 28, 2018

RSA Conference is almost here! This year’s conference theme is “Now Matters,” looking at the quick impact threats can have …

read more

The Five Families: The Most Wanted Ransomware Groups

March 27, 2018

Last week we presented a webinar on “Emerging Ransomware Threats and How to Protect Your Data”. Here we discussed the latest …

read more

Shadow Talk Update – 03.26.2018

March 26, 2018

This week’s Shadow Talk discusses what the Cambridge Analytica revelations mean for disinformation and personal privacy, updates to Trickbot, Zeus …

read more

Pop-up Twitter Bots: The Shift to Opportunistic Targeting

March 22, 2018

Since the furor surrounding Russia’s alleged use of Twitter bots to influence the 2016 presidential election in the United States, …

read more

Cyber Security as Public Health

March 21, 2018

Public health, one of the great 20th century ideas, has many instructive lessons for cyber security in the 21st. Let’s …

read more

Shadow Talk Update – 03.19.2018

March 19, 2018

This week’s Shadow Talk features the latest techniques in tax return fraud, claimed vulnerabilities in AMD chips, Slingshot malware targeting Mikrotik …

read more

Anonymous and the New Face of Hacktivism: What to Look Out For in 2018

March 13, 2018

The Anonymous collective has been the face of activism since 2008. Since then, the group’s membership, operations, and structure have …

read more

Shadow Talk Update – 03.12.2018

March 12, 2018

This week’s Shadow Talk features more distributed denial of service (DDoS) attacks using Memcached servers, how disinformation is more than …

read more

Ransomware in 2018: 4 Things to Look Out For

March 8, 2018

Ransomware remains an active threat for organizations into 2018. Last year, large scale attacks like NotPetya and WCry wreaked havoc, …

read more

Pressing For Progress This International Women’s Day

March 8, 2018

“Do you think you’re going to be able to handle working with all these men?” One of the few questions …

read more

It’s Accrual World: Tax Return Fraud in 2018

March 7, 2018

With just over a month until Tax Deadline Day, individuals are scrambling to get their tax returns submitted. This is …

read more

Shadow Talk Update – 03.05.2018

March 5, 2018

On this week’s Shadow Talk podcast, the Research Team cover CVE-2018-4878 being used in a spam campaign, the HTTPS certificate …

read more

The New Frontier: Forecasting Cryptocurrency Fraud

March 1, 2018

Not a week goes by without a new case of cryptocurrency fraud making headlines. The most recent example concerned the …

read more

Protecting Your Brand: Return on Investment

February 27, 2018

Last week I was joined by Brett Millar, Director of Global Brand Protection for Fitbit, for a webinar on “Protecting …

read more

Shadow Talk Update – 02.26.2018

February 26, 2018

In this week’s podcast, the Digital Shadows Research Team discuss attacks against banks using the SWIFT network, business email compromise …

read more

Threats to the Upcoming Italian Elections

February 22, 2018

On 5 March Italian citizens will vanno alle urne to vote in a general election, following the dissolution of the …

read more

Prioritize to Avoid Security Nihilism

February 20, 2018

In many situations associated with cyber security, in particular defending an organization, it is easy to get overwhelmed with not …

read more

Shadow Talk Update – 02.19.2018

February 19, 2018

In this week’s Shadow Talk podcast, the Digital Shadows Research Team analyses new activity from the Lazarus Group, attacks on …

read more

Infraud Forum Indictment and Arrests: What it Means

February 15, 2018

On 07 February 2018, the U.S. Department of Justice unveiled an indictment from 31 October 2017 against 36 individuals associated …

read more

Cryptojacking: An Overview

February 13, 2018

What is Cryptojacking? Cryptojacking is the process of hijacking someone else’s browser to mine cryptocurrencies with their computer processing power. …

read more

Shadow Talk Update – 12.02.2018

February 12, 2018

With the 2018 Winter Games beginning this week, the Digital Shadows Research Team focused on threats to those traveling to …

read more

2017 Android malware in review: 4 key takeaways

February 8, 2018

Android mobile devices were an attractive target for malicious activity throughout 2017. The ubiquity of these devices, and the sensitive …

read more

Phishing for Gold: Threats to the 2018 Winter Games

February 6, 2018

Digital Shadows has been monitoring major sporting events since 2014, beginning with the Winter Olympics in Sochi, Russia, and then …

read more

Shadow Talk Update – 02.05.2018

February 5, 2018

In this week’s podcast episode of Shadow Talk, the Digital Shadows Research Team covered a range of activity. Here’s a quick …

read more

Four Ways Criminals Are Exploiting Interest in Initial Coin Offerings

February 1, 2018

Initial Coin Offerings (ICOs) are a way of crowdfunding cryptocurrencies and cryptocurrency platforms. By the end of 2017, almost $4 …

read more

Why Marketing Leaders Must Take Action To Manage Digital Risk And Protect Their Brand

January 30, 2018

I am one of you. I have been in the marketing field for more than 20 years and have seen …

read more

Shadow Talk Update – 01.29.2018

January 29, 2018

In this week’s Shadow Talk podcast episode, the Digital Shadows Research Team covered a range of activity. Here’s a quick …

read more

Data Privacy Day: 8 Key Recommendations for GDPR Readiness

January 26, 2018

This Sunday is Data Privacy Day, “an international effort held annually on January 28th to create awareness about the importance …

read more

Don’t Rely on One Star to Manage Digital Risk, The Key is Total Coverage

January 16, 2018

This post originally appeared on  Vince Lombardi, one of the greatest coaches of all time said, “The achievements of …

read more

Another Year Wiser: Key Dates to Look Out For In 2018

January 10, 2018

Early last year, we published a blog outlining the events of 2017 that were most likely to attract the attention …

read more