All Posts

Show
SearchLight’s Biggest Ever Update: New Ways to Discover, Contextualize, and Prioritize Digital Risks
July 23, 2019 read more

ShadowTalk Update – Nightmare Market in Disarray and SEC Investigation into Data Leak at First American Financial Corp

August 16, 2019

Harrison is back! Alex and Christian join this week to discuss how Black Hat and DEFCON went last week, analyze …

read more

Fresh blow for dark web markets: Nightmare market in disarray

August 13, 2019

Over the past three weeks, Digital Shadows has observed another popular dark web criminal market – Nightmare – experience several …

read more

Recon Village: Panning for gold

August 1, 2019

Richard will be presenting ‘Asset Discovery: Making Sense of the Ocean of OSINT’ at 13.50 on 9th August 2019 in …

read more

Capital One Breach: What we know and what you can do

July 31, 2019

Monday blues. It’s a thing. It’s when you start the week feeling moody because your weekend is over. The feeling …

read more

The Account Takeover Kill Chain: A Five Step Analysis

July 30, 2019

It’s no secret that credential exposure is a growing problem. Take a look at Troy Hunt’s https://www.haveibeenpwned.com – a tool …

read more

ShadowTalk Update – More BlueKeep updates, FSB contractor hacked, and the Enigma Market

July 29, 2019

Christian and Travis sit down with Harrison to discuss even more BlueKeep updates since last week, as a technical presentation gets uploaded to …

read more

Surviving and Thriving at Blackhat and DEF CON Summer Camp 2019

July 24, 2019

With BSides, Black Hat and DEF CON (aka Security Summer Camp) fast approaching, I thought I’d do a quick blog …

read more

A Growing Enigma: New AVC on the Block

July 19, 2019

This week, in a ground breaking announcement, the Bank of England named Alan Turing the new face of the £50 …

read more

ShadowTalk Update – Marriott Faces GDPR Fines, TA505 Global Attacks, Zoom 0-Day, and New Magecart Activity

July 12, 2019

Kacey and Alex join Harrison to walk through this week’s threat intelligence stories. Alex walks us through the highlight story this …

read more

Harnessing Exposed Data to Enhance Cyber Intelligence

July 11, 2019

Register for our upcoming webinar “Harnessing Exposed Data to Enhance Cyber Intelligence” with Harrison Van Riper and Michael Marriott to …

read more

Welcoming NAB Ventures & Scaling SearchLight for Growth

July 9, 2019

Today is an exciting day for Digital Shadows. Earlier this morning, we announced a $10m focused investment to scale our …

read more

Extortion, Sale, Reconnaissance, & Impersonation: 4 Ways Your Digital Footprint Enables Attackers

July 2, 2019

Whether it’s intellectual property, proprietary code, personal data, or financial information, the goal of information security is to protect those …

read more

ShadowTalk Update – Operation Soft Cell, Libra Cryptocurrency Impersonations, and New Cyber Espionage Activity

June 28, 2019

This week Alex and Phil join Harrison to discuss Operation Soft Cell, a campaign that has been actively compromising telecommunications …

read more

Facebook’s Libra Cryptocurrency: Cybercriminals tipping the scales in their favor

June 27, 2019

The announcements of Facebook’s new cryptocurrency “Libra” and its associated digital wallet “Calibra” have conjured up discussion, debate, criticism, and …

read more

ShadowTalk Update – Google Calendar Phishing, Exim Email Server Vulnerability, and Diversity in Cybersecurity

June 24, 2019

This week Alex and Jamie chat with Harrison on a cyber-threat campaign involving the abuse of legitimate features in Google …

read more

Leaky SMB File Shares – So Many Bytes!

June 19, 2019

Everyone loves a sequel. If you’re an avid Marvel fan, you’re probably sitting on the edge of your seat waiting …

read more

Managing Digital Risk: 4 Steps to Take

June 18, 2019

Organizations are finding it increasingly difficult to know where their data is stored and shared in today’s technology-forward, connected world. …

read more

ShadowTalk Update – XMRig Cryptocurrency Mining, FIN8 Backdoor, and Attacks Against Office 365

June 17, 2019

This week Harrison is joined by Travis and Alec to discuss the security stories of the week including a fileless malware …

read more

Managing Infosec Burnout: The Hidden Perpetrator

June 10, 2019

The secret of the burnout epidemic lies in how we feel about our stress, not the things that stress us …

read more

ShadowTalk Update – “HiddenWasp” and “BlackSquid” malware, TA505 and Turla actvity, and Too Much Information:The Sequel

June 7, 2019

Alex and Christian join HVR this week to discuss the Linux malware “HiddenWasp” (along with HVR’s hatred of the insect), …

read more

2.3 billion files exposed across online file storage technologies

May 30, 2019

2.3 billion is a massive number. It’s hard even to wrap your head around; what do I have 2.3 billion …

read more

BlueKeep: Cutting through the hype to prepare your organization

May 24, 2019

Over the last week we have all been tuning into our news feeds and listening to the security folks chatting …

read more

Automating 2FA phishing and post-phishing looting with Muraena and Necrobrowser

May 21, 2019

Phishing remains one of the most pervasive threats to enterprise, the simple but effective technique of tricking unassuming users into …

read more

Partnering with SecureLink to help organizations minimize their digital risk

May 15, 2019

Today we announced that SecureLink, one of Europe’s most respected independent cybersecurity and managed service providers, has partnered with Digital …

read more

Mapping Iran’s Rana Institute to MITRE Pre-ATT&CK™ and ATT&CK™

May 15, 2019

The internet has been aflame with discussions around three leaks of internal information from APT groups attributed with the Islamic …

read more

Cyber Talent Gap: How to Do More With Less

May 14, 2019

The challenge facing us today is twofold: not only is the digital footprint of the organizations we want to protect …

read more

ShadowTalk Update – 5.06.19

May 13, 2019

Kacey and Alex join HVR this week to talk through the key stories this week including a new threat group …

read more

Enabling Soi Dog’s Digital Transformation: A Case Study

May 8, 2019

At the beginning of this year I was introduced to Spencer Hardy, the IT manager for an animal charity called …

read more

Announcing Digital Shadows’ ISO27001 certification

May 7, 2019

I’m pleased to announce that Digital Shadows has recently achieved an important compliance milestone for our customers. After a concerted …

read more

ShadowTalk Update – 5.06.19

May 6, 2019

Phil and newcomer Benjamin Newman join Harrison for another edition of the Weekly Intelligence Summary. The guys cover two distinct …

read more

ShadowTalk Update – 4.29.19

April 29, 2019

Jamie and Alex are back with Harrison this week to talk about the leak of information related to APT34 on …

read more

FBI IC3: Cybercrime Surges in 2018, Causing $2.7 Billion in Losses

April 23, 2019

This week, the Federal Bureau of Investigation released its 2018 Internet Crime Complaints Center (IC3). In 2018, the IC3 responded …

read more

ShadowTalk Update – 4.22.19

April 22, 2019

This week the team discusses an unidentified threat actor that has obtained data from various personal Outlook, MSN, and Hotmail …

read more

ShadowTalk Update – 4.15.19

April 15, 2019

Christian and Jamie join Harrison for another week of ShadowTalk to discuss the FIN6 threat actor reportedly widening its range …

read more

Reducing your attack surface

April 9, 2019

What is an attack surface According to OWASP, an attack surface “describes all of the different points where an attacker could …

read more

ShadowTalk Update – 4.8.19

April 8, 2019

Jamie, Alex and Zuko sit down with Harrison to talk about a story that flew a little under the radar …

read more

Easing into the extortion game

April 3, 2019

One of the main ideas which flowed through Photon’s most recent research report, A Tale of Epic Extortions, was that cyber …

read more

Predator: Modeling the attacker’s mindset

April 2, 2019

Author: Richard Gold  The phrases “attacker’s mindset” or “think like an attacker” are often used in cyber security to encourage …

read more

Making Some Noise in the Channel

April 1, 2019

Digital Shadows Channel REV Partner Program shifts into 5th gear and earns the CRN 5-Star Partner Program Guide Award It’s …

read more

ShadowTalk Update – 4.1.19

March 29, 2019

Christian and Jamie sit down with Harrison to talk about the compromised Asus server used to distribute backdoor malware to …

read more

Cyber Risks and High-frequency Trading: Conversation with an Insider

March 26, 2019

Research from the Carnegie Endowment for International Peace published this week focused the attention on how financial systems around the …

read more

ShadowTalk Update – 3.25.19

March 25, 2019

Harrison chats with Jamie and Alex this week on an attack on Norwegian aluminum and renewable-energy company Norsk Hydro ASA. …

read more

Dark Web Typosquatting: Scammers v. Tor

March 21, 2019

Time and time again, we see how the cybercriminal ecosystem often mirrors what happens in the business world. This can …

read more

How to Secure Your Online Brand

March 20, 2019

What is online brand security? As we outlined in our Practical Guide to Reducing Digital Risk, the integrity of brand …

read more

ShadowTalk Update – 3.18.19

March 18, 2019

Harrison sits down with Rose and Christian for a quick chat about APT40 targeting educational maritime research, as well as …

read more

Detecting Exposed Company Data: The What, Why, and How

March 12, 2019

What is data loss detection? A fundamental responsibility for any IT security professional is to secure their information assets, be …

read more

ShadowTalk Update – 3.11.19

March 11, 2019

This week Jamie and Alex join Harrison to look at Fin6, who has begun regularly targeting card-not-present data on e-commerce …

read more

Purple Teaming with Vectr, Cobalt Strike, and MITRE ATT&CK™

March 6, 2019

Authors: Simon Hall, Isidoros Monogioudis   Here at Digital Shadows we perform regular purple team exercises to continually challenge and …

read more

ShadowTalk Update – 3.04.19

March 4, 2019

This week Rose and Phil join Harrison to discuss a three-stage cryptocurrency mining attack using Mimikatz and Radmin in tandem. …

read more

Don’t Take Our Word for It: See for Yourself Why Forrester Named SearchLight a Leader….For Free!

February 27, 2019

Every day cyber security professionals are bombarded with marketing messages from 3,000+ security vendors. It’s a cacophony of catchy tag …

read more