Category: Cybercrime and Dark Web Research

Cybercrime and Dark Web Research

Cyber Threats to the Tokyo 2020 Olympic Games

July 21, 2021 | 8 Min Read

Just a few weeks ago, Digital Shadows published a blog written by yours truly that analyzed the cyber threats to the UEFA EURO 2020 Championship. Little did I know that the biggest threat to that...
Cyber Threats to the Tokyo 2020 Olympic Games

Cyber Threats to the Tokyo 2020 Olympic Games

July 21, 2021 | 8 Min Read

Just a few weeks ago, Digital Shadows published a blog written by yours truly that analyzed the cyber threats to...
Q2 Ransomware Roll Up

Q2 Ransomware Roll Up

July 20, 2021 | 9 Min Read

With the closing of another quarter, it’s once again time to have a look back at the cyber threat landscape...
Kaseya Attack Update: What’s Happened Since?

Kaseya Attack Update: What’s Happened Since?

July 14, 2021 | 6 Min Read

A little over a week ago, we wrote a bit about what we knew about the Ransomware-as-a-Service (RaaS) operator group...
Kaseya Ransomware Supply-Chain Attack: What We Know So Far

Kaseya Ransomware Supply-Chain Attack: What We Know So Far

July 5, 2021 | 7 Min Read

On 02 July 2021, details started to emerge of a sophisticated supply-chain attack targeting Kaseya VSA, virtual system administrator software...
Why Do Users Get Banned from Cybercriminal Forums?

Why Do Users Get Banned from Cybercriminal Forums?

June 24, 2021 | 13 Min Read

Cybersecurity reporting tends to focus on stories about governments and law enforcement agencies moving to catch the threat actors responsible...
Threat Actors Living Off the Land

Threat Actors Living Off the Land

June 23, 2021 | 10 Min Read

Don’t underestimate your adversary—there are some security practitioners out there who might dismiss your everyday hackers and threat actors as...
Cyber Threats to the UEFA EURO 2020 Championship

Cyber Threats to the UEFA EURO 2020 Championship

June 9, 2021 | 7 Min Read

When I was first asked to write a blog about the UEFA EURO 2020 Championship, I immediately imagined going through...
The Business of Extortion: How Ransomware Makes Money

The Business of Extortion: How Ransomware Makes Money

June 9, 2021 | 8 Min Read

We can’t stop talking about it: Ransomware. It’s dominating a lot of security news for sure, which also means it’s...
Cryptocurrency Attacks to be Aware of in 2021

Cryptocurrency Attacks to be Aware of in 2021

June 8, 2021 | 10 Min Read

It’s been a pretty big year so far for cryptocurrency. After it reached an all-time high in April 2021, new...
The Top Three Cybercrime Takeaways from the 2021 Verizon DBIR

The Top Three Cybercrime Takeaways from the 2021 Verizon DBIR

June 2, 2021 | 4 Min Read

The 2021 DBIR is still hot off the press, and it did not disappoint. For many years, Verizon’s Data Breach...
Cyber Attacks: The Challenge of Attribution and Response

Cyber Attacks: The Challenge of Attribution and Response

June 1, 2021 | 11 Min Read

In December 2020, the world was rocked by an enormous supply chain attack against software provider Solarwinds, which provided unprecedented...
Death and Decay: How Cybercriminal Platforms Meet Their End

Death and Decay: How Cybercriminal Platforms Meet Their End

May 26, 2021 | 12 Min Read

At Digital Shadows, we’re constantly monitoring the status of cybercriminal locations on the clear, deep, and dark web. It’s a...
Ransomware-as-a-Service, Rogue Affiliates, and What’s Next

Ransomware-as-a-Service, Rogue Affiliates, and What’s Next

May 20, 2021 | 7 Min Read

Generating a chain of unforeseen events, the Colonial Pipeline ransomware attack has drastically altered the broader cyber threat landscape as...
Examining Russian-language Cybercriminal Marketplaces

Examining Russian-language Cybercriminal Marketplaces

May 18, 2021 | 10 Min Read

Our blogs have covered the fate of numerous cybercriminal marketplaces on the clear, deep, and dark web over the years....
Colonial Pipeline Attack Update: Cybercriminal forum XSS, Exploit and RaidForums ban all things ransomware

Colonial Pipeline Attack Update: Cybercriminal forum XSS, Exploit and RaidForums ban all things ransomware

May 14, 2021 | 8 Min Read

One week ago, on 07 May 2021, members of the DarkSide ransomware affiliate program encrypted infrastructure belonging to the US...
Mapping MITRE ATT&CK to the WannaCry Campaign

Mapping MITRE ATT&CK to the WannaCry Campaign

May 12, 2021 | 8 Min Read

Learning from past mistakes is a crucial part of every job. Four years after WannaCry’s outbreak, analyzing which weak security...
Bitcoin and Alternative Cryptos in the Cybercriminal Underground

Bitcoin and Alternative Cryptos in the Cybercriminal Underground

May 11, 2021 | 10 Min Read

The popularity of Bitcoin and cryptocurrencies continue to progress in the modern-day, with drastically surging valuations. Notably, Bitcoin surpassed its...
Colonial Pipeline Ransomware Attack: What we know so far

Colonial Pipeline Ransomware Attack: What we know so far

May 10, 2021 | 5 Min Read

On 07 May 2021, a ransomware attack impacted the network of the US energy operator Colonial Pipeline disrupting operations and...
The Technology Adoption Lifecycle of Genesis Market

The Technology Adoption Lifecycle of Genesis Market

May 4, 2021 | 5 Min Read

This blog highlights work from Digital Shadows’ recently-published Dark Web Monitoring Solutions Guide. The guide outlines some of the most...
The Dark Web Response to COVID Vaccinations

The Dark Web Response to COVID Vaccinations

April 28, 2021 | 8 Min Read

There is light at the end of the coronavirus tunnel: Countries are now beginning a gradual return to normalcy thanks...
The Emotet Shutdown Explained

The Emotet Shutdown Explained

April 22, 2021 | 5 Min Read

Covered in our previous article on Emotet’s Disruption, Emotet has been seized by law enforcement. Authorities that managed to seize...
Q1 Vulnerability Roundup

Q1 Vulnerability Roundup

April 20, 2021 | 8 Min Read

In the first quarter of 2021, several high-severity vulnerabilities were used as a conduit to solicit several malicious campaigns. This...
Q1 Ransomware Roundup

Q1 Ransomware Roundup

April 14, 2021 | 9 Min Read

Consistency is the first word that springs to mind when assessing ransomware activity throughout the Q1 of 2021. There have...
Initial Access Brokers Listings Increasing in 2021

Initial Access Brokers Listings Increasing in 2021

April 13, 2021 | 7 Min Read

Since we first published our report Initial Access Brokers: An Excess of Access, Digital Shadows has continued to monitor this...
The Microsoft Exchange Server Exploit: What Happened Next

The Microsoft Exchange Server Exploit: What Happened Next

April 1, 2021 | 9 Min Read

It may be April Fool’s Day, but zero-day exploits detected in Microsoft Exchange Servers are no joke. It’s now been...
Tax and Unemployment Fraud in 2021

Tax and Unemployment Fraud in 2021

March 24, 2021 | 6 Min Read

It’s the most wonderful time of the year! Tax season again. In a decision to assist US taxpayers navigating the...
Arrest, Prosecution, and Incarceration:  The Cybercriminal Perspective

Arrest, Prosecution, and Incarceration: The Cybercriminal Perspective

March 22, 2021 | 10 Min Read

As we highlighted in our recent blog on Cybercriminal Law Enforcement Crackdowns in 2021, this year has been a busy...
Mapping MITRE ATT&CK to the Microsoft Exchange Zero-Day Exploits

Mapping MITRE ATT&CK to the Microsoft Exchange Zero-Day Exploits

March 11, 2021 | 7 Min Read

Note: This blog is a part of our MITRE ATT&CK Mapping series in which we map the latest major threat...
Year in Review: COVID-19 Concerns for Cybersecurity

Year in Review: COVID-19 Concerns for Cybersecurity

March 10, 2021 | 7 Min Read

Note: This blog is a follow-up on our remote worker series on navigating security as organizations continue to work from...
Mapping MITRE ATT&CK to the DPRK Financial Crime Indictment

Mapping MITRE ATT&CK to the DPRK Financial Crime Indictment

March 9, 2021 | 8 Min Read

Note: This blog is a part of our MITRE ATT&CK Mapping series in which we map the latest major threat...
The Right to Be Forgotten: Cybercriminal Forum Account Deletion

The Right to Be Forgotten: Cybercriminal Forum Account Deletion

March 4, 2021 | 9 Min Read

We often hear lines like “your past will always catch up with you, no matter how hard you try to...
Cybercriminal Law Enforcement Crackdowns in 2021

Cybercriminal Law Enforcement Crackdowns in 2021

March 2, 2021 | 9 Min Read

Note: This piece is a follow-up on our previous blog, Emotet Disruption: What it Means for the Cyber Threat Landscape,...
How to Monitor Initial Access Broker Listings in SearchLight

How to Monitor Initial Access Broker Listings in SearchLight

February 25, 2021 | 4 Min Read

By now, you might have caught wind of Photon’s new research on Initial Access Brokers (IABs). It’s a pretty awesome,...
Mapping MITRE ATT&CK to Compromised RDP Sales

Mapping MITRE ATT&CK to Compromised RDP Sales

February 23, 2021 | 8 Min Read

Digital Shadows recently published a free research paper titled Initial Access Brokers: An Excess of Access, outlining the emergence of...
The Rise of Initial Access Brokers

The Rise of Initial Access Brokers

February 22, 2021 | 5 Min Read

Over the course of 2020, Digital Shadows detected over 500 cybercriminals’ listings advertising network access across a multitude of industry...
Cybercrime and Valentine’s Day: What to Look Out For

Cybercrime and Valentine’s Day: What to Look Out For

February 10, 2021 | 8 Min Read

Valentine’s Day is fast approaching and for many people that means one thing: going to the app store of their...
Emotet Disruption: what it means for the cyber threat landscape

Emotet Disruption: what it means for the cyber threat landscape

February 3, 2021 | 8 Min Read

Last week, the European Union Agency for Law Enforcement Cooperation (EUROPOL) published a press release detailing the operation that led...
DarkMarket’s seizure: the decline of the marketplace?

DarkMarket’s seizure: the decline of the marketplace?

February 2, 2021 | 6 Min Read

Once upon a time, a high-profile dark web marketplace seizure or exit scam would have been big news in the...
Joker’s Stash’s Final Deal: A turning point for AVCs?

Joker’s Stash’s Final Deal: A turning point for AVCs?

January 28, 2021 | 12 Min Read

Back in December 2020, Digital Shadows reported that the Blockchain DNS domains for the infamous carding automated vending cart (AVC)...
Brexit 2021: implications for the security landscape

Brexit 2021: implications for the security landscape

January 27, 2021 | 8 Min Read

Ok I’ll admit it, I feel pretty sorry for Boris Johnson. That doesn’t appear to be a particularly common consensus...
Ransomware: Analyzing the data from 2020

Ransomware: Analyzing the data from 2020

January 26, 2021 | 7 Min Read

Note: This blog is a roundup of our quarterly ransomware series. You can also see our Q2 Ransomware Trends, Q3...
Threats to Asset and Wealth Management in 2020-2021

Threats to Asset and Wealth Management in 2020-2021

January 21, 2021 | 10 Min Read

Note: Our findings in this blog stem from analysis of all Q4 2020 cyber threat activity by our in-house research...
Targets and Predictions for the COVID-19 Threat Landscape

Targets and Predictions for the COVID-19 Threat Landscape

January 14, 2021 | 7 Min Read

Note: This blog is part of our ongoing coverage of the virus’s impact on the cyber threat intelligence landscape. You...
Tracing the Rise and Fall of Dark Web Marketplaces and Cybercriminal Forums

Tracing the Rise and Fall of Dark Web Marketplaces and Cybercriminal Forums

January 13, 2021 | 9 Min Read

It’s often the case that a sequel to a great book or a remake of a once-popular TV series doesn’t...
ICYMI: SolarWinds Compromise Update

ICYMI: SolarWinds Compromise Update

January 8, 2021 | 7 Min Read

Note: This blog is a follow-up of our previous SolarWinds blog by our in-house threat intelligence team. You can read...
Looking back at 2020: A Year in Review

Looking back at 2020: A Year in Review

January 6, 2021 | 8 Min Read

2020 is truly an extraordinary year (and some aspects worse than others). This year was also made up of some...