Data Loss

Show
2.3 billion files exposed across online file storage technologies
May 30, 2019

2.3 billion is a massive number. It’s hard even to wrap your head around; what do I have 2.3 billion …

read more

Breach! An Analysis of the Modern Digital Breach, with Cyber Defense Lab’s CEO, Bob Anderson

August 22, 2019

Just prior to the BlackHat & DEFCON, my colleague Rick Holland and I were fortunate to share some time in …

read more

Capital One Breach: What we know and what you can do

July 31, 2019

Monday blues. It’s a thing. It’s when you start the week feeling moody because your weekend is over. The feeling …

read more

Harnessing Exposed Data to Enhance Cyber Intelligence

July 11, 2019

Register for our upcoming webinar “Harnessing Exposed Data to Enhance Cyber Intelligence” with Harrison Van Riper and Michael Marriott to …

read more

Leaky SMB File Shares – So Many Bytes!

June 19, 2019

Everyone loves a sequel. If you’re an avid Marvel fan, you’re probably sitting on the edge of your seat waiting …

read more

Managing Digital Risk: 4 Steps to Take

June 18, 2019

Organizations are finding it increasingly difficult to know where their data is stored and shared in today’s technology-forward, connected world. …

read more

Enabling Soi Dog’s Digital Transformation: A Case Study

May 8, 2019

At the beginning of this year I was introduced to Spencer Hardy, the IT manager for an animal charity called …

read more

Detecting Exposed Company Data: The What, Why, and How

March 12, 2019

What is data loss detection? A fundamental responsibility for any IT security professional is to secure their information assets, be …

read more

Introducing Our Practical Guide to Reducing Digital Risk

February 12, 2019

Download a copy of A Practical Guide to Reducing Digital Risk   Digital Footprints and Digital Shadows Back when Al …

read more

SingHealth Breach Post-mortem: Key Findings

January 29, 2019

On 10 January 2019, Singaporean authorities finally released a report detailing how the attack against Singapore’s largest group of healthcare …

read more

81,000 Hacked Facebook Accounts for Sale: 5 Things to Know

November 2, 2018

This morning, the British Broadcasting Corporation (BBC) published an article detailing how online actors had obtained and advertised at least …

read more

Cyber Security Awareness Month: Week 1 – Credential Hygiene

October 3, 2018

It’s the opening week of the annual National Cyber Security Awareness Month (U.S.) and Cyber Security Month (Europe). While good …

read more

GAO’s Equifax Post-mortem Report

September 11, 2018

It’s common for the exciting and novel issues that confront security professionals on a daily basis to be hyped up. …

read more

Digital Shadows Contributes to Insider Threat Research

August 9, 2018

On July 30, Forrester published its latest research report on malicious insiders, Defend Your Data As Insiders Monetize Their Access. …

read more

Keys to the Kingdom: Exposed Security Assessments

April 24, 2018

Organizations employ external consultants and suppliers to perform assessments and penetration tests that help to bolster their overall internal security. …

read more

Out In The Open: Corporate Secrets Exposed Through Misconfigured Services

April 18, 2018

For organizations dealing with proprietary information or assets, one of the greatest concerns is the threat of competitors getting hold …

read more

When There’s No Need to Hack: Exposed Personal Information

April 17, 2018

With Equifax‘s breach of 145 million records still fresh in everyone’s memory and the recent Facebook data privacy controversy, protecting personal …

read more

Leveraging the 2018 Verizon Data Breach Investigations Report

April 10, 2018

Today, the 11th edition of the Verizon Data Breach Investigations Report (DBIR) has been released. This year’s report includes 53,308 …

read more

When Sharing Is Not Caring: Over 1.5 Billion Files Exposed Through Misconfigured Services

April 5, 2018

Our recent report “Too Much Information”, discovered over 1.5 billion files from a host of services, including Amazon S3 buckets, …

read more

Ransomware in 2018: 4 Things to Look Out For

March 8, 2018

Ransomware remains an active threat for organizations into 2018. Last year, large scale attacks like NotPetya and WCry wreaked havoc, …

read more

Data Privacy Day: 8 Key Recommendations for GDPR Readiness

January 26, 2018

This Sunday is Data Privacy Day, “an international effort held annually on January 28th to create awareness about the importance …

read more

GDPR: Why You Need to Consider the Personal Data That Lies Outside of Your Organization

January 4, 2018

In 2010, reports emerged that the Information Commissioners’ Office (ICO) could now fine organizations up to £500,000 ($677,000) under the …

read more

GDPR – Not Just a European Concern

November 20, 2017

This post originally appeared on SecurityWeek. The recent Equifax breach that has been all over the news raises an interesting question: …

read more

2017 Equifax Breach: Impact and Lessons Learned

September 28, 2017

Equifax experienced a data breach that occurred in mid-May 2017, was first discovered on 29 Jul 2017, and was publicly …

read more

An Update on the Equifax Data Breach

September 13, 2017

The credit reporting agency Equifax reported on September 7th, that it had been breached. On Friday, we outlined what we knew …

read more

Equifax Breach: The Impact For Enterprises and Consumers

September 8, 2017

What we know about the Equifax breach On September 7th, credit reporting agency Equifax announced “a cybersecurity incident potentially impacting …

read more

Content Delivery Networks (CDNs) Can Leave You Exposed – How You Might be Affected and What You Can Do About It

September 6, 2017

Whether it was the Mirai botnet and Dyn or the “Cloudbleed” revelations, content delivery networks (CDNs) have been in the …

read more

Bitglass: Compromised Credentials are Just One Way Your Corporate Data is Being Exposed

August 18, 2017

A guest blog from Bitglass, read the original at https://www.bitglass.com/blog/datawatch-beware-of-careless-insiders  Every day, employees around the world use the cloud to perform …

read more

Authentication Nation: 5 Ways NIST is Changing How We Think About Passwords

May 9, 2017

Passwords have taken a beating over the past several years, and there seems to be little question among leading practitioners …

read more

Five Tips To Make Your Passwords Better

September 26, 2016

While security is everyone’s responsibility, it’s not always easy to get right. Our “Security Best Practices” blog series will provide …

read more

The Industrialized Uses of Breached Data

September 21, 2016

In our first blog, we outlined a number of specific factors that can be used to determine a dataset’s desirability, …

read more

Beauty and the Breach: Leaked Credentials in Context

September 21, 2016

Our analysts recently researched credential compromise, finding more than 5 million leaked credentials online for the world’s biggest 1,000 organizations. Of …

read more

New report: 97 percent of the top 1,000 companies suffer from credential compromise

September 20, 2016

Data breaches and credential compromise are not new. After all, 2014 was known as the “year of the data breach”. …

read more

Four Things We’ve Learned From the Alleged Equation Group Code Leak

August 22, 2016

The wake of the deeply bizarre auction of toolkits alleged to be from the Equation Group by the self-proclaimed “Shadow …

read more

Gambling with Security in Vegas: Not Your Best Bet

July 27, 2016

With BSides Las Vegas, Black Hat, and DEF CON around the corner, security is likely at the forefront of many …

read more

Thedarkoverlord – losing his patients?

July 26, 2016

In late June 2016, we observed a spate of attacks allegedly conducted by a vendor named “thedarkoverlord” on the dark …

read more

5 Key Lessons From The FDIC’s Breach Disclosure Debacle

July 18, 2016

Last week, the United States House Science, Space and Technology Committee released the scathing results of the committee’s investigations into …

read more

10 ways to prepare for credential leak incidents

June 30, 2016

From LinkedIn to MySpace, threat actors like Peace of Mind and Tessa88 have been selling credentials in various criminal dark …

read more

Data breaches targeting financial services: 2016 so far

May 26, 2016

It’s been a busy year for data breaches relating to financial services organizations – we’ve identified claims of breaches for 10 …

read more

Bozkurt Hackers continue to leak bank data

May 13, 2016

A threat actor calling itself “Bozkurt Hackers” posted links to data on Twitter allegedly obtained from a number of banks …

read more

Analyzing the 2016 Verizon Data Breach Investigations Report

May 2, 2016

Last week Verizon released the 2016 Data Breach Investigations Report. If you haven’t read it yet, I highly recommend that …

read more

The Hacking Team breach – an attacker’s point of view

April 22, 2016

On 17 April 2016, two posts were added to Pastebin (one in Spanish, the other in English) detailing the alleged …

read more

Emerging Markets: Online Extortion Matures via DDoS Attacks

November 9, 2015

Unlike scenes from books or movies where shadowy figures hold manila envelopes containing information or photographs pertaining to an unsuspecting …

read more

TalkTalk: Avoiding The Hype

October 28, 2015

There has been no shortage of media coverage on the recent TalkTalk cyber attack.  The full implications of the attack …

read more

The Adult Friend Finder Breach: A Recap

September 7, 2015

Last week, news quickly spread about a security breach that impacted the casual dating website Adult Friend Finder. Will Gragido. Head of Threat Intelligence for Digital Shadows in the USA, shares his findings.

read more

Saudi Arabia MOFA Breach

September 7, 2015

A look at the recent MOFA breach.

read more

What’s In a Name? The Mystery Surrounding the Identity of the Actors Responsible for the Saudi Arabia Breaches

September 7, 2015

Introduction Recently we wrote about the initial breach of the Ministry of Foreign Affairs of the Kingdom of Saudi Arabia …

read more