Digital Shadows to be Acquired by ReliaQuest

Category: Cybercrime and Dark Web Research

Cybercrime and Dark Web Research

Market differentiation: Cybercriminal forums’ unusual features designed to attract users

June 30, 2022 | 13 Min Read

After a tumultuous few months at the start of the year in which each week seemed to bring a major development in the cybercrime scene, we’ve been enjoying a period of relative stability in the...
Market differentiation: Cybercriminal forums’ unusual features designed to attract users

Market differentiation: Cybercriminal forums’ unusual features designed to attract users

June 30, 2022 | 13 Min Read

After a tumultuous few months at the start of the year in which each week seemed to bring a major...
Credential stuffing: What is it, are you at risk?

Credential stuffing: What is it, are you at risk?

June 23, 2022 | 6 Min Read

You may have read about the recent attack affecting motoring powerhouse General Motors (GM), that resulted in significant numbers of...
Weak credentials are fueling a new generation of cyber threats

Weak credentials are fueling a new generation of cyber threats

June 15, 2022 | 7 Min Read

In the coming week, Digital Shadows will release a research report highlighting the significant risk facing organizations and individuals from...
Ransomware gangs and PR stunts: Why LockBit faked a ransomware attack against Mandiant

Ransomware gangs and PR stunts: Why LockBit faked a ransomware attack against Mandiant

June 10, 2022 | 5 Min Read

Ransomware groups have extensively improved their tactics to behave in an increasingly professional and corporate-like manner; this has allowed groups...
Russian prison culture and slang on cybercriminal forums: Can you cram on the hairdryer?

Russian prison culture and slang on cybercriminal forums: Can you cram on the hairdryer?

May 31, 2022 | 10 Min Read

In a few previous blogs, we’ve covered how threat actors discuss prison on Russian-language cybercriminal platforms. We’ve touched on high-profile...
Five years after the WannaCry dumpster fire, ransomware remains a global threat

Five years after the WannaCry dumpster fire, ransomware remains a global threat

May 11, 2022 | 7 Min Read

It has been five years since the dumpster fire we all remember as WannaCry. WannaCry is self-propagating ransomware that held...
ALPHV: The First Rust-Based Ransomware

ALPHV: The First Rust-Based Ransomware

May 6, 2022 | 7 Min Read

In late 2021, we observed a new ransomware operation named “ALPHV” (also known as BlackCat) emerge. The group operates as...
Colonial Pipeline One Year Later: What’s Changed?

Colonial Pipeline One Year Later: What’s Changed?

May 4, 2022 | 10 Min Read

For the first half of 2021, ransomware groups looked unstoppable. Ransomware gangs were adding victim after victim on their dark...
Opportunity in the midst of chaos: Russian-speaking cybercriminals grapple with sanctions and forum takedowns

Opportunity in the midst of chaos: Russian-speaking cybercriminals grapple with sanctions and forum takedowns

April 27, 2022 | 8 Min Read

As a threat intelligence professional, it’s difficult to ignore how major developments in the real world affect the lives of...
The role of Non-Fungible Tokens (NFTs) in facilitating cybercrime

The role of Non-Fungible Tokens (NFTs) in facilitating cybercrime

April 20, 2022 | 8 Min Read

You’d have to have been living under a rock to have avoided the excitement surrounding Non-Fungible-Tokens (NFTs) in the last...
 Q1 2022 Ransomware Roundup

 Q1 2022 Ransomware Roundup

April 12, 2022 | 12 Min Read

As the new year has reached the end of its first quarter, it’s time for us to go back and...
Team A vs Team B: What is Motivating Lapsus$?

Team A vs Team B: What is Motivating Lapsus$?

April 6, 2022 | 8 Min Read

In the past few weeks, the Lapsus$ threat group captured the security community’s attention with a series of brazen and...
Five things we learned from the Conti chat logs

Five things we learned from the Conti chat logs

April 5, 2022 | 11 Min Read

At the end of February, the cybersecurity community was rocked by the appearance of alleged chat logs recording conversations between...
“Your rubles will only be good for lighting a fire”: Cybercriminals reel from impact of sanctions

“Your rubles will only be good for lighting a fire”: Cybercriminals reel from impact of sanctions

March 29, 2022 | 10 Min Read

Since Russia’s invasion of Ukraine in February, the Digital Shadows Photon team has been following multiple aspects of the tragic...
Meet Lapsus$: An Unusual Group in the Cyber Extortion Business

Meet Lapsus$: An Unusual Group in the Cyber Extortion Business

March 17, 2022 | 5 Min Read

In December 2021, a new cyber threat group began attracting the security community’s attention, after conducting several high-profile extortion attacks...
Exploring SIM Swapping Services on Cybercriminal Forums

Exploring SIM Swapping Services on Cybercriminal Forums

March 10, 2022 | 10 Min Read

If you’ve made it to 2022 (congratulations), there’s a fairly good chance you own a mobile phone (again, congrats). You’re...
Intelligence Requirements: Planning your cyber response to the Russia-Ukraine war

Intelligence Requirements: Planning your cyber response to the Russia-Ukraine war

March 1, 2022 | 11 Min Read

At the end of last week, Digital Shadow’s CISO, Rick Holland, released his blog Russian Cyber Threats: Practical Advice For...
Cybercriminals React to Ukraine-Russia Conflict

Cybercriminals React to Ukraine-Russia Conflict

February 25, 2022 | 7 Min Read

As the world reacted to Russia’s invasion of Ukraine on 24 Feb 2022, cybercriminals were also formulating their own opinions...
Russia Invades Ukraine: What happens next?

Russia Invades Ukraine: What happens next?

February 24, 2022 | 5 Min Read

On 23 Feb 2022,  Russian forces started a military operation targeting Ukraine. Reporting indicates that shelling in several Ukrainian cities...
“No cards = no work = no money”: Russian law enforcement’s assault on carding platforms

“No cards = no work = no money”: Russian law enforcement’s assault on carding platforms

February 18, 2022 | 9 Min Read

Arguably the biggest cybersecurity event of the year so far was the Russian Federal Security Service (FSB) arresting suspected members...
Initial Access Brokers in 2021: An Ever Expanding Threat

Initial Access Brokers in 2021: An Ever Expanding Threat

February 16, 2022 | 11 Min Read

To say that 2021 was a turbulent year for security teams would be a massive understatement. Last year, we observed...
Valentine’s Day: Share your love, not your credentials

Valentine’s Day: Share your love, not your credentials

February 9, 2022 | 6 Min Read

Roses are red, violets are blue. Your files are encrypted. Please send BTC to address two twenty-two.  As the yearly...
Growing Tension Between Russia and Ukraine: Should you be concerned?

Growing Tension Between Russia and Ukraine: Should you be concerned?

February 9, 2022 | 9 Min Read

Russia and Ukraine have had a particularly tense relationship since Russia’s annexation of Crimea in 2014. In the past weeks,...
What We’re Reading This Month – January 2022

What We’re Reading This Month – January 2022

February 2, 2022 | 8 Min Read

January. The month also known as the time of the year where most of the Great New Year’s Resolutions come...
Life in Prison: The Cybercriminal Perspective

Life in Prison: The Cybercriminal Perspective

January 27, 2022 | 9 Min Read

While some of us might be taking it easy after the excesses of the Christmas period, January certainly hasn’t been...
Ransomware Q4 Overview

Ransomware Q4 Overview

January 19, 2022 | 12 Min Read

2021 has finally come to an end and it is time for us to look back at some of the...
Making Sense of the REvil Arrests

Making Sense of the REvil Arrests

January 14, 2022 | 7 Min Read

On 14 January 2022, our seemingly quiet Friday afternoons were shattered by a piece of breaking news, detailing the arrest...
How Do Ransomware Groups Launder Payments?

How Do Ransomware Groups Launder Payments?

January 10, 2022 | 7 Min Read

Ransomware continued to represent arguably the biggest headache for incident responders and blue teams in 2021, and the upcoming year...