All Posts

Show
Dark Web Monitoring: The Good, The Bad, and The Ugly
September 11, 2019 read more

Cybercriminal Forum Developments: Escrow Services

October 15, 2019

Financial transactions made on cybercriminal forums tend to look remarkably similar to transactions made on legitimate platforms. You have a …

read more

ShadowTalk Update – Iran-linked APT35, Skimming by Magecart 4, Rancour, and Emotet Resurgence

October 11, 2019

We’re back in London this week! Viktoria chats with Adam Cook, Philip Doherty, and Josh Poole on this week’s top …

read more

ANU Breach Report: Mapping to Mitre ATT&CK Framework

October 11, 2019

Introduction This week, the Australian National University (ANU) published a report on an intrusion into their networks that occurred in …

read more

Dark Web Overdrive: The Criminal Marketplace Understood Through Cyberpunk Fiction

October 9, 2019

In 1984, science fiction writer William Gibson became the father of the Cyberpunk fiction genre with his novel, Neuromancer. Neuromancer …

read more

ShadowTalk Update – Magecart Five Widens Attack Vectors, Suspected Chinese Threat Actor Targets Airbus Suppliers, and Tortoiseshell Developments

October 4, 2019

Coming to you from London this week, Jamie Collier, Philip Doherty, and Josh Poole join Viktoria Austin for our weekly …

read more

Top Threat Intelligence Podcasts to Add to Your Playlist

October 3, 2019

Looking for some new threat intelligence podcasts to add to your playlist? Look no further! Our Photon Threat Intelligence Research …

read more

Domain Squatting: The Phisher-man’s Friend

October 1, 2019

In the past we have talked about the internal assessments that we perform here at Digital Shadows. As part of …

read more

ShadowTalk Update – Tortoiseshell Targets IT Providers, the Tyurin Indictment, and Emotet’s Return

September 27, 2019

Viktoria hosts this week’s episode in London with Phillip Doherty and Adam Cook. After a quick debate around the top …

read more

Singapore Cyber Threat Landscape report (H1 2019)

September 26, 2019

Despite being the second smallest country in Asia, Singapore is a global financial and economic hub. On top of this, …

read more

Mapping the Tyurin Indictment to the Mitre ATT&CK™ framework

September 25, 2019

Between 2012 to mid-2015, U.S. financial institutions, financial services corporations and financial news publishers fell victim to one of the …

read more

SecDevOps: Continued Database Exposures Point to Growing Challenges

September 24, 2019

Last week, we learned that millions of Ecuadorian’s personal details had been exposed by a misconfigured ElasticSearch database. This is …

read more

ShadowTalk Update – Universities still attracting espionage from Iran, SimJacker exploit, NCSC Threat Trends, and Ransomware Updates

September 20, 2019

It’s Harrison and Alex this week for your threat intelligence updates. The guys first dig into the NCSC’s recent threat …

read more

Nemty Ransomware: Slow and Steady Wins the Race?

September 19, 2019

As we outlined recently, ransomware is a key theme of the NCSC Cyber Trends Report: it’s a pervasive threat that …

read more

NCSC Cyber Threat Trends Report: Analysis of Attacks Across UK Industries

September 18, 2019

The United Kingdom’s National Cyber Security Centre (NCSC) recently released their Incident trends report (October 2018 – April 2019) which …

read more

Your Data at Risk: FBI Cyber Division Shares Top Emerging Cyber Threats to Your Enterprise

September 17, 2019

Data breaches are not slowing down. Nobody expects to be a victim, but the data shows the exponential growth in …

read more

ShadowTalk Update – Metasploit Project Publishes Exploit For Bluekeep, plus APT3 and Silence Cybercrime Group Updates

September 13, 2019

Viktoria Austin is joined by Adam Cook and Phil Dohetry this week in the London office to talk about the …

read more

Mapping the NIST Cybersecurity Framework to SearchLight: Eating our own BBQ

September 10, 2019

Back in February, I wrote about how we avoid the term “eat your own dog food” here at Digital Shadows, …

read more

ShadowTalk Update – Ryuk Ransomware, Twitter rids SMS tweets, and Facebook Records Exposed

September 9, 2019

Alex, Alec, and Harrison are in the room today discussing 3 top stories from the week. First up – a …

read more

Envoy on a Mission to Bring Stability to the Criminal Underground

September 4, 2019

Recent Turbulence in the Underground From the sudden disappearance and ongoing instability issues of KickAss and Torum, to the high …

read more

ShadowTalk Update – More Sodinokibi Activity, Imperva Breach, and Weirdest Food at the Texas State Fair

September 2, 2019

CISO Rick Holland and Alex Guirakhoo join Harrison Van Riper this week to talk through more Sodinokibi activity. Just yesterday, …

read more

Emotet Returns: How To Track Its Updates

August 26, 2019

What is Emotet? Emotet started life as a banking trojan in 2014; targeting financial information on victim computers. However, over …

read more

ShadowTalk Update – Texas Ransomware Outbreaks and Phishing Attacks Using Custom 404 pages

August 23, 2019

Charles Ragland (a brand new ShadowTalk-er!) and Christian Rencken join Harrison this week to discuss an outbreak of ransomware attacks …

read more

Breach! An Analysis of the Modern Digital Breach, with Cyber Defense Lab’s CEO, Bob Anderson

August 22, 2019

Just prior to the BlackHat & DEFCON, my colleague Rick Holland and I were fortunate to share some time in …

read more

The Nouns of Black Hat: People, Places, and Things From Summer Camp 2019

August 19, 2019

Black Hat and DEFCON are a wrap! Digital Shadows was there in a big way this year and it was …

read more

Black Hat and DEFCON 2019 – Some of our Favorite Sessions

August 19, 2019

The team were fortunate to go to Black Hat and DEFCON this year, and we wanted to share back some …

read more

ShadowTalk Update – Nightmare Market in Disarray and SEC Investigation into Data Leak at First American Financial Corp

August 16, 2019

Harrison is back! Alex and Christian join this week to discuss how Black Hat and DEFCON went last week, analyze …

read more

Fresh blow for dark web markets: Nightmare market in disarray

August 13, 2019

Over the past three weeks, Digital Shadows has observed another popular dark web criminal market – Nightmare – experience several …

read more

Recon Village: Panning for gold

August 1, 2019

Richard will be presenting ‘Asset Discovery: Making Sense of the Ocean of OSINT’ at 13.50 on 9th August 2019 in …

read more

Capital One Breach: What we know and what you can do

July 31, 2019

Monday blues. It’s a thing. It’s when you start the week feeling moody because your weekend is over. The feeling …

read more

The Account Takeover Kill Chain: A Five Step Analysis

July 30, 2019

It’s no secret that credential exposure is a growing problem. Take a look at Troy Hunt’s https://www.haveibeenpwned.com – a tool …

read more

ShadowTalk Update – More BlueKeep updates, FSB contractor hacked, and the Enigma Market

July 29, 2019

Christian and Travis sit down with Harrison to discuss even more BlueKeep updates since last week, as a technical presentation gets uploaded to …

read more

Surviving and Thriving at Blackhat and DEF CON Summer Camp 2019

July 24, 2019

With BSides, Black Hat and DEF CON (aka Security Summer Camp) fast approaching, I thought I’d do a quick blog …

read more

SearchLight’s Biggest Ever Update: New Ways to Discover, Contextualize, and Prioritize Digital Risks

July 23, 2019

Since founding the company in 2011, we’ve had some memorable milestones: from the first release of SearchLight in 2014, to …

read more

A Growing Enigma: New AVC on the Block

July 19, 2019

This week, in a ground breaking announcement, the Bank of England named Alan Turing the new face of the £50 …

read more

ShadowTalk Update – Marriott Faces GDPR Fines, TA505 Global Attacks, Zoom 0-Day, and New Magecart Activity

July 12, 2019

Kacey and Alex join Harrison to walk through this week’s threat intelligence stories. Alex walks us through the highlight story this …

read more

Harnessing Exposed Data to Enhance Cyber Intelligence

July 11, 2019

Register for our upcoming webinar “Harnessing Exposed Data to Enhance Cyber Intelligence” with Harrison Van Riper and Michael Marriott to …

read more

Welcoming NAB Ventures & Scaling SearchLight for Growth

July 9, 2019

Today is an exciting day for Digital Shadows. Earlier this morning, we announced a $10m focused investment to scale our …

read more

Extortion, Sale, Reconnaissance, & Impersonation: 4 Ways Your Digital Footprint Enables Attackers

July 2, 2019

Whether it’s intellectual property, proprietary code, personal data, or financial information, the goal of information security is to protect those …

read more

ShadowTalk Update – Operation Soft Cell, Libra Cryptocurrency Impersonations, and New Cyber Espionage Activity

June 28, 2019

This week Alex and Phil join Harrison to discuss Operation Soft Cell, a campaign that has been actively compromising telecommunications …

read more

Facebook’s Libra Cryptocurrency: Cybercriminals tipping the scales in their favor

June 27, 2019

The announcements of Facebook’s new cryptocurrency “Libra” and its associated digital wallet “Calibra” have conjured up discussion, debate, criticism, and …

read more

ShadowTalk Update – Google Calendar Phishing, Exim Email Server Vulnerability, and Diversity in Cybersecurity

June 24, 2019

This week Alex and Jamie chat with Harrison on a cyber-threat campaign involving the abuse of legitimate features in Google …

read more

Leaky SMB File Shares – So Many Bytes!

June 19, 2019

Everyone loves a sequel. If you’re an avid Marvel fan, you’re probably sitting on the edge of your seat waiting …

read more

Managing Digital Risk: 4 Steps to Take

June 18, 2019

Organizations are finding it increasingly difficult to know where their data is stored and shared in today’s technology-forward, connected world. …

read more

ShadowTalk Update – XMRig Cryptocurrency Mining, FIN8 Backdoor, and Attacks Against Office 365

June 17, 2019

This week Harrison is joined by Travis and Alec to discuss the security stories of the week including a fileless malware …

read more

Managing Infosec Burnout: The Hidden Perpetrator

June 10, 2019

The secret of the burnout epidemic lies in how we feel about our stress, not the things that stress us …

read more

ShadowTalk Update – “HiddenWasp” and “BlackSquid” malware, TA505 and Turla actvity, and Too Much Information:The Sequel

June 7, 2019

Alex and Christian join HVR this week to discuss the Linux malware “HiddenWasp” (along with HVR’s hatred of the insect), …

read more

2.3 billion files exposed across online file storage technologies

May 30, 2019

2.3 billion is a massive number. It’s hard even to wrap your head around; what do I have 2.3 billion …

read more

BlueKeep: Cutting through the hype to prepare your organization

May 24, 2019

Over the last week we have all been tuning into our news feeds and listening to the security folks chatting …

read more

Automating 2FA phishing and post-phishing looting with Muraena and Necrobrowser

May 21, 2019

Phishing remains one of the most pervasive threats to enterprise, the simple but effective technique of tricking unassuming users into …

read more

Partnering with SecureLink to help organizations minimize their digital risk

May 15, 2019

Today we announced that SecureLink, one of Europe’s most respected independent cybersecurity and managed service providers, has partnered with Digital …

read more