Blog & Resources 2016

The latest advice, opinion and research from our dedicated intelligence analyst team.

Mirai: A Turning Point For Hacktivism?

December 16, 2016 | 5 Min Read

A “digital nuclear attack”. A “zombie apocalypse”. “The end of history. “ Much has been made of Mirai, the recently discovered malware that incorporates Internet of Things (IoT)...

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

Connect with us

Mirai: A Turning Point For Hacktivism?

Mirai: A Turning Point For Hacktivism?

December 16, 2016 | 5 Min Read

A “digital nuclear attack”. A “zombie apocalypse”. “The end of history. “ Much has been made of Mirai, the recently...
Coming to a Country Near You? The Rapid Development of The TrickBot Trojan

Coming to a Country Near You? The Rapid Development of The TrickBot Trojan

December 16, 2016 | 4 Min Read

Since the discovery of TrickBot in September 2016, its operators have continued to develop the malware to include the targeting...
Crowdsourced DDoS Extortion – A Worrying Development?

Crowdsourced DDoS Extortion – A Worrying Development?

December 13, 2016 | 3 Min Read

We all know about DDoS extortion – the process is straightforward. Contact the company, threaten to launch a crippling DDoS...
You Should Consider Forecasts, Not Predictions

You Should Consider Forecasts, Not Predictions

December 9, 2016 | 4 Min Read

Well it’s that time of year again. Sorry, not the Lexus December to Remember Sales Event (don’t you just love those commercials),...
The Top Three Most Popular Blogs of 2016

The Top Three Most Popular Blogs of 2016

December 8, 2016 | 2 Min Read

It’s been a great year for the Digital Shadows blog, we started it off winning the “Best New Security Blog...
A Model of Success: Anticipating Your Attackers’ Moves

A Model of Success: Anticipating Your Attackers’ Moves

December 1, 2016 | 4 Min Read

In a previous blog, we discussed the role of planning in offensive operations and the power that effective planning affords...
Windows Shopping: 7 Threats To Look Out For This Holiday Season

Windows Shopping: 7 Threats To Look Out For This Holiday Season

November 23, 2016 | 5 Min Read

Thanksgiving, Black Friday, Cyber Monday, Christmas. There’s a lot of shopping to be done between now and the end of...
Ransomware-as-a-service: The Business Case

Ransomware-as-a-service: The Business Case

November 22, 2016 | 4 Min Read

It can be tempting to dismiss cybercriminal activity as merely the workings of opportunistic actors looking to make a fast...
Leak on Aisle 12! An Analysis of Competing Hypotheses for the Tesco Bank Incident

Leak on Aisle 12! An Analysis of Competing Hypotheses for the Tesco Bank Incident

November 11, 2016 | 5 Min Read

On November 6, 2016 multiple UK media outlets reported that the UK-based Tesco Bank had informed approximately 40,000 customers that...
Top 5 Threats to the Media and Broadcasting Industry

Top 5 Threats to the Media and Broadcasting Industry

November 11, 2016 | 3 Min Read

For media and broadcasting organizations, the threat of having their websites forced offline is a significant one. We looked beyond DDoS...
Surveying the Criminal Market

Surveying the Criminal Market

November 8, 2016 | 3 Min Read

It’s no secret your personal information and data is valuable to cybercriminals, but is there more of a market for...
Overexposed and Under-Prepared; The Risks of Oversharing Online

Overexposed and Under-Prepared; The Risks of Oversharing Online

November 8, 2016 | 4 Min Read

I have a confession to make. I know where you live. I also know who you’re married to and the...
Five Tips For Better Email Security

Five Tips For Better Email Security

November 8, 2016 | 4 Min Read

While security is everyone’s responsibility, it’s not always easy to get right. Our “Security Best Practices” blog series will provide...
Resilience: Adapt or Fail

Resilience: Adapt or Fail

October 28, 2016 | 5 Min Read

“But it ain’t how hard you hit; it’s about how hard you can get hit, and keep moving forward.”- Words...
Anonymous Poland – Not Your Typical Hacktivist Group

Anonymous Poland – Not Your Typical Hacktivist Group

October 28, 2016 | 4 Min Read

On October 29, 2016 a Twitter account associated with Anonymous Poland began to post tweets claiming to have compromised the...
Don’t Break the Internet, Fix Your Smart Devices

Don’t Break the Internet, Fix Your Smart Devices

October 25, 2016 | 4 Min Read

The Distributed Denial of Service (DDoS) attack, which targeted DynDNS servers, and literally ‘broke the internet’ for several hours on...
Rocking the Vote? The Effects of Cyber Activity On The U.S. Election

Rocking the Vote? The Effects of Cyber Activity On The U.S. Election

October 25, 2016 | 5 Min Read

Contrary to some media reporting, our latest research finds that cyber activity during the 2016 U.S. presidential election does not...
Targeting of Elections; Old News, Fresh Tactics

Targeting of Elections; Old News, Fresh Tactics

October 25, 2016 | 4 Min Read

There has been no shortage of media coverage surrounding U.S. election and the associated nefarious cyber activity. Amid all this...
Squashing Domain Squatting

Squashing Domain Squatting

October 24, 2016 | 6 Min Read

Digital Shadows was recently the victim of a domain squat attempt. As we eat our own dog food, we thankfully...
Combatting Online Crime With “Needle-Rich Haystacks”

Combatting Online Crime With “Needle-Rich Haystacks”

October 18, 2016 | 3 Min Read

At Digital Shadows our analyst team is responsible for providing both tactical situational awareness and broader, strategic awareness to our...
4 Tricks to Make a Cybersecurity Training a Treat

4 Tricks to Make a Cybersecurity Training a Treat

October 12, 2016 | 3 Min Read

A Halloween nightmare: Thunderstorms rage outside. Calendar alerts shriek in unison throughout the room as suspicion and anxiety rises. Lightning...
Digital Risk Monitoring Is A Service, Not a Distinct Capability

Digital Risk Monitoring Is A Service, Not a Distinct Capability

October 11, 2016 | 2 Min Read

Digital Shadows was recently recognized as a leader in the Forrester Wave on Digital Risk Monitoring. Digital risk monitoring is...
Balancing the Scales: The PRC’s Shift to Symmetrical Engagement

Balancing the Scales: The PRC’s Shift to Symmetrical Engagement

October 6, 2016 | 4 Min Read

Over the past few years we have observed the beginnings of a fundamental change in how People’s Republic of China...
Do Not Invite Them In: What “Human Error” Can Mean In Practice

Do Not Invite Them In: What “Human Error” Can Mean In Practice

October 6, 2016 | 4 Min Read

Although you may or may not be a fan of vampire movies, you certainly know that vampires should not be...
Plumbing the Depths: the Telnet protocol

Plumbing the Depths: the Telnet protocol

October 3, 2016 | 4 Min Read

On October 1, 2016 Krebs on Security reported that the source code for the Internet of Things (IoT) botnet malware...
Swotting Up On Exploit Kit Infection Vectors

Swotting Up On Exploit Kit Infection Vectors

October 3, 2016 | 3 Min Read

Exploit kit users need to drive web traffic to their landing pages. Without traffic, they can’t exploit vulnerable web users...
Phishful Of Dollars: BEC Remains Top Of The Charts

Phishful Of Dollars: BEC Remains Top Of The Charts

October 3, 2016 | 3 Min Read

Business email compromise (BEC) is not going away. Since we initially wrote about BEC back in April 2016, we have...
Five Tips To Make Your Passwords Better

Five Tips To Make Your Passwords Better

September 26, 2016 | 4 Min Read

While security is everyone’s responsibility, it’s not always easy to get right. Our “Security Best Practices” blog series will provide...
Digital Risk Monitoring Can Negate ‘Indicators of Exhaustion’

Digital Risk Monitoring Can Negate ‘Indicators of Exhaustion’

September 26, 2016 | 2 Min Read

When I first joined Digital Shadows in January, I wrote about the current state of threat intelligence and how “Indicators...
The Industrialized Uses of Breached Data

The Industrialized Uses of Breached Data

September 21, 2016 | 4 Min Read

In our first blog, we outlined a number of specific factors that can be used to determine a dataset’s desirability,...
Beauty and the Breach: Leaked Credentials in Context

Beauty and the Breach: Leaked Credentials in Context

September 21, 2016 | 4 Min Read

Our analysts recently researched credential compromise, finding more than 5 million leaked credentials online for the world’s biggest 1,000 organizations. Of...
New report: 97 percent of the top 1,000 companies suffer from credential compromise

New report: 97 percent of the top 1,000 companies suffer from credential compromise

September 20, 2016 | 2 Min Read

Data breaches and credential compromise are not new. After all, 2014 was known as the “year of the data breach”....
Three easy tips to staying safe online

Three easy tips to staying safe online

September 19, 2016 | 4 Min Read

While security is everyone’s responsibility, it’s not always easy to get right. Our “Security Best Practices” blog series will provide...
Forecasting the exploit kit landscape

Forecasting the exploit kit landscape

September 15, 2016 | 5 Min Read

We’ve previously written on the most popular vulnerabilities that exploit kits are using. But how might the exploit kit market...
Understanding Exploit Kits’ Most Popular Vulnerabilities

Understanding Exploit Kits’ Most Popular Vulnerabilities

September 12, 2016 | 2 Min Read

One significant aspect of mitigating the risk posed by exploit kits is keeping software up-to-date. However, for some organizations, knowing...
Hacktivism, it’s not all DoSing around

Hacktivism, it’s not all DoSing around

September 12, 2016 | 4 Min Read

Hacktivism isn’t all high levels of low impact activity. There were a number of hacktivist campaigns we detected in the...
Show me the context: The hacking proof of concept

Show me the context: The hacking proof of concept

September 8, 2016 | 2 Min Read

A common feature at security conferences, especially those that demonstrate hacks, is the proof of concept. This typically involves a security...
The cyber defender and attacker imbalance – a disproportionate impact

The cyber defender and attacker imbalance – a disproportionate impact

September 6, 2016 | 3 Min Read

You might be forgiven for thinking that high-impact cyber-attacks are always the work of well-funded nation states, organized criminal groups...
Hybrid cyber/physical criminal operations – where network intrusions meet the physical world

Hybrid cyber/physical criminal operations – where network intrusions meet the physical world

August 30, 2016 | 3 Min Read

At some stage, almost every crime committed online has a physical element, often when the money obtained is used to...
Bozkurt to Buhtrap: Cyber threats affecting financial institutions in 1H 2016

Bozkurt to Buhtrap: Cyber threats affecting financial institutions in 1H 2016

August 23, 2016 | 3 Min Read

At the beginning of 2016, it was reported that two suspected members of the DD4BC, a DDoS extortion group, were...
Four Things We’ve Learned From the Alleged Equation Group Code Leak

Four Things We’ve Learned From the Alleged Equation Group Code Leak

August 22, 2016 | 4 Min Read

The wake of the deeply bizarre auction of toolkits alleged to be from the Equation Group by the self-proclaimed “Shadow...
Security Culture: You’re only as strong as your team

Security Culture: You’re only as strong as your team

August 18, 2016 | 4 Min Read

When you’re hurt you feel pain, you see a cut or bruise, and you know that something has happened to...
False flags in cyber intrusions – why bother?

False flags in cyber intrusions – why bother?

August 17, 2016 | 3 Min Read

False flag operations have long existed in the physical world, a tactic used to make an operation appear to have...
Forecasting OpOlympicHacking

Forecasting OpOlympicHacking

August 15, 2016 | 3 Min Read

We recently published a report on the eight cybersecurity considerations around Rio 2016. But what have we observed so far,...
“Air cover” – cybercriminal marketing and the media

“Air cover” – cybercriminal marketing and the media

August 10, 2016 | 3 Min Read

For a new or relatively unknown cybercriminal actor looking to sell compromised data, attracting buyers can be a difficult task....
Overexposure – photos as the missing link

Overexposure – photos as the missing link

August 3, 2016 | 3 Min Read

You have heard it all before ­– recycling passwords for multiple services can be catastrophic. One service being breached and...
More Data Leaks as part of OpOlympicHacking

More Data Leaks as part of OpOlympicHacking

July 28, 2016 | 2 Min Read

In our recent research, we demonstrated eight cybersecurity considerations around Rio 2016. The paper lays out hacktivism and cybercrime threats...
Gambling with Security in Vegas: Not Your Best Bet

Gambling with Security in Vegas: Not Your Best Bet

July 27, 2016 | 4 Min Read

With BSides Las Vegas, Black Hat, and DEF CON around the corner, security is likely at the forefront of many...
Getting In Gear: Accounting for Tactical and Strategic Intelligence

Getting In Gear: Accounting for Tactical and Strategic Intelligence

July 26, 2016 | 3 Min Read

We’ve written before about how we like to map our services to the intelligence cycle. Of course, the intelligence cycle...
Thedarkoverlord – losing his patients?

Thedarkoverlord – losing his patients?

July 26, 2016 | 4 Min Read

In late June 2016, we observed a spate of attacks allegedly conducted by a vendor named “thedarkoverlord” on the dark...
5 Takeaways From The “Building A Strategic Threat Intelligence Program” Webinar

5 Takeaways From The “Building A Strategic Threat Intelligence Program” Webinar

July 26, 2016 | 3 Min Read

Last week, the great Mike Rothman (of Securosis fame) and I did a webinar titled: “Building a Strategic Threat Intelligence...
Tracking the Field: Eight cybersecurity considerations around Rio 2016

Tracking the Field: Eight cybersecurity considerations around Rio 2016

July 25, 2016 | 2 Min Read

Last week, we saw reports of individuals arrested on charges of terrorism ahead of the upcoming games in Rio. This...
PoodleCorp: in the business of kudos

PoodleCorp: in the business of kudos

July 22, 2016 | 5 Min Read

PoodleCorp claimed to have successfully rendered the servers of the Android and iOS game Pokemon Go offline using several distributed...
Towards a(nother) new model of attribution

Towards a(nother) new model of attribution

July 21, 2016 | 4 Min Read

Actor attribution is a common issue and activity within the world of cybersecurity. At its core, the actor attribution process...
5 Key Lessons From The FDIC’s Breach Disclosure Debacle

5 Key Lessons From The FDIC’s Breach Disclosure Debacle

July 18, 2016 | 4 Min Read

Last week, the United States House Science, Space and Technology Committee released the scathing results of the committee’s investigations into...
Open Source Intelligence versus Web Search: What’s The Difference?

Open Source Intelligence versus Web Search: What’s The Difference?

July 11, 2016 | 4 Min Read

“I can get that from Google!” – is a common phrase that has been directed at me during my time...
Three Tactics Behind Cyber Extortion

Three Tactics Behind Cyber Extortion

July 11, 2016 | 3 Min Read

As explained in a previous blog, extortion is not new – it’s now just been applied to the digital world...
Modern crimeware campaigns – two bytes of the cherry

Modern crimeware campaigns – two bytes of the cherry

July 5, 2016 | 3 Min Read

To a Columbian drug lord, the most valuable commodity is probably cocaine. To many financially motivated cybercriminals, the most valuable...
10 ways to prepare for credential leak incidents

10 ways to prepare for credential leak incidents

June 30, 2016 | 2 Min Read

From LinkedIn to MySpace, threat actors like Peace of Mind and Tessa88 have been selling credentials in various criminal dark...
Recycling, bad for your environment!

Recycling, bad for your environment!

June 27, 2016 | 4 Min Read

The news is constantly flooded with yet another breach of a high profile vendor. Perhaps the biggest and most publicized...
The philosophical difference between the Old and New Schools of the cybercriminal underground

The philosophical difference between the Old and New Schools of the cybercriminal underground

June 27, 2016 | 3 Min Read

I would recommend that anyone interested in the serious study of criminal activity on the dark web should pick up...
Spidey-sense for the people

Spidey-sense for the people

June 23, 2016 | 5 Min Read

If you liked Marvel’s SpiderMan then you will recognize the special Spidey-sense skill that Peter Parker possessed. The skill refers...
Forecasting the implications for cybersecurity in Britain after Thursday’s referendum

Forecasting the implications for cybersecurity in Britain after Thursday’s referendum

June 21, 2016 | 4 Min Read

On Thursday, the United Kingdom goes to the polls to vote on one of the most important and contentious referendums...
Shining a light on the dark web

Shining a light on the dark web

June 21, 2016 | 3 Min Read

The dark web receives more than its fair share of media coverage pertaining to cyber crime. But, amid all of...
Standoff in cyberspace

Standoff in cyberspace

June 17, 2016 | 3 Min Read

In physical security terminology, standoff is the term used to refer to the physical distance between a defender and a...
OPSEC versus branding – the cyber criminal’s dilemma

OPSEC versus branding – the cyber criminal’s dilemma

June 17, 2016 | 3 Min Read

Like any business, cybercriminals offering criminal services need to develop and maintain a brand and reputation in order to attract...
“Hidden” TeamViewer service advertised on criminal forum

“Hidden” TeamViewer service advertised on criminal forum

June 17, 2016 | 5 Min Read

Over the last few weeks, there have been a number of reports of attacks using the remote desktop control software...
Your money or your data: Keeping up-to-date with the innovation

Your money or your data: Keeping up-to-date with the innovation

June 17, 2016 | 2 Min Read

DDoS extortion and ransomware attacks have featured heavily in the headlines recently. But the practice of obtaining money through threats...
Inconsistencies in Intelligence Collection

Inconsistencies in Intelligence Collection

June 17, 2016 | 4 Min Read

Amid the rising talk of “intelligence” within the security industry, the concept of intelligence collection has gained traction. However, I’ve...
Are you at risk from business email compromise?

Are you at risk from business email compromise?

June 6, 2016 | 3 Min Read

Business email compromises (BEC) are on the rise. When I was at Forrester Research, I typically didn’t go more than...
Hacktivism: same old, same old?

Hacktivism: same old, same old?

June 3, 2016 | 4 Min Read

Cyber activists, or hacktivists, have become a firmly fixed element of the threat landscape since groups like Anonymous, Lulzsec, and...
Building an Intelligence Capability: Agility, Creativity and Diversity

Building an Intelligence Capability: Agility, Creativity and Diversity

June 2, 2016 | 2 Min Read

The Internet is a big old place, full of disparate – and often contradictory – data in various languages, formats and...
The OPSEC Opportunity

The OPSEC Opportunity

May 31, 2016 | 2 Min Read

Operations Security (OPSEC) has long been a key tactic used by commercial and military organizations to protect their privacy and...
Are you certain you know what risk means?

Are you certain you know what risk means?

May 31, 2016 | 5 Min Read

You’re the person in charge of safety on the Titanic. The designers have told you that this state-of-the-art ship is...
Data breaches targeting financial services: 2016 so far

Data breaches targeting financial services: 2016 so far

May 26, 2016 | 3 Min Read

It’s been a busy year for data breaches relating to financial services organizations – we’ve identified claims of breaches for 10...
The Plan is Mightier than the Sword – Re(sources)

The Plan is Mightier than the Sword – Re(sources)

May 24, 2016 | 3 Min Read

After having discussed the importance of planning and persistence in APTs, it is important to conclude by considering the significance...
The Plan is Mightier than the Sword – Persistence

The Plan is Mightier than the Sword – Persistence

May 24, 2016 | 5 Min Read

In the last blog post, I talked about the requirement for planning as part of an APT. Another requirement is...
The Plan is Mightier than the Sword – Planning

The Plan is Mightier than the Sword – Planning

May 24, 2016 | 4 Min Read

Media reports of breaches against major corporations or government agencies typically follow a familiar narrative of “sophisticated” attackers deploying a...
OpIcarus – Increased Claims Against Financial Institutions

OpIcarus – Increased Claims Against Financial Institutions

May 23, 2016 | 3 Min Read

There’s no shortage of online hacktivist operations launched by actors who are seeking to readdress injustices, perceived or actual. Indeed,...
Goliath ransomware, giant problem or giant con?

Goliath ransomware, giant problem or giant con?

May 17, 2016 | 3 Min Read

Ransomware can cause big problems for individuals and organizations, but what are the new types of malware that are being...
Bozkurt Hackers continue to leak bank data

Bozkurt Hackers continue to leak bank data

May 13, 2016 | 4 Min Read

A threat actor calling itself “Bozkurt Hackers” posted links to data on Twitter allegedly obtained from a number of banks...
Digital Shadows – The Innovation Continues

Digital Shadows – The Innovation Continues

May 13, 2016 | 2 Min Read

This week, Digital Shadows will turn five years old. Over this time, our product and engineering teams have continually worked...
Analyzing the 2016 Verizon Data Breach Investigations Report

Analyzing the 2016 Verizon Data Breach Investigations Report

May 2, 2016 | 4 Min Read

Last week Verizon released the 2016 Data Breach Investigations Report. If you haven’t read it yet, I highly recommend that...
Getting Strategic With Your Threat Intelligence Program

Getting Strategic With Your Threat Intelligence Program

April 26, 2016 | 4 Min Read

Tactical feeds have dominated the threat intelligence narrative for many years, but there is an emerging understanding that there must...
Roboanalyst: The Future of Threat Intelligence?

Roboanalyst: The Future of Threat Intelligence?

April 25, 2016 | 3 Min Read

Artificial Intelligence (AI) is currently going through one of its regular hype bubbles. Another dawn of the super-intelligent machine is...
The Hacking Team breach – an attacker’s point of view

The Hacking Team breach – an attacker’s point of view

April 22, 2016 | 3 Min Read

On 17 April 2016, two posts were added to Pastebin (one in Spanish, the other in English) detailing the alleged...
OpIsrael: An Update

OpIsrael: An Update

April 6, 2016 | 3 Min Read

Last month our intelligence team published a blog on the use of ABI in understanding OpIsrael 2016, which suggested that...
URGENT, ACT. RQD: Navigating Business Email Compromise

URGENT, ACT. RQD: Navigating Business Email Compromise

April 4, 2016 | 3 Min Read

Call me phishmail. Whaling ­– also known as CEO fraud and business email compromise (BEC) – is a type of...
Dark web: More than just a bastion of criminality

Dark web: More than just a bastion of criminality

March 31, 2016 | 3 Min Read

For many people, the term “dark web” refers to criminal activity on Internet. There are many definitions for what comprises...
It’s time to put the diligence into your M&A due diligence

It’s time to put the diligence into your M&A due diligence

March 29, 2016 | 2 Min Read

The headlines resulting from the Target/Fazio Mechanical Services and T-Mobile/Experian breaches have raised the awareness around third-party risks. Unfortunately, awareness...
Cybersecurity for the nuclear industry – ‘in service modification’ or more systemic change required?

Cybersecurity for the nuclear industry – ‘in service modification’ or more systemic change required?

March 29, 2016 | 4 Min Read

On the March 15, I was lucky enough to be invited to a round table event at Chatham House in...
Online credit card shops – a numbers game

Online credit card shops – a numbers game

March 21, 2016 | 3 Min Read

You may have recently read headlines about an online shop that was selling millions of stolen credit cards. Questions were...
Antifragile Security: Bouncing Back Stronger

Antifragile Security: Bouncing Back Stronger

March 21, 2016 | 3 Min Read

Strong, robust, stable, resilience – these are all words associated with a successful security posture. They’re comforting words that serve...
Moar Sand!

Moar Sand!

March 10, 2016 | 3 Min Read

Let’s face it, many organizations have their heads in the sand. In some cases this choice is a deliberate one;...
Uncertainties in the Language of Uncertainty – and why we need to talk about it

Uncertainties in the Language of Uncertainty – and why we need to talk about it

February 25, 2016 | 4 Min Read

If you know much about Digital Shadows SearchLight, you would know that one of our strengths in the provision of...
Intelligence vs. Infosec: The 3-letter-guy to the rescue?

Intelligence vs. Infosec: The 3-letter-guy to the rescue?

February 25, 2016 | 3 Min Read

Whenever Royal Marines deploy on operations, they take with them their own intelligence analysts. These analysts are fully trained and...
From cyber espionage to hacker marketing strategies: an overview of Digital Shadows talks at RSA Conference

From cyber espionage to hacker marketing strategies: an overview of Digital Shadows talks at RSA Conference

February 25, 2016 | 2 Min Read

It’s not long until this year’s RSA Conference, and Digital Shadows will be in full force, with some of us...
WHAT DO YOU MEAN IT WAS AN ACCIDENT?

WHAT DO YOU MEAN IT WAS AN ACCIDENT?

February 25, 2016 | 4 Min Read

We always want to find someone or something to pin the blame on when a serious data breach occurs.  But is it really that...

The ‘hacker’ talent shortage: What organizations can learn from the recruitment efforts of their attackers

The ‘hacker’ talent shortage: What organizations can learn from the recruitment efforts of their attackers

February 24, 2016 | 5 Min Read

The seventh annual (ISC)² Global Workforce Survey estimates that there will be a shortage of information security professionals by 2020. Ask...
Using News Reports as a Source of Intelligence

Using News Reports as a Source of Intelligence

February 23, 2016 | 4 Min Read

It’s often tempting to overplay the importance of exploring dark and deep web sources in providing intelligence value. However, there’s...
OpOlympicHacking: A hurdle for Rio’s sponsors to vault

OpOlympicHacking: A hurdle for Rio’s sponsors to vault

February 22, 2016 | 3 Min Read

This month Anonymous Brazil and an affiliate group, known as ASOR Hack Team, announced the launch of the hacktivist operation,...
Why Go Through the Trouble to Tumble?

Why Go Through the Trouble to Tumble?

February 17, 2016 | 3 Min Read

Today you can purchase a pizza in Berlin and pay for it from a digital wallet located on a computer...
Another SANS Cyber Threat Intelligence Summit is in the books

Another SANS Cyber Threat Intelligence Summit is in the books

February 11, 2016 | 5 Min Read

Last Thursday we wrapped up the 4th annual SANS Cyber Threat Intelligence (CTI) Summit. I have presented at all four...
Waiter, there’s a hole in my intelligence collection!

Waiter, there’s a hole in my intelligence collection!

February 10, 2016 | 3 Min Read

We’re all swimming in data. There’s data everywhere. From packet captures to reputation feeds, it feels like there is a...
Relevance: The missing ingredient of cyber threat intelligence

Relevance: The missing ingredient of cyber threat intelligence

February 8, 2016 | 3 Min Read

Today we’ve announced the closing of our Series B investment round, led by Trinity Ventures. This $14 million will give...
Surviving the threats posed by PoS malware

Surviving the threats posed by PoS malware

February 2, 2016 | 3 Min Read

These days, you can’t go into a store or mall without being asked to use a point of sale (PoS)...
“Largest cyber attack” on Israel lacks power

“Largest cyber attack” on Israel lacks power

February 1, 2016 | 3 Min Read

On 26 January, Yuval Steinitz, the Israeli Minister of Infrastructure, Energy and Water Resources, announced to the 2016 CyberTech Conference...
Why I joined Digital Shadows

Why I joined Digital Shadows

January 28, 2016 | 3 Min Read

Departing Forrester Research wasn’t an easy decision; it was a great job. I was able to help guide the security...
Digital Shadows honored as Bloomberg Business Top Innovator

Digital Shadows honored as Bloomberg Business Top Innovator

January 26, 2016 | 1 Min Read

We’re pleased to announce that Bloomberg Business has named Digital Shadows as one of the top breakthrough and disruptive businesses...
Escalation in OpKillingBay

Escalation in OpKillingBay

January 25, 2016 | 3 Min Read

There has been a noticeable recent increase in activity surrounding the OpKillingBay operations – a hacktivist campaign attributed to the...
Criminal services – Bulletproof hosting

Criminal services – Bulletproof hosting

January 21, 2016 | 2 Min Read

Cybercrime can be a lucrative business if you do it well. But how do criminals ensure the success of their...
Digital Shadows Welcomes Rick Holland as Vice President of Strategy

Digital Shadows Welcomes Rick Holland as Vice President of Strategy

January 19, 2016 | 1 Min Read

Last year was an exciting time for Digital Shadows; we opened our new co-headquarters in San Francisco, achieved over 400%...
The Strategic Corporal and Information Security

The Strategic Corporal and Information Security

January 18, 2016 | 3 Min Read

For those unfamiliar with the term “strategic corporal”, it sprung out of the conflicts in Afghanistan and Iraq. The concept...
DD4BC Arrests: What Now for Extortion?

DD4BC Arrests: What Now for Extortion?

January 15, 2016 | 3 Min Read

Earlier this week, Europol published a press release stating that an individual suspected of being a “key member” of the...
A Complex Threat Landscape

A Complex Threat Landscape

January 13, 2016 | 2 Min Read

Achieving a better understanding of the threat landscape is key for organizations; the better they know their enemies, the better...
RATs: Invasion of Your Privacy

RATs: Invasion of Your Privacy

January 11, 2016 | 2 Min Read

When most people hear the word “RAT” they envision a large rodent that dines in dumpsters while seeking solace in...
Digital Currency and Getting Paid In The Underground

Digital Currency and Getting Paid In The Underground

January 6, 2016 | 3 Min Read

It’s been said that money makes the world go round.  People expect to be paid for their time, goods, and...
Lots to learn? Academia and intelligence

Lots to learn? Academia and intelligence

January 4, 2016 | 3 Min Read

With the ongoing emergence of CTI you could be forgiven for thinking that the discipline of intelligence was new. But...