All Posts

Show
Digital Risk Protection: Avoid Blind Spots with a More Complete Risk Picture
July 17, 2018 read more

Five Threats to Financial Services: Part Five, Hacktivism

August 15, 2018

OK, so it’s not a sexy as insider threats, banking trojans, phishing campaigns or payment card fraud, but hacktivism is …

read more

Five Threats to Financial Services: Part Four, Payment Card Fraud

August 14, 2018

Payment card information is the lifeblood of the cybercriminal ecosystem. In previous blogs in this series, we’ve focused on how …

read more

ShadowTalk Update – 08.13.2018

August 13, 2018

In this week’s ShadowTalk it’s all things phishing. Rose Bernard and Simon Hall join Rafael Amado to discuss the recent …

read more

Digital Shadows Contributes to Insider Threat Research

August 9, 2018

On July 30, Forrester published its latest research report on malicious insiders, Defend Your Data As Insiders Monetize Their Access. …

read more

Five Threats to Financial Services: Phishing Campaigns

August 8, 2018

In our last blog, we highlighted how banking trojans are a threat to banking customers and small businesses, normally delivered …

read more

ShadowTalk Update – 08.06.2018

August 6, 2018

In this week’s episode, JP Perez-Etchegoyen, CTO of Onapsis, joins Michael Marriott to talk about the exposure of SAP and …

read more

FIN7: Arrests and Developments

August 2, 2018

Three alleged members of FIN7 arrested On August 1st, 2018, the US Department of Justice filed criminal charges against three …

read more

Diversity of Thoughts in the Workplace: Are You Thinking What I’m Thinking?

August 1, 2018

In my most recent blog post I discussed Digital Shadows’ Women’s Network and how it is helping us shape wider …

read more

Security Spotlight Series: Dr. Richard Gold

July 31, 2018

Organizations rely on Digital Shadows to be an extension of their security team. Our global team provide the latest tooling, …

read more

ShadowTalk Update – 07.30.2018

July 30, 2018

Richard Gold and Rose Bernard join Michael Marriott to talked about updates to the Satori botnet, which has expanded to …

read more

Black Hat USA 2018

July 26, 2018

Black Hat USA 2018 is quickly approaching! The conference, one of the world’s leading Information Security events, focuses on the …

read more

Cyber Threats to ERP Applications: Threat Landscape

July 24, 2018

What are ERP Applications? Organizations rely on Enterprise Resource Planning (ERP) applications to support business processes. This includes payroll, treasury, …

read more

ShadowTalk Update – 07.23.2018

July 23, 2018

In this week’s ShadowTalk, we discuss the Robert Mueller indictment against 12 Russian individuals for alleged US election interference. However, …

read more

Five Threats to Financial Services: Banking Trojans

July 19, 2018

A couple of weeks ago, we learned about a new phishing campaign that delivered Trickbot in an attempt to harvest …

read more

Mitre ATT&CK™ and the Mueller GRU Indictment: Lessons for Organizations

July 17, 2018

A recent indictment revealed how the GRU (Russia’s Military Intelligence agency) used both influence operations and network intrusions to achieve …

read more

ShadowTalk Update – 07.16.2018

July 16, 2018

In this week’s ShadowTalk, Digital Shadows’ Russian-speaking security specialist discovered files and source code allegedly related to the Carbanak organized …

read more

Alleged Carbanak Files and Source Code Leaked: Digital Shadows’ Initial Findings

July 11, 2018

Digital Shadows’ Russian-speaking security team discovered a post from 6 July 2018 on exploit[.]in that provided files and source code …

read more

Security Analyst Spotlight Series: Harrison Van Riper

July 10, 2018

Organizations rely on our cyber intelligence analysts to be an extension of their security team. Our global team of analysts provide relevant …

read more

ShadowTalk Update – 07.09.2018

July 9, 2018

In this week’s ShadowTalk, Richard Gold and Simon Hall join Rafael Amado to discuss SSL (Secure Sockets Layer) interception, a …

read more

Reducing Your Attack Surface: From a Firehose to a Straw

July 5, 2018

What is Attack Surface Reduction? Attack Surface Reduction is a powerful tool used to protect and harden environments. It’s a …

read more

ShadowTalk Update – 07.02.2018

July 2, 2018

In this week’s ShadowTalk, following news that a database containing 340 million records has been publicly exposed to the internet, …

read more

Diversity and Digital Shadows Women’s Network

June 26, 2018

If you haven’t already watched RBG – a movie about the incredible life of U.S. Supreme Court Justice Ruth Bader …

read more

ShadowTalk Update – 06.25.2018

June 25, 2018

In this week’s ShadowTalk, Simon Hall and Richard Gold join Michael Marriott to discuss the merits and perils of attribution, …

read more

How Cybercriminals are Using Messaging Platforms

June 21, 2018

Alternative Ways Criminals Transact Online: A Moving Target Last week, the cracking forum (specialized in tools for gaining unauthorized access …

read more

Five Threats to Financial Services: Part One, Insiders

June 19, 2018

The sensitive and financial data held by banks and financial institutions, as well as their centrality to national infrastructure, makes …

read more

ShadowTalk Update – 06.18.2018

June 18, 2018

In ShadowTalk this week, Dr Richard Gold and Simon Hall join Rafael Amado to discuss misconceptions around vulnerabilities and exploits, …

read more

Security Analyst Spotlight Series: Rafael Amado

June 14, 2018

Organizations rely on Digital Shadows to be an extension of their security team. Our global team of analysts provide relevant …

read more

How Cybercriminals are using Blockchain DNS: From the Market to the Bazar

June 12, 2018

Since the takedowns of AlphaBay and Hansa in 2017, the cybercriminal community has been incorporating alternative technologies to improve both …

read more

Shadow Talk Update – 06.11.2018

June 11, 2018

In Shadow Talk this week, Dr Richard Gold joins us to discuss the issue of security debt, a term used …

read more

Threats to the 2018 Football World Cup: Traditional Rules or a New Style of Play?

June 7, 2018

The tension and excitement that precedes all global sporting events is beginning to build towards the start of this year’s …

read more

Market.ms: Heir to the AlphaBay and Hansa throne?

June 4, 2018

It’s almost one year since the AlphaBay and Hansa dark web marketplace takedowns, also known as Operation Bayonet. Looking back, …

read more

Shadow Talk Update – 06.04.2018

June 4, 2018

In this week’s Shadow Talk, Dr Richard Gold joins us to discuss the return of the L0pht hackers. In 1998 …

read more

7 Ways The Digital Risk Revolution Changes Risk and Compliance – Webinar Key Insights

May 30, 2018

Lockpath’s Vice President of Development Tony Rock and I recently conducted a webinar titled “7 Ways the Digital Risk Revolution …

read more

Shadow Talk Update – 05.29.2018

May 29, 2018

The focus in this week’s Shadow Talk is on “VPNFilter”, a modular malware with disruptive functionalities has targeted more than …

read more

Security Analyst Spotlight Series: Rose Bernard

May 23, 2018

Organizations rely on our cyber intelligence analysts to be an extension of their security team. Our global team of analysts …

read more

A New Approach for Channel Security Consultants

May 22, 2018

Old school security practices simply don’t fit the new IT environment.  Cloud computing, applications and distributed workforces have changed the …

read more

Shadow Talk Update – 05.21.2018

May 21, 2018

In this week’s episode of Shadow Talk, Digital Shadows’ Head of Security Engineering, Dr Richard Gold, joins the pod to …

read more

Patch Priorities: 10 Vulnerabilities You Should Pay Attention To

May 17, 2018

Not all vulnerabilities are created equal, and those that have been exploited by threat actors carry more weight. Last month, …

read more

Digital Shadows 7th Anniversary – A Look Back

May 16, 2018

Today marks the 7th anniversary of Digital Shadows. As James and I looked back on the year, we were amazed …

read more

Shadow Talk Update – 05.14.2018

May 14, 2018

In this week’s episode Shadow Talk we look at the Winnti Umbrella group, asking what this means for organizations. We …

read more

Offsetting Dunbar by Developing Diversity

May 8, 2018

Some of you may be familiar with the Dunbar Number, 150, being the maximum amount of relationships one individual can …

read more

Shadow Talk Update – 05.07.2018

May 7, 2018

In this week’s episode Shadow Talk, it’s a vulnerability extravaganza. We cover malicious use of legitimate software, as APT28 is …

read more

The Other Side of the Counter: DDoS, Social Engineering, Spambots and Insider Risks to Criminal Locations

May 2, 2018

An enduring characteristic of dark web marketplaces is how frequently they’re offline, often through denial of services attacks. While marketplace …

read more

Shadow Talk Update – 04.30.2018

April 30, 2018

In this week’s episode of Shadow Talk, we cover the targeting of healthcare organizations by Orangeworm, BGP hijacking, vulnerabilities in …

read more

Digital Shadows Opens New State of the Art London Office in Canary Wharf

April 26, 2018

When myself and James Chappell set the company up six years ago at a kitchen table in Camden, London, we …

read more

Keys to the Kingdom: Exposed Security Assessments

April 24, 2018

Organizations employ external consultants and suppliers to perform assessments and penetration tests that help to bolster their overall internal security. …

read more

Shadow Talk Update – 04.23.2018

April 23, 2018

This week’s Shadow Talk discusses Russia’s attempts to ban the social messaging app, and also read between the lines of the joint US …

read more

Out In The Open: Corporate Secrets Exposed Through Misconfigured Services

April 18, 2018

For organizations dealing with proprietary information or assets, one of the greatest concerns is the threat of competitors getting hold …

read more

When There’s No Need to Hack: Exposed Personal Information

April 17, 2018

With Equifax‘s breach of 145 million records still fresh in everyone’s memory and the recent Facebook data privacy controversy, protecting personal …

read more

Shadow Talk Update – 04.16.2018

April 16, 2018

This week’s Shadow Talk discusses a Cisco Smart Install Client flaw exploited in disruption attack, an information leak vulnerability discovered …

read more