Blog & Resources 2017

The latest advice, opinion and research from our dedicated intelligence analyst team.

What Attackers Want for Christmas

December 22, 2017 | 4 Min Read

Our guest author Krampus has a special blog post for the Team with the festive Red colours: Christmas lists are always a problem, here are some examples to get attackers thinking during the...

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

Connect with us

What Attackers Want for Christmas

What Attackers Want for Christmas

December 22, 2017 | 4 Min Read

Our guest author Krampus has a special blog post for the Team with the festive Red colours: Christmas lists are...
OL1MP: A Telegram Bot Making Carding Made Easy This Holiday Season

OL1MP: A Telegram Bot Making Carding Made Easy This Holiday Season

December 21, 2017 | 3 Min Read

Back in July, we published our research on the carding ecosystem, specifically on an online course that teaches carders how...
‘Tis The Season To Do Predictions – The 2018 Cybersecurity Landscape

‘Tis The Season To Do Predictions – The 2018 Cybersecurity Landscape

December 18, 2017 | 3 Min Read

This post originally appeared on Huffington Post. Every year around this time all the security businesses and analysts leap for...
Why I Joined Digital Shadows: Product, Culture and Opportunity

Why I Joined Digital Shadows: Product, Culture and Opportunity

December 13, 2017 | 2 Min Read

Making the decision to join Digital Shadows was actually a relatively straight forward decision for me, as it was impossible...
A New CISO Looking to See How Deep the Rabbit Hole Goes

A New CISO Looking to See How Deep the Rabbit Hole Goes

December 12, 2017 | 2 Min Read

Well it is official, I’m now the Chief Information Security Officer here at Digital Shadows. It has been while since...
Digital Shadows’ Most Popular Blogs of 2017: Analysis of Competing Hypotheses For The Win

Digital Shadows’ Most Popular Blogs of 2017: Analysis of Competing Hypotheses For The Win

December 12, 2017 | 3 Min Read

This time last year, we looked back at the blogs that caught our readers’ attention the most. In 2016, it...
Meet the New Digitalshadows.com

Meet the New Digitalshadows.com

November 29, 2017 | 2 Min Read

This morning we launched the new Digital Shadows website. Our main goal of creating this new website was to make...
Risks to Retail: Cybercriminals Sharing the Joy This Holiday Season

Risks to Retail: Cybercriminals Sharing the Joy This Holiday Season

November 21, 2017 | 3 Min Read

Despite some early deals, Black Friday officially begins on 24th November, kick-starting over a month of consumer spending over the holiday...
GDPR – Not Just a European Concern

GDPR – Not Just a European Concern

November 20, 2017 | 6 Min Read

This post originally appeared on SecurityWeek. The recent Equifax breach that has been all over the news raises an interesting question:...
Fake News is More Than a Political Battlecry

Fake News is More Than a Political Battlecry

November 16, 2017 | 3 Min Read

This week, British Prime Minister Theresa May came out and attacked Russia’s attempt to “weaponize information” in hostile actions against western states....
Why “Have a Safe Trip” Is Taking On Greater Meaning

Why “Have a Safe Trip” Is Taking On Greater Meaning

November 14, 2017 | 5 Min Read

This post originally appeared on SecurityWeek. Have a safe trip! Typically, when we wish someone well before they leave on a...
Know Where to Find Your Digital Risk

Know Where to Find Your Digital Risk

November 10, 2017 | 4 Min Read

This post originally appeared on SecurityWeek. Read more from CEO Alastair Paterson. Approximately 250 years ago Samuel Johnson said, “The next...
Pwnage to Catalonia: Five Things We Know About OpCatalunya

Pwnage to Catalonia: Five Things We Know About OpCatalunya

November 2, 2017 | 5 Min Read

Since October 24th, Digital Shadows has observed an increase in attack claims and social media activity associated with the OpCatalunya...
ICS Security: Strawmen In the Power Station

ICS Security: Strawmen In the Power Station

October 31, 2017 | 5 Min Read

Congrats, it is now almost November and we have nearly made it through Cyber Security Awareness month (and what a...
Extorters Going to Extort: This Time Other Criminals Are the Victims

Extorters Going to Extort: This Time Other Criminals Are the Victims

October 26, 2017 | 3 Min Read

We are increasingly used to the tactic of extorting a company through the threat actor publicly releasing data. The recent...
Women in Security: Where We Are And Where We Need To Go

Women in Security: Where We Are And Where We Need To Go

October 25, 2017 | 7 Min Read

Ada Lovelace, Grace Hopper, Katherine Johnson, Radia Perlman—some of history’s greatest technical minds have been women. However, since the mid-1980s, there...
Trust vs Access: A Tale of Two Vulnerability Classes

Trust vs Access: A Tale of Two Vulnerability Classes

October 20, 2017 | 5 Min Read

It’s been a big week in cyberspace, with high profile crypto vulnerabilities KRACK (affecting WPA2) and ROCA (affecting RSA keys generated by Infineon hardware)...
Key Reinstallation Attacks (KRACK): The Impact So Far

Key Reinstallation Attacks (KRACK): The Impact So Far

October 16, 2017 | 4 Min Read

Today, a series of high-severity vulnerabilities affecting the WiFi Protected Access II (WPA2) protocol were disclosed. Security researchers have developed...
Simply Put, Effective Cybersecurity is the Strength Sum of Its Parts

Simply Put, Effective Cybersecurity is the Strength Sum of Its Parts

October 11, 2017 | 2 Min Read

Today’s cybersecurity landscape, dominated as it is by professional threat actors, state sponsored attackers and hacktivists, requires a more consistent...
Simple Steps to Online Safety

Simple Steps to Online Safety

October 5, 2017 | 4 Min Read

On the heels of some very high-profile and disturbing data breaches, this year’s Cyber Security Awareness Month is timely. This...
Gearing Up For National Cyber Security Awareness Month

Gearing Up For National Cyber Security Awareness Month

October 3, 2017 | 4 Min Read

I’m going to go out on a limb and say that I’m probably not the only one that’s pleased to...
2017 Equifax Breach: Impact and Lessons Learned

2017 Equifax Breach: Impact and Lessons Learned

September 28, 2017 | 3 Min Read

Equifax experienced a data breach that occurred in mid-May 2017, was first discovered on 29 Jul 2017, and was publicly...
Recognition of Hard Work and Relevance – It’s Time to Go Global

Recognition of Hard Work and Relevance – It’s Time to Go Global

September 20, 2017 | 3 Min Read

The news this morning that Digital Shadows has received $26 million in Series C funding from a number of new investors is...
Bringing Down the Wahl: Three Threats to the German Federal Election

Bringing Down the Wahl: Three Threats to the German Federal Election

September 14, 2017 | 7 Min Read

Hacking has become the boogie man of political election discourse. In Kenya, the recent presidential election result was forcibly annulled...
An Update on the Equifax Data Breach

An Update on the Equifax Data Breach

September 13, 2017 | 8 Min Read

The credit reporting agency Equifax reported on September 7th, that it had been breached. On Friday, we outlined what we knew...
Equifax Breach: The Impact For Enterprises and Consumers

Equifax Breach: The Impact For Enterprises and Consumers

September 8, 2017 | 9 Min Read

What we know about the Equifax breach On September 7th, credit reporting agency Equifax announced “a cybersecurity incident potentially impacting...
Return of the Worm: A Red Hat Analysis

Return of the Worm: A Red Hat Analysis

September 7, 2017 | 4 Min Read

A computer worm is a piece of malware that is designed to replicate itself in order to spread to other...
Content Delivery Networks (CDNs) Can Leave You Exposed – How You Might be Affected and What You Can Do About It

Content Delivery Networks (CDNs) Can Leave You Exposed – How You Might be Affected and What You Can Do About It

September 6, 2017 | 5 Min Read

Whether it was the Mirai botnet and Dyn or the “Cloudbleed” revelations, content delivery networks (CDNs) have been in the...
Bitglass: Compromised Credentials are Just One Way Your Corporate Data is Being Exposed

Bitglass: Compromised Credentials are Just One Way Your Corporate Data is Being Exposed

August 18, 2017 | 2 Min Read

A guest blog from Bitglass, read the original at https://www.bitglass.com/blog/datawatch-beware-of-careless-insiders  Every day, employees around the world use the cloud to perform...
Fluctuation in the Exploit Kit Market – Temporary Blip or Long-Term Trend?

Fluctuation in the Exploit Kit Market – Temporary Blip or Long-Term Trend?

August 16, 2017 | 5 Min Read

Exploit kit activity is waning. Collectively these malware distribution tools used to be a prominent method of infection. They rely...
All That Twitterz Is Not Gold: Why You Need to Rely on Multiple Sources of Intelligence

All That Twitterz Is Not Gold: Why You Need to Rely on Multiple Sources of Intelligence

August 9, 2017 | 3 Min Read

Twitter has become an extremely valuable tool for security researchers; experts including Kevin Beaumont and PwnAllTheThings frequently post research findings...
Cybercrime Finds a Way, the Limited Impact of AlphaBay and Hansa’s Demise

Cybercrime Finds a Way, the Limited Impact of AlphaBay and Hansa’s Demise

August 7, 2017 | 5 Min Read

The law enforcement operations that took down the AlphaBay and Hansa marketplaces were meant to strike a sizable blow to...
Reading Your Texts For Fun and Profit – How Criminals Subvert SMS-Based MFA

Reading Your Texts For Fun and Profit – How Criminals Subvert SMS-Based MFA

August 1, 2017 | 4 Min Read

Why Multi Factor? Read almost any cyber security related news and you will start to see why using a password...
What is a Threat Model, and Why Organizations Should Care

What is a Threat Model, and Why Organizations Should Care

July 31, 2017 | 4 Min Read

Many organizations are exquisitely aware that they are the target of a wide-range of cyber-attacks: from targeted intrusions to mere...
Fraudsters Scoring Big – an Inside Look at the Carding Ecosystem

Fraudsters Scoring Big – an Inside Look at the Carding Ecosystem

July 18, 2017 | 3 Min Read

In season two of the Netflix series Narcos, Pablo Escobar points out that: “I’m not a rich person. I’m a...
The Future of Marketplaces: Forecasting the Decentralized Model

The Future of Marketplaces: Forecasting the Decentralized Model

July 17, 2017 | 4 Min Read

Last week we wrote about the disappearance of AlphaBay dark web marketplace and assessed three potential scenarios to look out...
AlphaBay Disappears: 3 Scenarios to Look For Next

AlphaBay Disappears: 3 Scenarios to Look For Next

July 14, 2017 | 6 Min Read

The AlphaBay dark web marketplace has been inaccessible since 05 Jul 2017. With no substantive explanation from the site’s owners,...
Threat Led Penetration Testing – The Past, Present and Future

Threat Led Penetration Testing – The Past, Present and Future

July 10, 2017 | 5 Min Read

What is Threat Led Penetration Testing? Threat led penetration testing is, in essence, using threat intelligence to emulate the tactics,...
Petya-Like Wormable Malware: The “Who” and the “Why”

Petya-Like Wormable Malware: The “Who” and the “Why”

June 30, 2017 | 7 Min Read

Late on 27 June, the New York Times reported that a number of Ukrainian banks and Ukrenergo, the Ukrainian state...
Keep Your Eyes on the Prize: Attack Vectors are Important But Don’t Ignore Attacker Goals

Keep Your Eyes on the Prize: Attack Vectors are Important But Don’t Ignore Attacker Goals

June 23, 2017 | 5 Min Read

Reporting on intrusions or attacks often dwells on the method that the attackers used to breach the defenses of a...
Threats From the Dark Web

Threats From the Dark Web

June 26, 2017 | 5 Min Read

Despite the hype associated with the dark web, maintaining visibility into it is an important component of a comprehensive digital...
WannaCry: An Analysis of Competing Hypotheses – Part II

WannaCry: An Analysis of Competing Hypotheses – Part II

June 7, 2017 | 7 Min Read

Following the furore of last month’s WannaCry ransomware attacks, Digital Shadows produced an Analysis of Competing Hypotheses (ACH) table to...
7 Tips for Protecting Against Account Takeovers

7 Tips for Protecting Against Account Takeovers

May 22, 2017 | 3 Min Read

In May 2017, an amalgamation of over 1 billion credentials was uploaded to the Have I Been Pwned database. One...
WannaCry: An Analysis of Competing Hypotheses

WannaCry: An Analysis of Competing Hypotheses

May 18, 2017 | 6 Min Read

On 12 May 2017, as the WannaCry ransomware spread across computer networks across the world, a variety of explanations also...
Digital Shadows’ 6th Anniversary

Digital Shadows’ 6th Anniversary

May 16, 2017 | 5 Min Read

It’s amazing to think that the idea James and I began working on from a kitchen table in London in...
5 Lessons from WannaCry: Preventing Attacks with Security Engineering

5 Lessons from WannaCry: Preventing Attacks with Security Engineering

May 16, 2017 | 5 Min Read

With the recent news storm concerning the “WannaCry” ransomware worm, a great deal of mitigation advice has been provided. This...
WannaCry: The Early 2000s Called, They Want Their Worms Back

WannaCry: The Early 2000s Called, They Want Their Worms Back

May 12, 2017 | 3 Min Read

Earlier today it was revealed that the United Kingdom’s National Health Service was targeted by ransomware known as “WannaCry.” Sixteen...
Authentication Nation: 5 Ways NIST is Changing How We Think About Passwords

Authentication Nation: 5 Ways NIST is Changing How We Think About Passwords

May 9, 2017 | 4 Min Read

Passwords have taken a beating over the past several years, and there seems to be little question among leading practitioners...
The 3 Pillars of Digital Risk Management: Part 3 – The Top 5 Main Risks of Reputational Damage

The 3 Pillars of Digital Risk Management: Part 3 – The Top 5 Main Risks of Reputational Damage

April 27, 2017 | 2 Min Read

In this 3-part blog series, we discuss how each of the 3 pillars, Cyber Threat, Data Leakage, and Reputational Damage,...
The Usual Suspects: Understanding the Nuances of Actors’ Motivations and Capabilities

The Usual Suspects: Understanding the Nuances of Actors’ Motivations and Capabilities

April 21, 2017 | 3 Min Read

When it comes to their adversaries, organizations can still fall into the trap of focusing on the ‘usual suspects’. At...
Liberté, égalité, securité: 4 Threats to the French Presidential Election

Liberté, égalité, securité: 4 Threats to the French Presidential Election

April 20, 2017 | 5 Min Read

French citizens will take to the polls on April 23rd to vote for a new president. If, as expected, no...
The 3 Pillars of Digital Risk Management: Part 2 – The 6 Main Areas That Contribute to Data Leakage Risks

The 3 Pillars of Digital Risk Management: Part 2 – The 6 Main Areas That Contribute to Data Leakage Risks

April 18, 2017 | 2 Min Read

In this 3-part blog series, we discuss how each of the 3 pillars, Cyber Threat, Data Leakage, and Reputational Damage,...
The 3 Pillars of Digital Risk Management: Part 1 Understanding Cyber Threats

The 3 Pillars of Digital Risk Management: Part 1 Understanding Cyber Threats

April 13, 2017 | 3 Min Read

What is Digital Risk Management? The National Institute of Standards and Technology (NIST) defines the field of risk management as:...
All Sources Are Not the Same; Why Diversity Is Good for Intelligence

All Sources Are Not the Same; Why Diversity Is Good for Intelligence

April 11, 2017 | 3 Min Read

As we all know, if you listen to just one side of the story, very often you don’t get the...
Monitoring the Mobile Threat Landscape

Monitoring the Mobile Threat Landscape

April 4, 2017 | 4 Min Read

The UK’s National Cyber Security Centre (NCSC) and the National Crime Agency (NCA) released a joint paper on the cyber...
OpIsrael Hacktivists Targeted By Unknown Threat Actor

OpIsrael Hacktivists Targeted By Unknown Threat Actor

March 30, 2017 | 3 Min Read

Ideologically-motivated “hacktivist” actors can present a variety of threats to organizations from defacements, to denial of service attacks and sometimes...
Turk Hack Team and the “Netherlands Operation”

Turk Hack Team and the “Netherlands Operation”

March 29, 2017 | 4 Min Read

Since mid-March, Turk Hack Team have been participating in a new campaign called “Netherlands Operation”, announced via their official Twitter...
Tax Fraud in 2017

Tax Fraud in 2017

March 27, 2017 | 4 Min Read

The IRS recently released an alert that warned tax professionals and taxpayers to be wary of last minute email scams....
Dutch Elections – Looking Back at Cyber Activity

Dutch Elections – Looking Back at Cyber Activity

March 21, 2017 | 3 Min Read

Last week, I wrote about the potential threats to the Dutch national election. But what actually happened? On 14 March...
Five Reasons Why Alex Seton VP of Business and Corporate Development, Joined Digital Shadows

Five Reasons Why Alex Seton VP of Business and Corporate Development, Joined Digital Shadows

March 21, 2017 | 3 Min Read

What a great feeling to find a company that cuts through today’s noisy and crowded security market to address an...
5 Risks Posed By Mobile Applications That SearchLight Helps You Manage

5 Risks Posed By Mobile Applications That SearchLight Helps You Manage

March 14, 2017 | 2 Min Read

Organizations face a wide range of risks online, including cyber threats, data leakage and reputational damage. (You can learn more...
Back to the red pencil – Cyber threats to the Dutch elections

Back to the red pencil – Cyber threats to the Dutch elections

March 13, 2017 | 5 Min Read

Over the weekend, media reports surfaced about the fears of Russian interference in UK elections, with GCHQ reportedly warning political...
Learning from the Top Threats Financial Services Faced in 2016

Learning from the Top Threats Financial Services Faced in 2016

March 8, 2017 | 2 Min Read

Organizations operating within the financial services industry represent an attractive target for threat actors. Here’s three types of threat facing...
New “Blaze” exploit kit claims to exploit recent Cisco WebEx vulnerability

New “Blaze” exploit kit claims to exploit recent Cisco WebEx vulnerability

March 2, 2017 | 4 Min Read

A previously undetected exploit kit has been offered for sale on the clear web forum HackForums since February 8, 2017...
Step by Step: The Changing Face of Threat Led Penetration Testing

Step by Step: The Changing Face of Threat Led Penetration Testing

February 28, 2017 | 4 Min Read

Organizations are increasingly adopting the threat led approach to penetration testing. This approach essentially advances the boundaries of conventional penetration...
Sun to Set on BEPS/Sundown Exploit Kit?

Sun to Set on BEPS/Sundown Exploit Kit?

February 22, 2017 | 4 Min Read

On February 13, 2017, the security researcher David Montenegro (@CryptoInsane) posted a series of tweets claiming that the source code...
Four Things to Look Out for This Valentine’s Day

Four Things to Look Out for This Valentine’s Day

February 14, 2017 | 4 Min Read

Consumers are increasingly moving to the Internet for their holiday purchases—and Valentine’s Day is no exception. According to the National...
An unusually Swift(tay) malware delivery tactic

An unusually Swift(tay) malware delivery tactic

February 9, 2017 | 5 Min Read

While doing some background research into recent reporting by Dr Web on a newly identified version of Mirai, we made...
F3EAD: Find, Fix, Finish, Exploit, Analyze and Disseminate – The Alternative Intelligence Cycle

F3EAD: Find, Fix, Finish, Exploit, Analyze and Disseminate – The Alternative Intelligence Cycle

February 8, 2017 | 4 Min Read

The F3EAD cycle (Find, Fix Finish, Exploit, Analyze and Disseminate) is an alternative intelligence cycle commonly used within Western militaries...
How the Frenzy Unfolded: Analyzing Various Mongo Extortion Campaigns

How the Frenzy Unfolded: Analyzing Various Mongo Extortion Campaigns

February 7, 2017 | 4 Min Read

The MongoDB “ransom” pandemic, which has been in the spotlight for the best part of a month, still appears to...
Ready for the Blitz: Assessing the Threats to Super Bowl LI

Ready for the Blitz: Assessing the Threats to Super Bowl LI

February 2, 2017 | 4 Min Read

Like any major event, Super Bowl LI brings with it the heightened risk of malicious cyber activity. The lead up...
Making Cents of ATM Malware Campaigns – Comparing and Contrasting Operational Methodologies

Making Cents of ATM Malware Campaigns – Comparing and Contrasting Operational Methodologies

January 30, 2017 | 4 Min Read

Throughout 2016 some of the most notable reporting on criminal activity targeting the financial sector related to the use of...
Dial “M” for malware: Two-factor scamming

Dial “M” for malware: Two-factor scamming

January 26, 2017 | 4 Min Read

Adversaries are developing new ways of attacking you using old forms of communication. Make sure your communication of this issue...
Innovation in The Underworld: Reducing the Risk of Ripper Fraud

Innovation in The Underworld: Reducing the Risk of Ripper Fraud

January 23, 2017 | 7 Min Read

Reputation is incredibly important for business. This also applies to cyber criminals who buy and sell goods and services in...
Known Unknowns: Key Events to Keep Your Eyes Out for in 2017

Known Unknowns: Key Events to Keep Your Eyes Out for in 2017

January 19, 2017 | 3 Min Read

On Friday, millions will tune in to see Donald Trump inaugurated as the President of the United States. This will...
Two Ways to Effectively Tailor Your Intelligence Products

Two Ways to Effectively Tailor Your Intelligence Products

January 17, 2017 | 4 Min Read

In my previous blog, “Trump and Intelligence: 6 ways to deal with challenging intelligence consumers,” I focused on six ways...
All You Can Delete MongoDB Buffet

All You Can Delete MongoDB Buffet

January 12, 2017 | 4 Min Read

A number of extortion actors were detected accessing unauthenticated MongoDB installations and replacing their contents with a ransom note, usually...
10 Ways You Can Prepare for DDoS Attacks in 2017

10 Ways You Can Prepare for DDoS Attacks in 2017

January 11, 2017 | 1 Min Read

At the end of last month, we published a paper that forecasted the DDoS landscape for 2017. By using the...
Trump and Intelligence: 6 Ways To Deal With Challenging Intelligence Consumers

Trump and Intelligence: 6 Ways To Deal With Challenging Intelligence Consumers

January 4, 2017 | 4 Min Read

It is no secret the President Elect Trump is skeptical of the Intelligence Community (IC). He has openly questioned Russia/US...