Digital Shadows to be Acquired by ReliaQuest

Year: 2022

2022

Market differentiation: Cybercriminal forums’ unusual features designed to attract users

June 30, 2022 | 13 Min Read

After a tumultuous few months at the start of the year in which each week seemed to bring a major development in the cybercrime scene, we’ve been enjoying a period of relative stability in the...
Market differentiation: Cybercriminal forums’ unusual features designed to attract users

Market differentiation: Cybercriminal forums’ unusual features designed to attract users

June 30, 2022 | 13 Min Read

After a tumultuous few months at the start of the year in which each week seemed to bring a major...
NATO Leaders are Meeting at the Madrid Summit 2022: What is going to happen?

NATO Leaders are Meeting at the Madrid Summit 2022: What is going to happen?

June 28, 2022 | 6 Min Read

Today, the leaders of the North Atlantic Treaty Organization (NATO) are gathering in Madrid, Spain for their annual Summit, where...
Credential stuffing: What is it, are you at risk?

Credential stuffing: What is it, are you at risk?

June 23, 2022 | 6 Min Read

You may have read about the recent attack affecting motoring powerhouse General Motors (GM), that resulted in significant numbers of...
Vulnerability Intelligence Roundup: Leveraging the OODA Loop for Vulnerability Management

Vulnerability Intelligence Roundup: Leveraging the OODA Loop for Vulnerability Management

June 21, 2022 | 8 Min Read

Picture this, you are an analyst working in a large security operations center (SOC) responding to an overwhelming amount of...
POLONIUM: Proxy Warfare and Iran’s Cyber Strategy

POLONIUM: Proxy Warfare and Iran’s Cyber Strategy

June 20, 2022 | 7 Min Read

In June 2022, Microsoft reported that a new advanced persistent threat (APT) group was wreaking havoc on Israeli organizations. The...
Weak credentials are fueling a new generation of cyber threats

Weak credentials are fueling a new generation of cyber threats

June 15, 2022 | 7 Min Read

In the coming week, Digital Shadows will release a research report highlighting the significant risk facing organizations and individuals from...
Ransomware gangs and PR stunts: Why LockBit faked a ransomware attack against Mandiant

Ransomware gangs and PR stunts: Why LockBit faked a ransomware attack against Mandiant

June 10, 2022 | 5 Min Read

Ransomware groups have extensively improved their tactics to behave in an increasingly professional and corporate-like manner; this has allowed groups...
Killnet: The Hactivist Group That Started A Global Cyber War

Killnet: The Hactivist Group That Started A Global Cyber War

June 8, 2022 | 7 Min Read

Since the beginning of the Russia-Ukraine war, hacktivism has experienced a substantial resurgence, with many hacktivist groups being created in...
The next stage of our journey – Digital Shadows to join ReliaQuest

The next stage of our journey – Digital Shadows to join ReliaQuest

June 1, 2022 | 6 Min Read

I am delighted to announce that Digital Shadows has entered a definitive agreement to be acquired by ReliaQuest pending customary...
Russian prison culture and slang on cybercriminal forums: Can you cram on the hairdryer?

Russian prison culture and slang on cybercriminal forums: Can you cram on the hairdryer?

May 31, 2022 | 10 Min Read

In a few previous blogs, we’ve covered how threat actors discuss prison on Russian-language cybercriminal platforms. We’ve touched on high-profile...
Account takeover: Are you opening the door for cyber threat actors?

Account takeover: Are you opening the door for cyber threat actors?

May 25, 2022 | 6 Min Read

In 2020, our research report on account takeover (ATO) highlighted the risk of using credentials in an unsafe manner, which...
Vulnerability Intelligence Round Up:  The Good, The Bad, and The Risky

Vulnerability Intelligence Round Up: The Good, The Bad, and The Risky

May 19, 2022 | 6 Min Read

There is a saying derived from Western movies that say whoever draws first, loses the duel. Nick Bohr, a famous...
What we’re reading this month: May 2022

What we’re reading this month: May 2022

May 18, 2022 | 7 Min Read

Where is the year going? It only seems like yesterday that we celebrated the turn of the year, with the...
Advanced persistent threat group feature: Mustang Panda

Advanced persistent threat group feature: Mustang Panda

May 17, 2022 | 7 Min Read

Advanced persistent threat (APT) groups are often tricky to wrap your head around. By their nature, state-associated groups are well-resourced...
Five years after the WannaCry dumpster fire, ransomware remains a global threat

Five years after the WannaCry dumpster fire, ransomware remains a global threat

May 11, 2022 | 7 Min Read

It has been five years since the dumpster fire we all remember as WannaCry. WannaCry is self-propagating ransomware that held...
ALPHV: The First Rust-Based Ransomware

ALPHV: The First Rust-Based Ransomware

May 6, 2022 | 7 Min Read

In late 2021, we observed a new ransomware operation named “ALPHV” (also known as BlackCat) emerge. The group operates as...
Colonial Pipeline One Year Later: What’s Changed?

Colonial Pipeline One Year Later: What’s Changed?

May 4, 2022 | 10 Min Read

For the first half of 2021, ransomware groups looked unstoppable. Ransomware gangs were adding victim after victim on their dark...
The Russia – Ukraine war: Two months in

The Russia – Ukraine war: Two months in

April 28, 2022 | 10 Min Read

The two-month mark of the Russia and Ukraine war has passed, with Russia almost certainly having failed to meet its...
Opportunity in the midst of chaos: Russian-speaking cybercriminals grapple with sanctions and forum takedowns

Opportunity in the midst of chaos: Russian-speaking cybercriminals grapple with sanctions and forum takedowns

April 27, 2022 | 8 Min Read

As a threat intelligence professional, it’s difficult to ignore how major developments in the real world affect the lives of...
The Power Of Data Analysis In Threat Intelligence – Part 2: Machine Learning

The Power Of Data Analysis In Threat Intelligence – Part 2: Machine Learning

April 21, 2022 | 12 Min Read

This blog is the second part of our Data Analysis in Threat Intelligence series, where we focus on the tools...
What We’re Reading This Month: April 2022

What We’re Reading This Month: April 2022

April 20, 2022 | 7 Min Read

As an intelligence analyst, it’s paramount to stay on top of what’s happening in the world around you. To inform...
The role of Non-Fungible Tokens (NFTs) in facilitating cybercrime

The role of Non-Fungible Tokens (NFTs) in facilitating cybercrime

April 20, 2022 | 8 Min Read

You’d have to have been living under a rock to have avoided the excitement surrounding Non-Fungible-Tokens (NFTs) in the last...
Q1 2022 Vulnerability Roundup

Q1 2022 Vulnerability Roundup

April 14, 2022 | 6 Min Read

In the first quarter of 2022, several high-severity vulnerabilities were targeted by threat actors to facilitate malicious campaigns. The first...
 Q1 2022 Ransomware Roundup

 Q1 2022 Ransomware Roundup

April 12, 2022 | 12 Min Read

As the new year has reached the end of its first quarter, it’s time for us to go back and...
Intelligence Collection Plans: Preparation breeds success

Intelligence Collection Plans: Preparation breeds success

April 7, 2022 | 6 Min Read

It’s been a little over a month since I wrote about how intelligence requirements (IRs) can help plan a cyber...
Team A vs Team B: What is Motivating Lapsus$?

Team A vs Team B: What is Motivating Lapsus$?

April 6, 2022 | 8 Min Read

In the past few weeks, the Lapsus$ threat group captured the security community’s attention with a series of brazen and...
Five things we learned from the Conti chat logs

Five things we learned from the Conti chat logs

April 5, 2022 | 11 Min Read

At the end of February, the cybersecurity community was rocked by the appearance of alleged chat logs recording conversations between...
The Power of Data Analysis in Threat Intelligence – Part 1: Data Collection and Data Mining

The Power of Data Analysis in Threat Intelligence – Part 1: Data Collection and Data Mining

March 31, 2022 | 8 Min Read

In 2020, there was an estimated 59 trillion gigabytes of data in the world. Most of which was created in...
“Your rubles will only be good for lighting a fire”: Cybercriminals reel from impact of sanctions

“Your rubles will only be good for lighting a fire”: Cybercriminals reel from impact of sanctions

March 29, 2022 | 10 Min Read

Since Russia’s invasion of Ukraine in February, the Digital Shadows Photon team has been following multiple aspects of the tragic...
Vulnerability Intelligence Round-up: Russia-Ukraine War

Vulnerability Intelligence Round-up: Russia-Ukraine War

March 24, 2022 | 6 Min Read

One month ago, the Russian government began the invasion of Ukraine, triggering one of the most severe security crises in...
The Okta breach: What we know so far

The Okta breach: What we know so far

March 23, 2022 | 10 Min Read

What we know about the Okta breach, Lapsus$ group, and what you can do today to protect your...
Russia’s Second Front: The War on Information

Russia’s Second Front: The War on Information

March 22, 2022 | 9 Min Read

You would think that it would be nearly impossible to industrialize propaganda in the 21st century, especially with the tremendous...
Meet Lapsus$: An Unusual Group in the Cyber Extortion Business

Meet Lapsus$: An Unusual Group in the Cyber Extortion Business

March 17, 2022 | 5 Min Read

In December 2021, a new cyber threat group began attracting the security community’s attention, after conducting several high-profile extortion attacks...
The Russia-Ukraine War And The Revival Of Hacktivism

The Russia-Ukraine War And The Revival Of Hacktivism

March 16, 2022 | 4 Min Read

The international reaction to the Russian invasion of Ukraine has manifested in a few distinct ways, as outlined in our...
Biden’s Executive Order on Crypto: What you need to know

Biden’s Executive Order on Crypto: What you need to know

March 15, 2022 | 7 Min Read

On 9 Mar 2022 US President Biden signed a new executive order (EO) to ensure the responsible development of cryptocurrency...
Exploring SIM Swapping Services on Cybercriminal Forums

Exploring SIM Swapping Services on Cybercriminal Forums

March 10, 2022 | 10 Min Read

If you’ve made it to 2022 (congratulations), there’s a fairly good chance you own a mobile phone (again, congrats). You’re...
Can cryptocurrency be used to bypass the impact of sanctions being applied against Russia?

Can cryptocurrency be used to bypass the impact of sanctions being applied against Russia?

March 9, 2022 | 10 Min Read

In an interview on 28 Feb 2022, former Presidential candidate Hillary Clinton criticized several cryptocurrency exchanges that had decided against...
What We’re Reading this Month: March 2022

What We’re Reading this Month: March 2022

March 3, 2022 | 7 Min Read

Roll up roll up, it’s that time for the monthly what we’re reading blog, in which some of us in...
Intelligence Requirements: Planning your cyber response to the Russia-Ukraine war

Intelligence Requirements: Planning your cyber response to the Russia-Ukraine war

March 1, 2022 | 11 Min Read

At the end of last week, Digital Shadow’s CISO, Rick Holland, released his blog Russian Cyber Threats: Practical Advice For...
Cybercriminals React to Ukraine-Russia Conflict

Cybercriminals React to Ukraine-Russia Conflict

February 25, 2022 | 7 Min Read

As the world reacted to Russia’s invasion of Ukraine on 24 Feb 2022, cybercriminals were also formulating their own opinions...
Russian Cyber Threats: Practical Advice For Security Leaders

Russian Cyber Threats: Practical Advice For Security Leaders

February 25, 2022 | 11 Min Read

As I spent Wednesday night doom scrolling into the early hours of the morning, I felt pretty powerless as I...
Russia Invades Ukraine: What happens next?

Russia Invades Ukraine: What happens next?

February 24, 2022 | 5 Min Read

On 23 Feb 2022,  Russian forces started a military operation targeting Ukraine. Reporting indicates that shelling in several Ukrainian cities...
Recruitment Fraud in 2022

Recruitment Fraud in 2022

February 23, 2022 | 3 Min Read

Earlier this month, the FBI released a public service announcement titled “Scammers Exploit Security Weaknesses on Job Recruitment Websites to...
Of Death and Taxes: File Early To Beat The Scammers

Of Death and Taxes: File Early To Beat The Scammers

February 22, 2022 | 7 Min Read

Tax season has officially started! The Internal Revenue Service (IRS) of the US will be accepting tax returns between January...
“No cards = no work = no money”: Russian law enforcement’s assault on carding platforms

“No cards = no work = no money”: Russian law enforcement’s assault on carding platforms

February 18, 2022 | 9 Min Read

Arguably the biggest cybersecurity event of the year so far was the Russian Federal Security Service (FSB) arresting suspected members...
Initial Access Brokers in 2021: An Ever Expanding Threat

Initial Access Brokers in 2021: An Ever Expanding Threat

February 16, 2022 | 11 Min Read

To say that 2021 was a turbulent year for security teams would be a massive understatement. Last year, we observed...
Automate Alert Investigation and Response with XSOAR and SearchLight

Automate Alert Investigation and Response with XSOAR and SearchLight

February 11, 2022 | 3 Min Read

We are excited to announce an expanded set of XSOAR playbooks that make use of Digital Shadows intelligence. In this...
Valentine’s Day: Share your love, not your credentials

Valentine’s Day: Share your love, not your credentials

February 9, 2022 | 6 Min Read

Roses are red, violets are blue. Your files are encrypted. Please send BTC to address two twenty-two.  As the yearly...
Growing Tension Between Russia and Ukraine: Should you be concerned?

Growing Tension Between Russia and Ukraine: Should you be concerned?

February 9, 2022 | 9 Min Read

Russia and Ukraine have had a particularly tense relationship since Russia’s annexation of Crimea in 2014. In the past weeks,...
CVEs You Might Have Missed While Log4j Stole the Headlines

CVEs You Might Have Missed While Log4j Stole the Headlines

February 8, 2022 | 19 Min Read

The past three months have been a particularly challenging time for security teams. 2021 rounded off in the most spectacular...
Beijing 2022: Why you should or shouldn’t care about the Winter Olympics

Beijing 2022: Why you should or shouldn’t care about the Winter Olympics

February 3, 2022 | 9 Min Read

When asked to write about the Winter Olympic Games this year, I immediately thought about my alpine holiday in Niseko....
What We’re Reading This Month – January 2022

What We’re Reading This Month – January 2022

February 2, 2022 | 8 Min Read

January. The month also known as the time of the year where most of the Great New Year’s Resolutions come...
Vulnerability Intelligence: Introducing SearchLight’s Newest Capability

Vulnerability Intelligence: Introducing SearchLight’s Newest Capability

January 31, 2022 | 4 Min Read

Digital Shadows’ new vulnerability intelligence capability brings a unique context to CVEs. Armed with this intelligence, security teams can better...
Life in Prison: The Cybercriminal Perspective

Life in Prison: The Cybercriminal Perspective

January 27, 2022 | 9 Min Read

While some of us might be taking it easy after the excesses of the Christmas period, January certainly hasn’t been...
Vulnerability Intelligence: A Best Practice Guide

Vulnerability Intelligence: A Best Practice Guide

January 26, 2022 | 4 Min Read

Vulnerability intelligence is fast emerging as one of the most valued threat intelligence use cases. It provides information about how...
Navigating the Threat Intelligence Market in 2022

Navigating the Threat Intelligence Market in 2022

January 20, 2022 | 4 Min Read

Every year attacks become more prevalent and more sophisticated. Last year was no exception. If you then throw in a...
Ransomware Q4 Overview

Ransomware Q4 Overview

January 19, 2022 | 12 Min Read

2021 has finally come to an end and it is time for us to look back at some of the...
Making Sense of the REvil Arrests

Making Sense of the REvil Arrests

January 14, 2022 | 7 Min Read

On 14 January 2022, our seemingly quiet Friday afternoons were shattered by a piece of breaking news, detailing the arrest...
How Do Ransomware Groups Launder Payments?

How Do Ransomware Groups Launder Payments?

January 10, 2022 | 7 Min Read

Ransomware continued to represent arguably the biggest headache for incident responders and blue teams in 2021, and the upcoming year...
Cyber Threats to Education

Cyber Threats to Education

January 6, 2022 | 3 Min Read

Universities and higher education institutions were some of the most popular targets in 2021. According to Microsoft, education is the...