Cybersecurity Awareness Month: Week 1 – If you Connect It, Protect It

Cybersecurity Awareness Month: Week 1 – If you Connect It, Protect It
Stefano De Blasi
Read More From Stefano De Blasi
October 8, 2020 | 6 Min Read

This week marks the opening week of the annual National Cyber Security Awareness Month (NCSAM). While focusing on cybersecurity is a full-time need, this month enables practitioners to educate the general public around the importance of information security. Throughout October, Digital Shadows will be publishing a series of blogs (listed below), covering weekly themes that highlight how internet-connected devices have impacted our lives and how we can empower users to leverage their role in security by taking steps to reduce their risks.

“Do Your Part. #BeCyberSmart.”

Week 1: If You Connect It, Protect It

Week 2: Securing Devices at Home and Work

Week 3: Securing Internet-Connected Devices in Healthcare

Week 4: The Future of Connected Devices

In Week 1, NCSAM focuses on: “If you connect it, protect it.” While drafting this blog, and as our society has become more digitized, we have found that the line between our online and offline lives has become near indistinguishable. The network of connections we build creates both opportunities and challenges for individuals and organizations across the globe. 

Cybersecurity Awareness Month
(Source: National Cyber Security Alliance)

Discovering the Internet of Things

The Internet of Things (IoT) consists of billions of physical devices connected to the Internet that gather and share data. From smartphones to toothbrushes, from wearables to industrial sensors, these devices are all around us. Their number will only continue to grow exponentially in the coming years, partially thanks to the gradual deployment of 5G connectivity.

There is no doubt that many of these objects have made our lives easier. Smart assistants and household appliances have started to populate our homes; we use them to book doctor’s appointments, remind us of our meetings, or even alert us when we’re running out of coffee. Simultaneously, the Internet of Things has dramatically improved business development and decision-making, thanks to its ability to provide a significant amount of detailed data that describes the current environment.

That said, the broad deployment of IoT devices in our households, industries, and cities camouflages several security issues that need to be considered. Most cybersecurity vulnerabilities linked to the IoT can be remediated by non-technical users with necessary cyber hygiene precautions. Before delving into those measures, let’s briefly discuss the main risks related to IoT products.

The IoT Attack Surface is Far-Reaching.

While IoT devices have the potential of easing some of our daily tasks, they are also linked with an unprecedented increase in the quantity and quality of the data we share. Medical records, sensitive personal information, and workplace plans are increasingly at risk when collected and shared through unsecured devices connected to the Internet.

One of the main problems with IoT resides behind the likelihood that many manufacturers didn’t develop these devices with security as a priority. Often, product teams are pressured to quickly gain a decent share of this rapidly expanding market and inadvertently sacrifice security.

This issue has made many IoT devices a low-hanging fruit for criminals interested in stealing sensitive data and access exposed networks. Additionally, criminals can exploit vulnerable products, by leveraging their computing power, and orchestrate massive IoT botnet campaigns to disrupt traffic on targeted services to spread malware.

Before we discuss mitigation techniques, let’s explore first common IoT vulnerabilities:

  1. Default passwords. Manufacturers commonly sell IoT devices with default passwords as their primary, built-in security layer. This authentication tool is considered weak and doesn’t ensure a necessary level of security. Default passwords are often publicly available online and constitute an easy entry point for malicious actors.
  1. Unpatched and vulnerable. The pace at which manufacturers deploy IoT devices into the wild makes security updates and patches a challenge to manage. While top-tier products are updated continuously, and patches are rolled out, lower-quality ones risk reaching “end-of-life” (a state when older products are not updated anymore by their manufacturer) before their vulnerabilities are securely fixed. Consequently, the IoT landscape is populated with devices rigged with long-known vulnerabilities that risk giving attackers easy access to your network.
  1. Rogue devices. As IoT products became widespread in our lives, a new trend of connecting them to sensitive networks emerged. Linking vulnerable smart printers and personal fitness trackers to our home or workplace Wi-Fi puts the entire system’s security at risk; it provides criminals with an open door to gain a foothold in the network and move laterally to collect sensitive, proprietary, or personal data. Plus, if these devices are connected without informing the relevant technicians, the risk becomes even more severe.

If you connect it, protect it

Necessary security precautions can go a long way in reducing the risks posed by (and from) your IoT products. Having briefly introduced the main risks linked with the unsecured use of IoT devices, we will now discuss some easy-to-follow mitigation techniques applied by technical and non-technical users:

  1. Use complex passwords. Ground-breaking, I know, but as mentioned before, IoT items are often delivered to your door with a default password as the primary security layer. The first thing to do would be to follow password best practices and change the password to a unique and complex string. If you are like me and you have an awful memory, consider using a password manager to store them in a secure place.
  1. Update, update, update. IoT devices need to be updated in the same way that smartphones and laptops do. While our closest devices inform us when they need to be updated, IoT products often require users to take a step further and manually patch them. If you can enable the device to update itself automatically, I recommend that you do so. If the manufacturer has halted the security updates for a product that has reached end-of-life, the best advice would be to replace it with a new one (if possible).
  1. Don’t forget the apps. One of the IoT’s characterizing features is the massive amount of personal data gathered while using such devices. Smart home appliances, such as light bulbs and speakers, often require users to install an app on their smartphone or tablet. Therefore, it is essential to check whether these apps are legitimate and what security permissions they request. Downloading apps from trusted vendors and limiting the smartphone features they have access to could go a long way in mitigating the risks associated with IoT mobile apps. 
  1. Monitor (and segment) your network. Criminals may leverage unprotected IoT devices to access your network and extract private, sensitive, and confidential information. The simplest way to avoid this issue would be to keep your devices offline. If that’s not an option, consider segmenting your network and creating a parallel access point for your smart appliances. 

The cybersecurity issues related to IoT are more pressing than ever. They should be treated with extreme caution as these devices are involved in almost every aspect of our daily lives. The mitigation techniques proposed in this blog are far from constituting a silver bullet against these products’ vulnerabilities, but offer a useful starting point for users interested in monitoring and limiting their attack surface.

For more tips on securing your devices at home and work, keep an eye out for our next piece in our four-part National Cybersecurity Awareness Month blog series!

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

Connect with us

Related Posts

Cybersecurity Awareness Month: Week 4 – The Future of Connected Devices

Cybersecurity Awareness Month: Week 4 – The Future of Connected Devices

October 28, 2020 | 8 Min Read

This year’s Cybersecurity Awareness Month...
Foreign cyber threats to the 2020 US presidential election

Foreign cyber threats to the 2020 US presidential election

October 27, 2020 | 12 Min Read

In 2016, Russian nation-state-linked threat...
Marcus Carey Joins ShadowTalk

Marcus Carey Joins ShadowTalk

October 23, 2020 | 3 Min Read

We recently had mentor, author, founder, US...
Dark pathways into cybercrime: Minding the threat actor talent gap

Dark pathways into cybercrime: Minding the threat actor talent gap

October 21, 2020 | 11 Min Read

Digital Shadows recently published two blogs...
Cybersecurity Awareness Month: Week 3 – Securing Internet- Connected Devices in Healthcare

Cybersecurity Awareness Month: Week 3 – Securing Internet- Connected Devices in Healthcare

October 21, 2020 | 9 Min Read

The healthcare industry is increasingly...
Quarterly Update: Ransomware Trends in Q3

Quarterly Update: Ransomware Trends in Q3

October 19, 2020 | 8 Min Read

As we embark on the final months of 2020,...
Digital Shadows Analysis of Europol’s Cybercrime Report

Digital Shadows Analysis of Europol’s Cybercrime Report

October 14, 2020 | 12 Min Read

In early October 2020, Europol released...
Cybersecurity Awareness Month: Week 2 – Security Devices at Home and Work

Cybersecurity Awareness Month: Week 2 – Security Devices at Home and Work

October 14, 2020 | 7 Min Read

This week, National Cyber Security Awareness...
Clickbait to Checkmate: SMS-based scam targets US smartphones and accesses victim locations

Clickbait to Checkmate: SMS-based scam targets US smartphones and accesses victim locations

October 13, 2020 | 11 Min Read

Since the start of the COVID-19 pandemic,...
Help your development teams keep their keys safe

Help your development teams keep their keys safe

October 7, 2020 | 3 Min Read

Modern development practices are a blessing...
Let’s get ready to tumble! Bitcoin vs Monero

Let’s get ready to tumble! Bitcoin vs Monero

October 6, 2020 | 13 Min Read

Over the past ten years, cryptocurrencies...
Recent arrests and high-profile convictions: What does it mean for the cyber threat landscape?

Recent arrests and high-profile convictions: What does it mean for the cyber threat landscape?

September 30, 2020 | 13 Min Read

In the wonderful world of cyber threat...
Four Ways to Validate Credentials in SearchLight

Four Ways to Validate Credentials in SearchLight

September 29, 2020 | 3 Min Read

Amid the billions of credentials that are...
Cybercriminals Targeting SAP RECON

Cybercriminals Targeting SAP RECON

September 29, 2020 | 5 Min Read

Key takeaways From the discussions that...
Unpicking Cybercriminals’ Personalities – Part 2:  Morality and Forum Dynamics

Unpicking Cybercriminals’ Personalities – Part 2: Morality and Forum Dynamics

September 28, 2020 | 7 Min Read

In the first part of this blog series, we...
RECAP: Discussing deception  with Chris Sanders

RECAP: Discussing deception with Chris Sanders

September 24, 2020 | 3 Min Read

When I was a Forrester Research analyst, I...
Unpicking Cybercriminals’ Personalities – Part 1:  Gender and Nationality

Unpicking Cybercriminals’ Personalities – Part 1: Gender and Nationality

September 23, 2020 | 9 Min Read

It’s easy to fall into the trap of...
DarkSide: The new ransomware group behind highly targeted attacks

DarkSide: The new ransomware group behind highly targeted attacks

September 22, 2020 | 8 Min Read

We’ve recently observed the emergence of a...
ShadowTalk Update – Ed Merrett Joins To Talk HackableYou And The Latest In Threat Intel

ShadowTalk Update – Ed Merrett Joins To Talk HackableYou And The Latest In Threat Intel

September 21, 2020 | 2 Min Read

This week’s host Kacey is joined by...
With the Empire falling, who will take over the throne?

With the Empire falling, who will take over the throne?

September 16, 2020 | 10 Min Read

With the Empire falling, who will take over...
Access Keys Exposed: More Than 40% Are For Database Stores

Access Keys Exposed: More Than 40% Are For Database Stores

September 14, 2020 | 6 Min Read

By now, we’ve all heard news about AWS...
ShadowTalk Update – The Team Talks Baka, Epic Manchego, and Smaug, Plus Emotet Rides Again

ShadowTalk Update – The Team Talks Baka, Epic Manchego, and Smaug, Plus Emotet Rides Again

September 14, 2020 | 2 Min Read

This week’s host Kacey is joined by...
Recruitment fraud: Don’t spook your dream candidates this halloween

Recruitment fraud: Don’t spook your dream candidates this halloween

September 10, 2020 | 4 Min Read

Everyone wants their dream job. Some people...
Not another ransomware blog: Initial access brokers and their role

Not another ransomware blog: Initial access brokers and their role

September 9, 2020 | 5 Min Read

It’s hard to get very far in cyber threat...
Cyber espionage: How to not get spooked by nation-state actors

Cyber espionage: How to not get spooked by nation-state actors

September 8, 2020 | 8 Min Read

In all the years I’ve worked in the...
Revisiting Typosquatting and the 2020 US Presidential Election

Revisiting Typosquatting and the 2020 US Presidential Election

September 2, 2020 | 11 Min Read

In October 2019, Digital Shadows’ Photon...
What is DevSecOps and Why Do We Need It?

What is DevSecOps and Why Do We Need It?

August 12, 2020 | 4 Min Read

DevSecOps, SecDevOps, and any...
Dread takes on the spammers – who will come out on top?

Dread takes on the spammers – who will come out on top?

August 28, 2020 | 9 Min Read

Spamming is an irritating and sometimes...
Fall of the behemoth: Cybercriminal underground rocked by Empire’s apparent exit scam

Fall of the behemoth: Cybercriminal underground rocked by Empire’s apparent exit scam

August 27, 2020 | 10 Min Read

Summer is generally a relatively quiet time...
“ALEXA, WHO IS THE NUMBER ONE CYBERCRIMINAL FORUM TO RULE THEM ALL?”

“ALEXA, WHO IS THE NUMBER ONE CYBERCRIMINAL FORUM TO RULE THEM ALL?”

August 26, 2020 | 12 Min Read

In June 2020, the administrator of the...
RECAP: Discussing the evolution and trends of cybercrime with Geoff White

RECAP: Discussing the evolution and trends of cybercrime with Geoff White

August 25, 2020 | 8 Min Read

In late July 2020, Digital Shadows had the...
Validate Exposed Credentials with Okta to Save Even More Time

Validate Exposed Credentials with Okta to Save Even More Time

August 24, 2020 | 3 Min Read

SearchLight customers can now automatically...
Dark Web Forums – The new kid on the block

Dark Web Forums – The new kid on the block

August 18, 2020 | 12 Min Read

Introducing DWF There’s a new kid on...
Optiv CTIE 2020: COVID-19, cybercrime, and third-party risk

Optiv CTIE 2020: COVID-19, cybercrime, and third-party risk

August 17, 2020 | 10 Min Read

Optiv recently released their 2020 Cyber...
ShadowTalk Update – Defaced Subreddits, Intel Leak Drama on Twitter, and HIBP Goes Open-Source

ShadowTalk Update – Defaced Subreddits, Intel Leak Drama on Twitter, and HIBP Goes Open-Source

August 17, 2020 | 2 Min Read

Alex, Kacey, and Charles host this week’s...
It’s even easier to initiate takedowns in SearchLight

It’s even easier to initiate takedowns in SearchLight

August 12, 2020 | 3 Min Read

When faced with infringing content, phishing...
Escrow systems on cybercriminal forums: The Good, the Bad and the Ugly

Escrow systems on cybercriminal forums: The Good, the Bad and the Ugly

August 11, 2020 | 15 Min Read

Just a few short months ago, the...
Saving the SOC from overload by operationalizing digital risk protection

Saving the SOC from overload by operationalizing digital risk protection

August 5, 2020 | 4 Min Read

As you may have seen last week, the latest...
The story of Nulled: Old dog, new tricks

The story of Nulled: Old dog, new tricks

August 4, 2020 | 9 Min Read

It is often said that old dogs have a hard...
ShadowTalk Update – Garmin ransomware attack, QSnatch malware, and ShinyHunters Stage 2

ShadowTalk Update – Garmin ransomware attack, QSnatch malware, and ShinyHunters Stage 2

August 3, 2020 | 3 Min Read

This week it’s a full house with ShadowTalk...
Dark Web Travel Agencies Revisited: The Impact of Coronavirus on the Shadow Travel Industry

Dark Web Travel Agencies Revisited: The Impact of Coronavirus on the Shadow Travel Industry

July 29, 2020 | 10 Min Read

Back in February, Digital Shadows published...
Account takeover: Expanding on impact

Account takeover: Expanding on impact

July 27, 2020 | 7 Min Read

Digital Shadows has collected over 15 billion...
Ransomware Trends in Q2: How Threat Intelligence Helps

Ransomware Trends in Q2: How Threat Intelligence Helps

July 22, 2020 | 8 Min Read

If you’re anything like me, it can be a...
Jira Atlassian SearchLight   Integration

Jira Atlassian SearchLight   Integration

July 21, 2020 | 2 Min Read

On average, it’s estimated that security teams...
The Rise of OpenBullet: A Deep Dive in the Attacker’s ATO toolkit

The Rise of OpenBullet: A Deep Dive in the Attacker’s ATO toolkit

July 20, 2020 | 9 Min Read

Account takeover (ATO) has become a serious...
Abracadabra! – CryptBB demystifying the illusion of the private forum

Abracadabra! – CryptBB demystifying the illusion of the private forum

July 15, 2020 | 8 Min Read

You wouldn’t usually associate cybercriminal...
SearchLight’s Credential Validation: Only Focus on What Matters

SearchLight’s Credential Validation: Only Focus on What Matters

July 14, 2020 | 4 Min Read

Of the many use cases associated with threat...
Tax Fraud in 2020: Down But Not Out

Tax Fraud in 2020: Down But Not Out

July 13, 2020 | 4 Min Read

After a three month extension, tomorrow marks...
From Exposure to Takeover: Part 1. Beg, borrow, and steal your way in

From Exposure to Takeover: Part 1. Beg, borrow, and steal your way in

July 7, 2020 | 9 Min Read

Account Takeover: Why criminals can’t...
Digital Risk Reporting Best Practices: Top 10 Ways to Build Killer Reports in SearchLight

Digital Risk Reporting Best Practices: Top 10 Ways to Build Killer Reports in SearchLight

June 30, 2020 | 4 Min Read

We all have those days or that time of the...
Multiple vs. Exclusive Sales on the Dark Web: What’s in a sale?

Multiple vs. Exclusive Sales on the Dark Web: What’s in a sale?

June 29, 2020 | 9 Min Read

When going out on a shopping spree, you would...
Introducing Nulledflix – Nulled forum’s own streaming service

Introducing Nulledflix – Nulled forum’s own streaming service

June 23, 2020 | 8 Min Read

Lockdowns implemented during the COVID-19...
Torigon Forum: A sad case of all show and no go

Torigon Forum: A sad case of all show and no go

June 23, 2020 | 11 Min Read

When we review the ideal template for a...
Ensuring order in the underground: Recruiting moderators on cybercriminal forums

Ensuring order in the underground: Recruiting moderators on cybercriminal forums

June 18, 2020 | 10 Min Read

While there have been many predictable...
Security Threat Intel Products and Services: Mapping SearchLight

Security Threat Intel Products and Services: Mapping SearchLight

June 10, 2020 | 6 Min Read

For those of you who have not yet seen, Gartner...
CISA and FBI alert: Top vulnerabilities exploited from 2016-2019 and trends from 2020

CISA and FBI alert: Top vulnerabilities exploited from 2016-2019 and trends from 2020

June 9, 2020 | 7 Min Read

A couple of weeks ago, the United States...
New DDoS protection tool advertised on the dark web

New DDoS protection tool advertised on the dark web

June 9, 2020 | 7 Min Read

This blog examines a newly launched DDoS...
3 Phishing Trends Organizations Should Watch Out For

3 Phishing Trends Organizations Should Watch Out For

May 20, 2020 | 16 Min Read

It’s only May, and is it just me, or has this...
The 2020 Verizon Data Breach Investigations Report: One CISO’s View

The 2020 Verizon Data Breach Investigations Report: One CISO’s View

May 19, 2020 | 6 Min Read

Sadly, Marvel’s Black Widow release date was...
A NEW DECADE OF CYBER THREATS: LOOKING BACK AT THE TRENDING CYBER TOPICS OF Q1 2020

A NEW DECADE OF CYBER THREATS: LOOKING BACK AT THE TRENDING CYBER TOPICS OF Q1 2020

May 14, 2020 | 10 Min Read

Q1 2020 was packed full of significant...
BitBazaar Market: Deception and Manipulation on the Dark Web

BitBazaar Market: Deception and Manipulation on the Dark Web

May 12, 2020 | 8 Min Read

It's a BitBazaar that they thought they...
Contact Tracing: Can ‘Big Tech’ Come to the Rescue, and at What Cost?

Contact Tracing: Can ‘Big Tech’ Come to the Rescue, and at What Cost?

May 11, 2020 | 13 Min Read

Co-authored by: Pratik Sinha MD PhD1,2, Alastair...
Threat Intelligence Feeds: Why Context is Key

Threat Intelligence Feeds: Why Context is Key

May 7, 2020 | 10 Min Read

Key Takeaways: Choosing which threat...
Competitions on English-language cybercriminal forums: A stagnant competition model?

Competitions on English-language cybercriminal forums: A stagnant competition model?

May 5, 2020 | 9 Min Read

Russian-language cybercriminal forums aren’t...
ShadowTalk Update – Microsoft Teams ATO Vulnerability, APT32, & Uptick In Ransomware

ShadowTalk Update – Microsoft Teams ATO Vulnerability, APT32, & Uptick In Ransomware

May 1, 2020 | 3 Min Read

Jamie, Adam, and Demelza join Viktoria for this...
Charitable Endeavors on Cybercriminal Forums

Charitable Endeavors on Cybercriminal Forums

April 28, 2020 | 12 Min Read

One heart-warming aspect of modern society is...
Nulled: The modern cybercriminal forum to go mobile….?

Nulled: The modern cybercriminal forum to go mobile….?

April 22, 2020 | 9 Min Read

What’s more threatening than the thought of a...
What ‘The Wire’ can teach us about cybersecurity

What ‘The Wire’ can teach us about cybersecurity

April 21, 2020 | 12 Min Read

In the current era of self-isolation, remote...
ShadowTalk Update – SFO Airport Hack, Fin6, And Sodinokibi Switching From Bitcoin To Monero

ShadowTalk Update – SFO Airport Hack, Fin6, And Sodinokibi Switching From Bitcoin To Monero

April 20, 2020 | 2 Min Read

This week we have new ShadowTalk guest joining us...
Zoom Security and Privacy Issues: Week in Review

Zoom Security and Privacy Issues: Week in Review

April 17, 2020 | 10 Min Read

In the last month, you’ve likely been hearing...
Top Priorities for 3rd party risk assessments

Top Priorities for 3rd party risk assessments

April 16, 2020 | 6 Min Read

If you’re like me, you’re probably tired of...
ShadowTalk Update – COVID-19 Third Party App Risks, Zoom, and DarkHotel Hackers

ShadowTalk Update – COVID-19 Third Party App Risks, Zoom, and DarkHotel Hackers

April 13, 2020 | 3 Min Read

Coming to you from Dallas this week - we have...
COVID-19: Risks of Third-Party Apps

COVID-19: Risks of Third-Party Apps

April 7, 2020 | 7 Min Read

As the global community continues to pursue...
Recon: Dark web reconnaissance made to look easy

Recon: Dark web reconnaissance made to look easy

April 3, 2020 | 4 Min Read

Just as the rest of us enjoy the ease of...
Coronavirus as a double-edged sword for cybercriminals: Desperation or opportunity?

Coronavirus as a double-edged sword for cybercriminals: Desperation or opportunity?

April 2, 2020 | 9 Min Read

The ongoing COVID-19 (aka coronavirus) pandemic...
The Digital Risk Underdog: Remediation

The Digital Risk Underdog: Remediation

April 1, 2020 | 4 Min Read

When it comes to evaluating threat intelligence...
COVID-19: Third-party risks to businesses

COVID-19: Third-party risks to businesses

March 31, 2020 | 5 Min Read

As social distancing becomes more prevalent...
ShadowTalk Update – Remote Worker Threat Model And Cybercrime Updates

ShadowTalk Update – Remote Worker Threat Model And Cybercrime Updates

March 30, 2020 | 2 Min Read

This week the team looks at some...
COVID-19: Companies and Verticals At Risk For Cyber Attacks

COVID-19: Companies and Verticals At Risk For Cyber Attacks

March 26, 2020 | 8 Min Read

  In our recent blog, How cybercriminals...
Threat Model of a Remote Worker

Threat Model of a Remote Worker

March 25, 2020 | 7 Min Read

Threat models are an often discussed but...
COVID-19: Dark Web Reactions

COVID-19: Dark Web Reactions

March 19, 2020 | 5 Min Read

  Digital Shadows has been researching...
Apollon Dark Web Marketplace: Exit Scams and DDoS Campaigns

Apollon Dark Web Marketplace: Exit Scams and DDoS Campaigns

March 17, 2020 | 8 Min Read

  Imagine logging on to your favorite...
How One Cybercriminal Forum is Helping to Address Suicide Awareness

How One Cybercriminal Forum is Helping to Address Suicide Awareness

March 10, 2020 | 4 Min Read

  The world can be a stressful place...
Dark Web Search Engine Kilos: Tipping the Scales in Favor of Cybercrime

Dark Web Search Engine Kilos: Tipping the Scales in Favor of Cybercrime

March 5, 2020 | 7 Min Read

With the recent indictment of Larry Harmon,...
FBI IC3 2019: Cybercrime results in over $3.5 billion in reported losses

FBI IC3 2019: Cybercrime results in over $3.5 billion in reported losses

March 3, 2020 | 8 Min Read

  On February 11th, we were treated to an...
ShadowTalk Update – Data Breaches, Stalkerware, and Dopplepaymer ransomware

ShadowTalk Update – Data Breaches, Stalkerware, and Dopplepaymer ransomware

March 2, 2020 | 2 Min Read

Coming to you from Dallas this week -...
Mapping MITRE ATT&CK to the Equifax Indictment

Mapping MITRE ATT&CK to the Equifax Indictment

February 24, 2020 | 6 Min Read

  On Monday, February 10th, the United...
The Ecosystem of Phishing: From Minnows to Marlins

The Ecosystem of Phishing: From Minnows to Marlins

February 20, 2020 | 31 Min Read

YOU JUST WON $1,000. CLICK HERE TO CLAIM YOUR...
The evolving story of the Citrix ADC Vulnerability: Ears to the Ground

The evolving story of the Citrix ADC Vulnerability: Ears to the Ground

February 18, 2020 | 4 Min Read

  The dust hasn’t quite settled on the...
Cybercriminal Forums on Valentine’s Day – A nice night to “Netflix and steal”…

Cybercriminal Forums on Valentine’s Day – A nice night to “Netflix and steal”…

February 17, 2020 | 6 Min Read

  It's the night before Valentine's Day,...
ShadowTalk Update – OurMine Hacks, Equifax Indictment, and SWIFT POC attack

ShadowTalk Update – OurMine Hacks, Equifax Indictment, and SWIFT POC attack

February 17, 2020 | 2 Min Read

Roses are red, violets are blue, here’s...
The Devil, the Details, and the Analysis of Competing Hypothesis

The Devil, the Details, and the Analysis of Competing Hypothesis

February 13, 2020 | 5 Min Read

  Digital Shadows’ Photon Research Team...
ShadowTalk Update – CTI Frameworks, Wawa Breach Updates, APT34, and Coronavirus Phishing Scams

ShadowTalk Update – CTI Frameworks, Wawa Breach Updates, APT34, and Coronavirus Phishing Scams

February 10, 2020 | 3 Min Read

In this week’s episode, Jamie starts by...
The Iowa Caucus: Third-Party Apps Can Be Risky Business

The Iowa Caucus: Third-Party Apps Can Be Risky Business

February 6, 2020 | 7 Min Read

  If you’ve seen HBO’s Silicon...
Red Team Blues: A 10 step security program for Windows Active Directory environments

Red Team Blues: A 10 step security program for Windows Active Directory environments

February 6, 2020 | 9 Min Read

  A fun tweet crossed our path recently,...
How to Operationalize Threat Intelligence: Actionability and Context

How to Operationalize Threat Intelligence: Actionability and Context

February 5, 2020 | 5 Min Read

  In 1988 the idea of a Computer...
Dark web travel agencies: Take a trip on the dark side

Dark web travel agencies: Take a trip on the dark side

February 4, 2020 | 11 Min Read

For at least the last two years, an ecosystem of...
ShadowTalk Update – SANS CTI Summit, Snake Ransomware, CacheOut, and Citrix Vuln Update

ShadowTalk Update – SANS CTI Summit, Snake Ransomware, CacheOut, and Citrix Vuln Update

February 3, 2020 | 3 Min Read

Rick Holland jumps in to kick-off this...
Cyber Threat Intelligence Frameworks: 5 Rules for Integrating These Frameworks

Cyber Threat Intelligence Frameworks: 5 Rules for Integrating These Frameworks

January 29, 2020 | 7 Min Read

  As the cyber threat intelligence (CTI)...
SANS Cyber Threat Intelligence Summit 2020: A Recap

SANS Cyber Threat Intelligence Summit 2020: A Recap

January 28, 2020 | 9 Min Read

  Last week I attended the eighth annual...
How the Cybercriminal Underground Mirrors the Real World

How the Cybercriminal Underground Mirrors the Real World

January 21, 2020 | 7 Min Read

Mirror, Mirror, on the wall. Who’s the best...
ShadowTalk Update – NSA Vulnerability Disclosure, Ransomware News, and Iran Updates

ShadowTalk Update – NSA Vulnerability Disclosure, Ransomware News, and Iran Updates

January 20, 2020 | 3 Min Read

Kacey, Charles, Alex, and Harrison host...
Third Party Risk: 4 ways to manage your security ecosystem

Third Party Risk: 4 ways to manage your security ecosystem

January 16, 2020 | 5 Min Read

  The digital economy has multiplied the...
NSA Vulnerability Disclosure: Pros and Cons

NSA Vulnerability Disclosure: Pros and Cons

January 15, 2020 | 5 Min Read

  On Monday, January 13th, Brian Krebs...
CVE-2019-19781: Analyzing the Exploit

CVE-2019-19781: Analyzing the Exploit

January 14, 2020 | 4 Min Read

  On December 17th 2019, CVE-2019-19781...
Cryptonite: Ransomware’s answer to Superman…

Cryptonite: Ransomware’s answer to Superman…

January 14, 2020 | 4 Min Read

  Update: It appears that the Cryptonite...
Iran and the United States – start of the long war or return to normal?

Iran and the United States – start of the long war or return to normal?

January 13, 2020 | 9 Min Read

  On 03 Jan 2020, the United States...
Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and the ASD Essential 8

Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and the ASD Essential 8

January 7, 2020 | 6 Min Read

  With the recent news of Qasem Soleimani...
Iran and Soleimani: Monitoring the Situation

Iran and Soleimani: Monitoring the Situation

January 7, 2020 | 9 Min Read

*This blog has been updated as of Jan 9,...
Iranian Cyber Threats: Practical Advice for Security Professionals

Iranian Cyber Threats: Practical Advice for Security Professionals

January 6, 2020 | 8 Min Read

Unless you went very dark for an extended holiday...
The Closure of Market.ms: A Cybercriminal Marketplace Ahead of Its Time

The Closure of Market.ms: A Cybercriminal Marketplace Ahead of Its Time

December 18, 2019 | 9 Min Read

In the world of “what could have been,” the...
2020 Cybersecurity Forecasts: 5 trends and predictions for the new year

2020 Cybersecurity Forecasts: 5 trends and predictions for the new year

December 18, 2019 | 10 Min Read

  If all the holiday fuss isn’t...
Forums are Forever – Part 3: From Runet with Love

Forums are Forever – Part 3: From Runet with Love

December 17, 2019 | 24 Min Read

  The rise of alternative technologies...
Threat Intelligence: A Deep Dive

Threat Intelligence: A Deep Dive

December 12, 2019 | 21 Min Read

Welcome to our deep dive on threat intelligence:...
Forums are Forever – Part 2: Shaken, but not Stirred

Forums are Forever – Part 2: Shaken, but not Stirred

December 10, 2019 | 5 Min Read

  Cybercriminal forums continue to thrive...
A Threat Intelligence Analyst’s Guide to Today’s Sources of Bias

A Threat Intelligence Analyst’s Guide to Today’s Sources of Bias

December 5, 2019 | 9 Min Read

  In an industry prone to going overboard...
Forums are Forever – Part 1: Cybercrime Never Dies

Forums are Forever – Part 1: Cybercrime Never Dies

December 4, 2019 | 10 Min Read

If one could predict the future back in the late...
ShadowTalk Update – RIPlace, Trickbot, and Russian-language forum Probiv

ShadowTalk Update – RIPlace, Trickbot, and Russian-language forum Probiv

December 2, 2019 | 3 Min Read

No ShadowTalk podcast episode this week, but...
Probiv: The missing pieces to a cybercriminal’s puzzle

Probiv: The missing pieces to a cybercriminal’s puzzle

November 26, 2019 | 10 Min Read

A husband wants to find out who owns the unknown...
ShadowTalk Update – Black Friday Deals on the Dark Web, Phineas Fisher Manifesto, and DarkMarket

ShadowTalk Update – Black Friday Deals on the Dark Web, Phineas Fisher Manifesto, and DarkMarket

November 25, 2019 | 3 Min Read

Adam Cook and Viktoria Austin talk through the...
Black Friday Deals on the Dark Web: A cybercriminal shopper’s paradise

Black Friday Deals on the Dark Web: A cybercriminal shopper’s paradise

November 21, 2019 | 10 Min Read

  Black Friday. You love it, you hate it,...
DarkMarket’s Feminist Flight Towards Equality and the Curious Case of Canaries

DarkMarket’s Feminist Flight Towards Equality and the Curious Case of Canaries

November 19, 2019 | 4 Min Read

  In late August, Dark Fail (a Tor onion...
BSidesDFW 2019: OSINT Workshop Recap

BSidesDFW 2019: OSINT Workshop Recap

November 18, 2019 | 5 Min Read

  A few Saturdays ago, we had the...
ShadowTalk Update – BSidesDFW Recap, Dynamic CVV Analysis, and the Facebook Camera Bug

ShadowTalk Update – BSidesDFW Recap, Dynamic CVV Analysis, and the Facebook Camera Bug

November 18, 2019 | 3 Min Read

Dallas is sound effects and all this week with...
VoIP security concerns: Here to stay, here to exploit

VoIP security concerns: Here to stay, here to exploit

November 14, 2019 | 4 Min Read

  VoIP, or Voice over Internet Protocol,...
Dynamic CVVs: 2FA 2Furious

Dynamic CVVs: 2FA 2Furious

November 12, 2019 | 5 Min Read

  The security community is quick to...
ShadowTalk Update – BlueKeep Attacks, Megacortex Ransomware, and Web.com Breach

ShadowTalk Update – BlueKeep Attacks, Megacortex Ransomware, and Web.com Breach

November 11, 2019 | 3 Min Read

This week the London team looks at the following...
ShadowTalk Update – Avast Breach Attempt, NordVPN Breach, and Wifi Security Risks

ShadowTalk Update – Avast Breach Attempt, NordVPN Breach, and Wifi Security Risks

November 4, 2019 | 4 Min Read

Adam Cook, Philip Doherty, and Viktoria Austin...
Understanding the Different Cybercriminal Platforms: AVCs, Marketplaces, and Forums

Understanding the Different Cybercriminal Platforms: AVCs, Marketplaces, and Forums

October 31, 2019 | 6 Min Read

  With the recent breach that targeted...
Cybercriminal credit card stores: Is Brian out of the club?

Cybercriminal credit card stores: Is Brian out of the club?

October 31, 2019 | 8 Min Read

  If you’re an avid follower of Digital...
Your Cyber Security Career – Press start to begin

Your Cyber Security Career – Press start to begin

October 30, 2019 | 13 Min Read

  October was Cyber Security Awareness...
Australia Cyber Threat Landscape report (H1 2019)

Australia Cyber Threat Landscape report (H1 2019)

October 29, 2019 | 5 Min Read

Depending on where you are in the world, October...
ShadowTalk Update – Avast Breach Attempt, NordVPN Breach, and Wifi Security Risks

ShadowTalk Update – Avast Breach Attempt, NordVPN Breach, and Wifi Security Risks

October 25, 2019 | 3 Min Read

We’ve got all 3 ShadowTalk hosts in Dallas this...
WiFi Security: Dispelling myths of using public networks

WiFi Security: Dispelling myths of using public networks

October 23, 2019 | 9 Min Read

We have all seen many articles, blogs, endless...
Japan Cyber Threat Landscape report (H1 2019)

Japan Cyber Threat Landscape report (H1 2019)

October 22, 2019 | 5 Min Read

Japan: currently the host of the multi-national...
ShadowTalk Update – Typosquatting and the 2020 U.S. Election, Honeypots, And Sudo Vulnerability

ShadowTalk Update – Typosquatting and the 2020 U.S. Election, Honeypots, And Sudo Vulnerability

October 18, 2019 | 3 Min Read

Kacey, Charles, Harrison, and Alex kick off this...
Honeypots: Tracking Attacks Against Misconfigured or Exposed Services

Honeypots: Tracking Attacks Against Misconfigured or Exposed Services

October 17, 2019 | 9 Min Read

Honeypots can be useful tools for gathering...
Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground

Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground

October 16, 2019 | 15 Min Read

Typosquatting. It’s a phrase most of us know in...
Cybercriminal Forum Developments: Escrow Services

Cybercriminal Forum Developments: Escrow Services

October 15, 2019 | 5 Min Read

Financial transactions made on cybercriminal...
ShadowTalk Update – Iran-linked APT35, Skimming by Magecart 4, Rancour, and Emotet Resurgence

ShadowTalk Update – Iran-linked APT35, Skimming by Magecart 4, Rancour, and Emotet Resurgence

October 11, 2019 | 3 Min Read

We’re back in London this week! Viktoria chats...
ANU Breach Report: Mapping to Mitre ATT&CK Framework

ANU Breach Report: Mapping to Mitre ATT&CK Framework

October 11, 2019 | 14 Min Read

Introduction This week, the Australian National...
Dark Web Overdrive: The Criminal Marketplace Understood Through Cyberpunk Fiction

Dark Web Overdrive: The Criminal Marketplace Understood Through Cyberpunk Fiction

October 9, 2019 | 5 Min Read

In 1984, science fiction writer William Gibson...
Top Threat Intelligence Podcasts to Add to Your Playlist

Top Threat Intelligence Podcasts to Add to Your Playlist

October 3, 2019 | 4 Min Read

Looking for some new threat intelligence podcasts...
Domain Squatting: The Phisher-man’s Friend

Domain Squatting: The Phisher-man’s Friend

October 1, 2019 | 8 Min Read

In the past we have talked about the internal...
ShadowTalk Update – Tortoiseshell Targets IT Providers, the Tyurin Indictment, and Emotet’s Return

ShadowTalk Update – Tortoiseshell Targets IT Providers, the Tyurin Indictment, and Emotet’s Return

September 27, 2019 | 4 Min Read

Viktoria hosts this week’s episode in London...
Singapore Cyber Threat Landscape report (H1 2019)

Singapore Cyber Threat Landscape report (H1 2019)

September 26, 2019 | 7 Min Read

Despite being the second smallest country in...
Mapping the Tyurin Indictment to the Mitre ATT&CK™ framework

Mapping the Tyurin Indictment to the Mitre ATT&CK™ framework

September 25, 2019 | 7 Min Read

Between 2012 to mid-2015, U.S. financial...
Nemty Ransomware: Slow and Steady Wins the Race?

Nemty Ransomware: Slow and Steady Wins the Race?

September 19, 2019 | 3 Min Read

As we outlined recently, ransomware is a key...
NCSC Cyber Threat Trends Report: Analysis of Attacks Across UK Industries

NCSC Cyber Threat Trends Report: Analysis of Attacks Across UK Industries

September 18, 2019 | 7 Min Read

The United Kingdom’s National Cyber Security...
Your Data at Risk: FBI Cyber Division Shares Top Emerging Cyber Threats to Your Enterprise

Your Data at Risk: FBI Cyber Division Shares Top Emerging Cyber Threats to Your Enterprise

September 17, 2019 | 8 Min Read

Data breaches are not slowing down. Nobody...
Dark Web Monitoring: The Good, The Bad, and The Ugly

Dark Web Monitoring: The Good, The Bad, and The Ugly

September 11, 2019 | 20 Min Read

Dark Web Monitoring Overview Gaining access to...
Mapping the NIST Cybersecurity Framework to SearchLight: Eating our own BBQ

Mapping the NIST Cybersecurity Framework to SearchLight: Eating our own BBQ

September 10, 2019 | 2 Min Read

Back in February, I wrote about how we avoid the...
ShadowTalk Update – Ryuk Ransomware, Twitter rids SMS tweets, and Facebook Records Exposed

ShadowTalk Update – Ryuk Ransomware, Twitter rids SMS tweets, and Facebook Records Exposed

September 9, 2019 | 3 Min Read

Alex, Alec, and Harrison are in the room today...
Envoy on a Mission to Bring Stability to the Criminal Underground

Envoy on a Mission to Bring Stability to the Criminal Underground

September 4, 2019 | 3 Min Read

Recent Turbulence in the Underground From the...
Emotet Returns: How To Track Its Updates

Emotet Returns: How To Track Its Updates

August 26, 2019 | 5 Min Read

What is Emotet? Emotet started life as a banking...
ShadowTalk Update – Texas Ransomware Outbreaks and Phishing Attacks Using Custom 404 pages

ShadowTalk Update – Texas Ransomware Outbreaks and Phishing Attacks Using Custom 404 pages

August 23, 2019 | 3 Min Read

Charles Ragland (a brand new ShadowTalk-er!) and...
The Nouns of Black Hat: People, Places, and Things From Summer Camp 2019

The Nouns of Black Hat: People, Places, and Things From Summer Camp 2019

August 19, 2019 | 6 Min Read

Black Hat and DEFCON are a wrap! Digital Shadows...
Black Hat and DEFCON 2019 – Some of our Favorite Sessions

Black Hat and DEFCON 2019 – Some of our Favorite Sessions

August 19, 2019 | 9 Min Read

The team were fortunate to go to Black Hat and...
Fresh blow for dark web markets: Nightmare market in disarray

Fresh blow for dark web markets: Nightmare market in disarray

August 13, 2019 | 5 Min Read

Over the past three weeks, Digital Shadows has...
Recon Village: Panning for gold

Recon Village: Panning for gold

August 1, 2019 | 7 Min Read

Richard will be presenting ‘Asset Discovery:...
Capital One Breach: What we know and what you can do

Capital One Breach: What we know and what you can do

July 31, 2019 | 5 Min Read

Monday blues. It’s a thing. It’s when you...
The Account Takeover Kill Chain: A Five Step Analysis

The Account Takeover Kill Chain: A Five Step Analysis

July 30, 2019 | 17 Min Read

It’s no secret that credential exposure is a...
ShadowTalk Update – More BlueKeep updates, FSB contractor hacked, and the Enigma Market

ShadowTalk Update – More BlueKeep updates, FSB contractor hacked, and the Enigma Market

July 29, 2019 | 3 Min Read

Christian and Travis sit down with Harrison to...
A Growing Enigma: New AVC on the Block

A Growing Enigma: New AVC on the Block

July 19, 2019 | 3 Min Read

This week, in a ground breaking announcement, the...
Harnessing Exposed Data to Enhance Cyber Intelligence

Harnessing Exposed Data to Enhance Cyber Intelligence

July 11, 2019 | 7 Min Read

  An illicit and lucrative trade has...
Facebook’s Libra Cryptocurrency: Cybercriminals tipping the scales in their favor

Facebook’s Libra Cryptocurrency: Cybercriminals tipping the scales in their favor

June 27, 2019 | 8 Min Read

The announcements of Facebook’s new...
ShadowTalk Update – XMRig Cryptocurrency Mining, FIN8 Backdoor, and Attacks Against Office 365

ShadowTalk Update – XMRig Cryptocurrency Mining, FIN8 Backdoor, and Attacks Against Office 365

June 17, 2019 | 3 Min Read

This week Harrison is joined by Travis and Alec...
Managing Infosec Burnout: The Hidden Perpetrator

Managing Infosec Burnout: The Hidden Perpetrator

June 10, 2019 | 8 Min Read

The secret of the burnout epidemic lies in how we...
BlueKeep: Cutting through the hype to prepare your organization

BlueKeep: Cutting through the hype to prepare your organization

May 24, 2019 | 8 Min Read

Over the last week we have all been tuning into...
Mapping Iran’s Rana Institute to MITRE Pre-ATT&CK™ and ATT&CK™

Mapping Iran’s Rana Institute to MITRE Pre-ATT&CK™ and ATT&CK™

May 15, 2019 | 15 Min Read

The internet has been aflame with discussions...
Cyber Talent Gap: How to Do More With Less

Cyber Talent Gap: How to Do More With Less

May 14, 2019 | 5 Min Read

The challenge facing us today is twofold: not...
ShadowTalk Update – 5.06.19

ShadowTalk Update – 5.06.19

May 13, 2019 | 4 Min Read

Kacey and Alex join HVR this week to talk through...
ShadowTalk Update – 5.06.19

ShadowTalk Update – 5.06.19

May 6, 2019 | 3 Min Read

Phil and newcomer Benjamin Newman join Harrison...
ShadowTalk Update – 4.29.19

ShadowTalk Update – 4.29.19

April 29, 2019 | 3 Min Read

Jamie and Alex are back with Harrison this week...
FBI IC3: Cybercrime Surges in 2018, Causing $2.7 Billion in Losses

FBI IC3: Cybercrime Surges in 2018, Causing $2.7 Billion in Losses

April 23, 2019 | 4 Min Read

This week, the Federal Bureau of Investigation...
ShadowTalk Update – 4.22.19

ShadowTalk Update – 4.22.19

April 22, 2019 | 3 Min Read

This week the team discusses an unidentified...
ShadowTalk Update – 4.15.19

ShadowTalk Update – 4.15.19

April 15, 2019 | 4 Min Read

Christian and Jamie join Harrison for another...
Reducing your attack surface

Reducing your attack surface

April 9, 2019 | 4 Min Read

What is an attack surface According to OWASP, an...
ShadowTalk Update – 4.8.19

ShadowTalk Update – 4.8.19

April 8, 2019 | 3 Min Read

Jamie, Alex and Zuko sit down with Harrison to...
Easing into the extortion game

Easing into the extortion game

April 3, 2019 | 4 Min Read

One of the main ideas which flowed through...
Predator: Modeling the attacker’s mindset

Predator: Modeling the attacker’s mindset

April 2, 2019 | 6 Min Read

Author: Richard Gold  The phrases...
ShadowTalk Update – 4.1.19

ShadowTalk Update – 4.1.19

March 29, 2019 | 3 Min Read

Christian and Jamie sit down with Harrison to...
Cyber Risks and High-frequency Trading: Conversation with an Insider

Cyber Risks and High-frequency Trading: Conversation with an Insider

March 26, 2019 | 4 Min Read

Research from the Carnegie Endowment for...
ShadowTalk Update – 3.25.19

ShadowTalk Update – 3.25.19

March 25, 2019 | 4 Min Read

Harrison chats with Jamie and Alex this week on...
Dark Web Typosquatting: Scammers v. Tor

Dark Web Typosquatting: Scammers v. Tor

March 21, 2019 | 7 Min Read

Time and time again, we see how the cybercriminal...
ShadowTalk Update – 3.18.19

ShadowTalk Update – 3.18.19

March 18, 2019 | 3 Min Read

Harrison sits down with Rose and Christian for a...
ShadowTalk Update – 3.11.19

ShadowTalk Update – 3.11.19

March 11, 2019 | 3 Min Read

This week Jamie and Alex join Harrison to look at...
Purple Teaming with Vectr, Cobalt Strike, and MITRE ATT&CK™

Purple Teaming with Vectr, Cobalt Strike, and MITRE ATT&CK™

March 6, 2019 | 7 Min Read

Authors: Simon Hall, Isidoros...
ShadowTalk Update – 3.04.19

ShadowTalk Update – 3.04.19

March 4, 2019 | 4 Min Read

This week Rose and Phil join Harrison to discuss...
SamSam But Different: MITRE ATT&CK and the SamSam Group Indictment

SamSam But Different: MITRE ATT&CK and the SamSam Group Indictment

February 26, 2019 | 16 Min Read

In our latest research report, A Tale of Epic...
ShadowTalk Update – 2.25.19

ShadowTalk Update – 2.25.19

February 25, 2019 | 4 Min Read

This week, Phil and Alex join Harrison to discuss...
Extortion Exposed: Sextortion, thedarkoverlord, and SamSam

Extortion Exposed: Sextortion, thedarkoverlord, and SamSam

February 21, 2019 | 3 Min Read

In our most recent research, A Tale of Epic...
ShadowTalk Update – 2.18.19

ShadowTalk Update – 2.18.19

February 19, 2019 | 3 Min Read

Alex and Jamie matched with Harrison in this...
Photon Research Team Shines Light On Digital Risks

Photon Research Team Shines Light On Digital Risks

February 13, 2019 | 2 Min Read

I’m very excited to announce the launch of the...
Introducing Our Practical Guide to Reducing Digital Risk

Introducing Our Practical Guide to Reducing Digital Risk

February 12, 2019 | 5 Min Read

Download a copy of A Practical Guide to Reducing...
ShadowTalk Update – 2.11.19

ShadowTalk Update – 2.11.19

February 8, 2019 | 3 Min Read

Alex and Jamie join Harrison to discuss how the...
Understanding Digital Risk Protection

Understanding Digital Risk Protection

February 8, 2019 | 3 Min Read

There has been a lot of talk recently about...
SANS DFIR Cyber Threat Intelligence Summit 2019 – Extracting More Value from Your CTI Program

SANS DFIR Cyber Threat Intelligence Summit 2019 – Extracting More Value from Your CTI Program

February 5, 2019 | 7 Min Read

We were fortunate to attend the 2019 SANS DFIR...
ShadowTalk Update – 2.4.19

ShadowTalk Update – 2.4.19

February 4, 2019 | 4 Min Read

This week, Alex Guirakhoo and Jamie Collier join...
ShadowTalk Update – 1.28.19

ShadowTalk Update – 1.28.19

January 26, 2019 | 3 Min Read

This week Rose, Jamie, and Alex talk with...
Security Practitioner’s Guide to Email Spoofing and Risk Reduction

Security Practitioner’s Guide to Email Spoofing and Risk Reduction

January 24, 2019 | 13 Min Read

In our previous extended blog, Tackling Phishing:...
Powering Investigations with Nuix Software: The Case of thedarkoverlord and the 9/11 Files

Powering Investigations with Nuix Software: The Case of thedarkoverlord and the 9/11 Files

January 22, 2019 | 6 Min Read

The Panama Papers in 2016 highlighted the...
ShadowTalk Update – 1.21.19

ShadowTalk Update – 1.21.19

January 19, 2019 | 3 Min Read

This week, Alex Guirakhoo and Philip Doherty join...
Don’t Just Read Intelligence: Learn From It

Don’t Just Read Intelligence: Learn From It

January 17, 2019 | 5 Min Read

The Importance of Learning in Cyber...
Thedarkoverlord runs out of Steem

Thedarkoverlord runs out of Steem

January 16, 2019 | 6 Min Read

On 31 December 2018, the notorious extortion...
ShadowTalk Update – 1.14.19

ShadowTalk Update – 1.14.19

January 14, 2019 | 3 Min Read

We’ve just released our first Weekly...
Security Analyst Spotlight Series: Phil Doherty

Security Analyst Spotlight Series: Phil Doherty

January 10, 2019 | 5 Min Read

Organizations rely on Digital Shadows to be an...
TV License and Vehicle Tax Fraud: New Year, Same Old Scams

TV License and Vehicle Tax Fraud: New Year, Same Old Scams

January 8, 2019 | 4 Min Read

Over the last week we’ve been tracking several...
Cyber Threats to Watch in 2019: Key Takeaways from our webinar with the FBI Cyber Squad

Cyber Threats to Watch in 2019: Key Takeaways from our webinar with the FBI Cyber Squad

December 20, 2018 | 5 Min Read

As 2018 comes to a close, Digital Shadows...
The Most Popular Security Blog Topics of 2018

The Most Popular Security Blog Topics of 2018

December 18, 2018 | 3 Min Read

It’s been a busy year on the Digital Shadows...
ShadowTalk Update – 17.10.2018

ShadowTalk Update – 17.10.2018

December 17, 2018 | 3 Min Read

Following from our recent research, Tackling...
Bomb Threat Emails: Extortion Gets Physical

Bomb Threat Emails: Extortion Gets Physical

December 14, 2018 | 4 Min Read

We’ve seen yet another change in tactics for...
Tackling Phishing: The Most Popular Phishing Techniques and What You Can Do About It

Tackling Phishing: The Most Popular Phishing Techniques and What You Can Do About It

December 12, 2018 | 8 Min Read

Overall, the infosec community has done a...
ShadowTalk Update – 12.10.2018

ShadowTalk Update – 12.10.2018

December 10, 2018 | 3 Min Read

In this week's ShadowTalk, Rick Holland and...
2019 Cyber Security Forecasts: Six Things on the Horizon

2019 Cyber Security Forecasts: Six Things on the Horizon

December 5, 2018 | 9 Min Read

The new year is upon us! 2018 brought us Spectre...
ShadowTalk Update – 12.03.2018

ShadowTalk Update – 12.03.2018

December 3, 2018 | 3 Min Read

Michael Marriott, Dr Richard Gold and Simon Hall...
Threat Actors Use of Cobalt Strike: Why Defense is Offense’s Child

Threat Actors Use of Cobalt Strike: Why Defense is Offense’s Child

November 29, 2018 | 5 Min Read

I’m a big fan of the Cobalt Strike threat...
Mapping the ASD Essential 8 to the Mitre ATT&CK™ framework

Mapping the ASD Essential 8 to the Mitre ATT&CK™ framework

November 27, 2018 | 3 Min Read

Australian Signals Directorate Essential 8 The...
ShadowTalk Update – 11.26.2018

ShadowTalk Update – 11.26.2018

November 26, 2018 | 3 Min Read

With Black Friday kicking off the holiday...
Black Friday and Cybercrime: Retail’s Frankenstein Monster

Black Friday and Cybercrime: Retail’s Frankenstein Monster

November 20, 2018 | 5 Min Read

With every year that passes, Black Friday seems...
Sextortion 2.0: A New Lure

Sextortion 2.0: A New Lure

November 20, 2018 | 4 Min Read

Back in September we released a blog about the...
ShadowTalk Update – 11.19.2018

ShadowTalk Update – 11.19.2018

November 19, 2018 | 2 Min Read

Leaked court documents surfaced this week...
A Look Back at the ENISA Cyber Threat Intelligence-EU Workshop 2018

A Look Back at the ENISA Cyber Threat Intelligence-EU Workshop 2018

November 13, 2018 | 5 Min Read

I recently attended the ENISA (European Union...
ShadowTalk Update – 11.12.2018

ShadowTalk Update – 11.12.2018

November 12, 2018 | 2 Min Read

In this week's ShadowTalk, we discuss the big...
To Pay or Not to Pay: A Large Retailer Responds to DDoS Extortion

To Pay or Not to Pay: A Large Retailer Responds to DDoS Extortion

November 8, 2018 | 3 Min Read

Fans of The Sopranos or Goodfellas are...
Security Analyst Spotlight Series: Adam Cook

Security Analyst Spotlight Series: Adam Cook

November 7, 2018 | 6 Min Read

Organizations rely on our cyber intelligence...
ShadowTalk Update – 11.05.2018

ShadowTalk Update – 11.05.2018

November 5, 2018 | 3 Min Read

In November 2016, Tesco Bank suffered a series of...
81,000 Hacked Facebook Accounts for Sale: 5 Things to Know

81,000 Hacked Facebook Accounts for Sale: 5 Things to Know

November 2, 2018 | 5 Min Read

This morning, the British Broadcasting...
The Dark Web: Marketers’ Trick or Threat Intelligence Treat?

The Dark Web: Marketers’ Trick or Threat Intelligence Treat?

October 31, 2018 | 5 Min Read

At this time of the year, you can’t go anywhere...
ShadowTalk Update – 10.29.2018

ShadowTalk Update – 10.29.2018

October 29, 2018 | 3 Min Read

In this week's ShadowTalk, Harrison Van Riper and...
Cyber Security Awareness Month: Week 4 – Privacy

Cyber Security Awareness Month: Week 4 – Privacy

October 25, 2018 | 6 Min Read

This week in Brussels, Apple’s chief executive...
Bank Discovers Customer Credit Card Numbers Traded Online

Bank Discovers Customer Credit Card Numbers Traded Online

October 23, 2018 | 3 Min Read

Payment card fraud costs banks and merchants...
ShadowTalk Update – 10.22.2018

ShadowTalk Update – 10.22.2018

October 22, 2018 | 3 Min Read

In this week's ShadowTalk, following on from last...
12.5 Million Email Archives Exposed: Lowering the Barriers for BEC

12.5 Million Email Archives Exposed: Lowering the Barriers for BEC

October 18, 2018 | 4 Min Read

Digital Shadows’ latest research report, Pst!...
ShadowTalk Update – 10.15.2018

ShadowTalk Update – 10.15.2018

October 15, 2018 | 3 Min Read

In ShadowTalk this week, Digital Shadows' CISO...
33,000 Accounting Inbox Credentials Exposed Online: BEC Made Easy

33,000 Accounting Inbox Credentials Exposed Online: BEC Made Easy

October 9, 2018 | 4 Min Read

Last week, I wrote about how cybercriminals are...
ShadowTalk Update – 10.08.2018

ShadowTalk Update – 10.08.2018

October 8, 2018 | 3 Min Read

In this week’s Shadow Talk, Rafael Amado joins...
Business Email Compromise: When You Don’t Need to Phish

Business Email Compromise: When You Don’t Need to Phish

October 4, 2018 | 4 Min Read

According to the FBI, Business Email Compromise...
Security Analyst Spotlight Series: Christian Rencken

Security Analyst Spotlight Series: Christian Rencken

October 2, 2018 | 5 Min Read

Organizations rely on our cyber intelligence...
ShadowTalk Update – 10.01.2018

ShadowTalk Update – 10.01.2018

October 1, 2018 | 3 Min Read

Rick Holland, CISO of Digital Shadows, joins...
Cybercriminal Marketplaces: Olympus Has Fallen

Cybercriminal Marketplaces: Olympus Has Fallen

September 28, 2018 | 5 Min Read

The Olympus cybercriminal marketplace has been...
Thedarkoverlord Out to KickAss and Cash Out Their Data

Thedarkoverlord Out to KickAss and Cash Out Their Data

September 27, 2018 | 5 Min Read

A user claiming to be the notorious darkoverlord...
ShadowTalk Update – 09.24.2018

ShadowTalk Update – 09.24.2018

September 24, 2018 | 3 Min Read

In ShadowTalk this week, Richard Gold, Simon Hall...
The 2017 FSB indictment and Mitre ATT&CK™

The 2017 FSB indictment and Mitre ATT&CK™

September 20, 2018 | 11 Min Read

On  February 28th, 2017 the US Department of...
Non-traditional State Actors: New Kids on the Block

Non-traditional State Actors: New Kids on the Block

September 18, 2018 | 5 Min Read

Cyber threat reporting sits at a dichotomy. On...
ShadowTalk Update – 09.17.2018

ShadowTalk Update – 09.17.2018

September 17, 2018 | 2 Min Read

In this week’s ShadowTalk, Richard Gold and...
Airline Discovers Trove of Frequent Flyer Accounts Compromised and Posted for Sale Online

Airline Discovers Trove of Frequent Flyer Accounts Compromised and Posted for Sale Online

September 14, 2018 | 3 Min Read

Reward program fraud has been rising in recent...
MITRE ATT&CK™ and the North Korean Regime-Backed Programmer

MITRE ATT&CK™ and the North Korean Regime-Backed Programmer

September 13, 2018 | 18 Min Read

On 6th September the US Department of Justice...
ShadowTalk Update – 09.10.2018

ShadowTalk Update – 09.10.2018

September 10, 2018 | 3 Min Read

In this week’s ShadowTalk, Richard Gold and...
Sextortion – When Persistent Phishing Pays Off

Sextortion – When Persistent Phishing Pays Off

September 6, 2018 | 4 Min Read

You may have heard of a recent surge in...
Online Risks to Fortnite Users

Online Risks to Fortnite Users

September 4, 2018 | 5 Min Read

With an enticing array of viral dance moves,...
ShadowTalk Update – 09.03.2018

ShadowTalk Update – 09.03.2018

September 3, 2018 | 3 Min Read

Not a week goes by without an example where...
Security Analyst Spotlight Series: Heather Farnsworth

Security Analyst Spotlight Series: Heather Farnsworth

August 30, 2018 | 5 Min Read

Organizations rely on Digital Shadows to be an...
Understanding Threat Modelling

Understanding Threat Modelling

August 29, 2018 | 4 Min Read

What is a threat model? Threat modelling, as...
ShadowTalk Update – 08.27.2018

ShadowTalk Update – 08.27.2018

August 27, 2018 | 3 Min Read

With November’s U.S. midterm elections...
Online Cybercrime Courses: Back to School Season

Online Cybercrime Courses: Back to School Season

August 23, 2018 | 4 Min Read

It’s that time of year again. Summer is drawing...
Mitre ATT&CK™ and the FIN7 Indictment: Lessons for Organizations

Mitre ATT&CK™ and the FIN7 Indictment: Lessons for Organizations

August 22, 2018 | 12 Min Read

On August 1, 2018, the US Department of Justice...
ShadowTalk Update – 08.20.2018

ShadowTalk Update – 08.20.2018

August 20, 2018 | 3 Min Read

In this week’s ShadowTalk, we dig into ATM...
Five Threats to Financial Services: Part Five, Hacktivism

Five Threats to Financial Services: Part Five, Hacktivism

August 15, 2018 | 5 Min Read

OK, so it’s not a sexy as insider threats,...
Five Threats to Financial Services: Part Four, Payment Card Fraud

Five Threats to Financial Services: Part Four, Payment Card Fraud

August 14, 2018 | 6 Min Read

Payment card information is the lifeblood of the...
ShadowTalk Update – 08.13.2018

ShadowTalk Update – 08.13.2018

August 13, 2018 | 3 Min Read

In this week’s ShadowTalk it's all things...
Digital Shadows Contributes to Insider Threat Research

Digital Shadows Contributes to Insider Threat Research

August 9, 2018 | 5 Min Read

On July 30, Forrester published its latest...
Five Threats to Financial Services: Phishing Campaigns

Five Threats to Financial Services: Phishing Campaigns

August 8, 2018 | 7 Min Read

In our last blog, we highlighted how banking...
ShadowTalk Update – 08.06.2018

ShadowTalk Update – 08.06.2018

August 6, 2018 | 2 Min Read

In this week’s episode, JP Perez-Etchegoyen,...
FIN7: Arrests and Developments

FIN7: Arrests and Developments

August 2, 2018 | 6 Min Read

Three alleged members of FIN7 arrested On August...
Security Spotlight Series: Dr. Richard Gold

Security Spotlight Series: Dr. Richard Gold

July 31, 2018 | 4 Min Read

Organizations rely on Digital Shadows to be an...
ShadowTalk Update – 07.30.2018

ShadowTalk Update – 07.30.2018

July 30, 2018 | 3 Min Read

Richard Gold and Rose Bernard join Michael...
Cyber Threats to ERP Applications: Threat Landscape

Cyber Threats to ERP Applications: Threat Landscape

July 24, 2018 | 4 Min Read

What are ERP Applications? Organizations rely on...
ShadowTalk Update – 07.23.2018

ShadowTalk Update – 07.23.2018

July 23, 2018 | 3 Min Read

In this week's ShadowTalk, we discuss the Robert...
Five Threats to Financial Services: Banking Trojans

Five Threats to Financial Services: Banking Trojans

July 19, 2018 | 5 Min Read

A couple of weeks ago, we learned about a new...
Mitre ATT&CK™ and the Mueller GRU Indictment: Lessons for Organizations

Mitre ATT&CK™ and the Mueller GRU Indictment: Lessons for Organizations

July 17, 2018 | 10 Min Read

A recent indictment revealed how the GRU...

Digital Risk Protection: Avoid Blind Spots with a More Complete Risk Picture

July 17, 2018 | 5 Min Read

“Digital Shadows leads the pack for digital...
ShadowTalk Update – 07.16.2018

ShadowTalk Update – 07.16.2018

July 16, 2018 | 2 Min Read

In this week's ShadowTalk, Digital Shadows’...
Alleged Carbanak Files and Source Code Leaked: Digital Shadows’ Initial Findings

Alleged Carbanak Files and Source Code Leaked: Digital Shadows’ Initial Findings

July 11, 2018 | 6 Min Read

Digital Shadows’ Russian-speaking security team...
Security Analyst Spotlight Series: Harrison Van Riper

Security Analyst Spotlight Series: Harrison Van Riper

July 10, 2018 | 6 Min Read

Organizations rely on our cyber intelligence...
ShadowTalk Update – 07.09.2018

ShadowTalk Update – 07.09.2018

July 9, 2018 | 3 Min Read

In this week’s ShadowTalk, Richard Gold and...
Reducing Your Attack Surface: From a Firehose to a Straw

Reducing Your Attack Surface: From a Firehose to a Straw

July 5, 2018 | 6 Min Read

What is Attack Surface Reduction? Attack Surface...
ShadowTalk Update – 07.02.2018

ShadowTalk Update – 07.02.2018

July 2, 2018 | 3 Min Read

In this week's ShadowTalk, following news that a...
ShadowTalk Update – 06.25.2018

ShadowTalk Update – 06.25.2018

June 25, 2018 | 3 Min Read

In this week’s ShadowTalk, Simon Hall and...
How Cybercriminals are Using Messaging Platforms

How Cybercriminals are Using Messaging Platforms

June 21, 2018 | 4 Min Read

Alternative Ways Criminals Transact Online: A...
Five Threats to Financial Services: Part One, Insiders

Five Threats to Financial Services: Part One, Insiders

June 19, 2018 | 5 Min Read

The sensitive and financial data held by banks...
ShadowTalk Update – 06.18.2018

ShadowTalk Update – 06.18.2018

June 18, 2018 | 3 Min Read

In ShadowTalk this week, Dr Richard Gold and...
Security Analyst Spotlight Series: Rafael Amado

Security Analyst Spotlight Series: Rafael Amado

June 14, 2018 | 9 Min Read

Organizations rely on Digital Shadows to be an...
How Cybercriminals are using Blockchain DNS: From the Market to the .Bazar

How Cybercriminals are using Blockchain DNS: From the Market to the .Bazar

June 12, 2018 | 5 Min Read

Since the takedowns of AlphaBay and Hansa in...
Shadow Talk Update – 06.11.2018

Shadow Talk Update – 06.11.2018

June 11, 2018 | 3 Min Read

In Shadow Talk this week, Dr Richard Gold joins...
Threats to the 2018 Football World Cup: Traditional Rules or a New Style of Play?

Threats to the 2018 Football World Cup: Traditional Rules or a New Style of Play?

June 7, 2018 | 7 Min Read

The tension and excitement that precedes all...
Market.ms: Heir to the AlphaBay and Hansa throne?

Market.ms: Heir to the AlphaBay and Hansa throne?

June 4, 2018 | 5 Min Read

It’s almost one year since the AlphaBay and...
Shadow Talk Update – 06.04.2018

Shadow Talk Update – 06.04.2018

June 4, 2018 | 3 Min Read

In this week's Shadow Talk, Dr Richard Gold joins...
7 Ways The Digital Risk Revolution Changes Risk and Compliance – Webinar Key Insights

7 Ways The Digital Risk Revolution Changes Risk and Compliance – Webinar Key Insights

May 30, 2018 | 5 Min Read

Lockpath’s Vice President of Development Tony...
Shadow Talk Update – 05.29.2018

Shadow Talk Update – 05.29.2018

May 29, 2018 | 4 Min Read

The focus in this week’s Shadow Talk is on...
Security Analyst Spotlight Series: Rose Bernard

Security Analyst Spotlight Series: Rose Bernard

May 23, 2018 | 5 Min Read

Organizations rely on our cyber intelligence...
Shadow Talk Update – 05.21.2018

Shadow Talk Update – 05.21.2018

May 21, 2018 | 3 Min Read

In this week’s episode of Shadow Talk, Digital...
Shadow Talk Update – 05.14.2018

Shadow Talk Update – 05.14.2018

May 14, 2018 | 3 Min Read

In this week’s episode Shadow Talk we look at...
Shadow Talk Update – 05.07.2018

Shadow Talk Update – 05.07.2018

May 7, 2018 | 3 Min Read

In this week’s episode Shadow Talk, it’s a...
Shadow Talk Update – 04.30.2018

Shadow Talk Update – 04.30.2018

April 30, 2018 | 2 Min Read

In this week’s episode of Shadow Talk, we cover...
Keys to the Kingdom: Exposed Security Assessments

Keys to the Kingdom: Exposed Security Assessments

April 24, 2018 | 4 Min Read

Organizations employ external consultants and...
Shadow Talk Update – 04.23.2018

Shadow Talk Update – 04.23.2018

April 23, 2018 | 3 Min Read

This week’s Shadow Talk discusses Russia’s...
Out In The Open: Corporate Secrets Exposed Through Misconfigured Services

Out In The Open: Corporate Secrets Exposed Through Misconfigured Services

April 18, 2018 | 4 Min Read

For organizations dealing with proprietary...
When There’s No Need to Hack: Exposed Personal Information

When There’s No Need to Hack: Exposed Personal Information

April 17, 2018 | 4 Min Read

With Equifax‘s breach of 145 million records...
Shadow Talk Update – 04.16.2018

Shadow Talk Update – 04.16.2018

April 16, 2018 | 5 Min Read

This week’s Shadow Talk discusses a Cisco Smart...
Escalation in Cyberspace: Not as Deniable as We All Seem to Think?

Escalation in Cyberspace: Not as Deniable as We All Seem to Think?

April 12, 2018 | 5 Min Read

The recent assassination attempt on former...
Leveraging the 2018 Verizon Data Breach Investigations Report

Leveraging the 2018 Verizon Data Breach Investigations Report

April 10, 2018 | 5 Min Read

Today, the 11th edition of the Verizon Data...
Shadow Talk Update – 04.09.2018

Shadow Talk Update – 04.09.2018

April 9, 2018 | 4 Min Read

Back from the Easter break, this week’s Shadow...
When Sharing Is Not Caring: Over 1.5 Billion Files Exposed Through Misconfigured Services

When Sharing Is Not Caring: Over 1.5 Billion Files Exposed Through Misconfigured Services

April 5, 2018 | 4 Min Read

Our recent report “Too Much Information”,...
Genesis Botnet: The Market Claiming to Sell Bots That Bypass Fingerprinting Controls

Genesis Botnet: The Market Claiming to Sell Bots That Bypass Fingerprinting Controls

April 3, 2018 | 4 Min Read

An emerging criminal market, Genesis store,...
The Five Families: The Most Wanted Ransomware Groups

The Five Families: The Most Wanted Ransomware Groups

March 27, 2018 | 5 Min Read

Last week we presented a webinar on “Emerging...
Shadow Talk Update – 03.26.2018

Shadow Talk Update – 03.26.2018

March 26, 2018 | 4 Min Read

This week’s Shadow Talk discusses what the...
Pop-up Twitter Bots: The Shift to Opportunistic Targeting

Pop-up Twitter Bots: The Shift to Opportunistic Targeting

March 22, 2018 | 4 Min Read

Since the furor surrounding Russia’s alleged...
Cyber Security as Public Health

Cyber Security as Public Health

March 21, 2018 | 4 Min Read

Public health, one of the great 20th century...
Shadow Talk Update – 03.19.2018

Shadow Talk Update – 03.19.2018

March 19, 2018 | 5 Min Read

This week’s Shadow Talk features the latest...
Anonymous and the New Face of Hacktivism: What to Look Out For in 2018

Anonymous and the New Face of Hacktivism: What to Look Out For in 2018

March 13, 2018 | 6 Min Read

The Anonymous collective has been the face of...
Shadow Talk Update – 03.12.2018

Shadow Talk Update – 03.12.2018

March 12, 2018 | 3 Min Read

This week’s Shadow Talk features more...
It’s Accrual World: Tax Return Fraud in 2018

It’s Accrual World: Tax Return Fraud in 2018

March 7, 2018 | 5 Min Read

With just over a month until Tax Deadline Day,...
Shadow Talk Update – 03.05.2018

Shadow Talk Update – 03.05.2018

March 5, 2018 | 3 Min Read

On this week's Shadow Talk podcast, the Research...
The New Frontier: Forecasting Cryptocurrency Fraud

The New Frontier: Forecasting Cryptocurrency Fraud

March 1, 2018 | 6 Min Read

Not a week goes by without a new case of...
Shadow Talk Update – 02.26.2018

Shadow Talk Update – 02.26.2018

February 26, 2018 | 3 Min Read

In this week’s podcast, the Digital Shadows...
Threats to the Upcoming Italian Elections

Threats to the Upcoming Italian Elections

February 22, 2018 | 7 Min Read

On 5 March Italian citizens will vanno alle urne...
Prioritize to Avoid Security Nihilism

Prioritize to Avoid Security Nihilism

February 20, 2018 | 3 Min Read

In many situations associated with cyber...
Shadow Talk Update – 02.19.2018

Shadow Talk Update – 02.19.2018

February 19, 2018 | 3 Min Read

In this week’s Shadow Talk podcast, the Digital...
Infraud Forum Indictment and Arrests: What it Means

Infraud Forum Indictment and Arrests: What it Means

February 15, 2018 | 7 Min Read

On 07 February 2018, the U.S. Department of...
Cryptojacking: An Overview

Cryptojacking: An Overview

February 13, 2018 | 5 Min Read

What is Cryptojacking? Cryptojacking is the...
Shadow Talk Update – 12.02.2018

Shadow Talk Update – 12.02.2018

February 12, 2018 | 4 Min Read

With the 2018 Winter Games beginning this week,...
2017 Android malware in review: 4 key takeaways

2017 Android malware in review: 4 key takeaways

February 8, 2018 | 4 Min Read

Android mobile devices were an attractive target...
Phishing for Gold: Threats to the 2018 Winter Games

Phishing for Gold: Threats to the 2018 Winter Games

February 6, 2018 | 7 Min Read

Digital Shadows has been monitoring major...
Shadow Talk Update – 02.05.2018

Shadow Talk Update – 02.05.2018

February 5, 2018 | 3 Min Read

In this week’s podcast episode of Shadow Talk,...
Four Ways Criminals Are Exploiting Interest in Initial Coin Offerings

Four Ways Criminals Are Exploiting Interest in Initial Coin Offerings

February 1, 2018 | 5 Min Read

Initial Coin Offerings (ICOs) are a way of...
Why Marketing Leaders Must Take Action To Manage Digital Risk And Protect Their Brand

Why Marketing Leaders Must Take Action To Manage Digital Risk And Protect Their Brand

January 30, 2018 | 7 Min Read

I am one of you. I have been in the marketing...
Shadow Talk Update – 01.29.2018

Shadow Talk Update – 01.29.2018

January 29, 2018 | 4 Min Read

In this week’s Shadow Talk podcast episode, the...
Don’t Rely on One Star to Manage Digital Risk, The Key is Total Coverage

Don’t Rely on One Star to Manage Digital Risk, The Key is Total Coverage

January 16, 2018 | 5 Min Read

This post originally appeared on...
Another Year Wiser: Key Dates to Look Out For In 2018

Another Year Wiser: Key Dates to Look Out For In 2018

January 10, 2018 | 4 Min Read

Early last year, we published a blog outlining...
Meltdown and Spectre: The Story So Far

Meltdown and Spectre: The Story So Far

January 4, 2018 | 5 Min Read

On Wednesday, rumors surfaced that there were...
Cybercriminal Christmas Wish List

What Attackers Want for Christmas

December 22, 2017 | 4 Min Read

Our guest author Krampus has a special blog post...
online carding bots

OL1MP: A Telegram Bot Making Carding Made Easy This Holiday Season

December 21, 2017 | 3 Min Read

Back in July, we published our research on the...
‘Tis The Season To Do Predictions – The 2018 Cybersecurity Landscape

‘Tis The Season To Do Predictions – The 2018 Cybersecurity Landscape

December 18, 2017 | 3 Min Read

This post originally appeared on Huffington...

Digital Shadows’ Most Popular Blogs of 2017: Analysis of Competing Hypotheses For The Win

December 12, 2017 | 3 Min Read

This time last year, we looked back at the blogs...
Risks to Retail: Cybercriminals Sharing the Joy This Holiday Season

Risks to Retail: Cybercriminals Sharing the Joy This Holiday Season

November 21, 2017 | 3 Min Read

Despite some early deals, Black Friday officially...
Fake News is More Than a Political Battlecry

Fake News is More Than a Political Battlecry

November 16, 2017 | 3 Min Read

This week, British Prime Minister Theresa May...
Why “Have a Safe Trip” Is Taking On Greater Meaning

Why “Have a Safe Trip” Is Taking On Greater Meaning

November 14, 2017 | 5 Min Read

This post originally appeared...
Groupthink

Know Where to Find Your Digital Risk

November 10, 2017 | 4 Min Read

This post originally appeared on SecurityWeek....
OPCATALUNYA

Pwnage to Catalonia: Five Things We Know About OpCatalunya

November 2, 2017 | 5 Min Read

Since October 24th, Digital Shadows has observed...
ICS Security Cyber Aware

ICS Security: Strawmen In the Power Station

October 31, 2017 | 5 Min Read

Congrats, it is now almost November and we have...
cyber extortion

Extorters Going to Extort: This Time Other Criminals Are the Victims

October 26, 2017 | 3 Min Read

We are increasingly used to the tactic of...
cyber vulnerabilities

Trust vs Access: A Tale of Two Vulnerability Classes

October 20, 2017 | 5 Min Read

It's been a big week in cyberspace, with high...
krack attacks

Key Reinstallation Attacks (KRACK): The Impact So Far

October 16, 2017 | 4 Min Read

Today, a series of high-severity vulnerabilities...
powershell

PowerShell Security Best Practices

October 8, 2019 | 9 Min Read

Updated as of October 8, 2019 Threat actors...
german election threats

Bringing Down the Wahl: Three Threats to the German Federal Election

September 14, 2017 | 7 Min Read

Hacking has become the boogie man of political...
Computer Worms Blog

Return of the Worm: A Red Hat Analysis

September 7, 2017 | 4 Min Read

A computer worm is a piece of malware that is...
Exploit Kits

Fluctuation in the Exploit Kit Market – Temporary Blip or Long-Term Trend?

August 16, 2017 | 5 Min Read

Exploit kit activity is waning. Collectively...
Threat Intelligence Social Media Security

All That Twitterz Is Not Gold: Why You Need to Rely on Multiple Sources of Intelligence

August 9, 2017 | 3 Min Read

Twitter has become an extremely valuable tool for...
Criminal Markets Alpha Bay Hansa

Cybercrime Finds a Way, the Limited Impact of AlphaBay and Hansa’s Demise

August 7, 2017 | 5 Min Read

The law enforcement operations that took down the...
Texting SMS Cyber Threats

Reading Your Texts For Fun and Profit – How Criminals Subvert SMS-Based MFA

August 1, 2017 | 4 Min Read

Why Multi Factor? Read almost any cyber security...
Threat Model

What is a Threat Model, and Why Organizations Should Care

July 31, 2017 | 4 Min Read

Many organizations are exquisitely aware that...
Credit Card Fraud

Fraudsters Scoring Big – an Inside Look at the Carding Ecosystem

July 18, 2017 | 3 Min Read

In season two of the Netflix series Narcos, Pablo...
Criminal Market Place Bitcoin Virtual Currency

The Future of Marketplaces: Forecasting the Decentralized Model

July 17, 2017 | 4 Min Read

Last week we wrote about the disappearance of...
AlphaBay Hansa Seized

AlphaBay Disappears: 3 Scenarios to Look For Next

July 14, 2017 | 6 Min Read

The AlphaBay dark web marketplace has been...
Penetration Testing

Threat Led Penetration Testing – The Past, Present and Future

July 10, 2017 | 5 Min Read

What is Threat Led Penetration Testing? Threat...
exploit kit

Petya-Like Wormable Malware: The “Who” and the “Why”

June 30, 2017 | 7 Min Read

Late on 27 June, the New York Times reported that...
Cyber Criminal Attack Vectors

Keep Your Eyes on the Prize: Attack Vectors are Important But Don’t Ignore Attacker Goals

June 23, 2017 | 5 Min Read

Reporting on intrusions or attacks often dwells...
Dark Web Cyber Crime

Threats From the Dark Web

June 26, 2017 | 5 Min Read

Despite the hype associated with the dark web,...
Wanna Cry Ransomware

WannaCry: An Analysis of Competing Hypotheses – Part II

June 7, 2017 | 7 Min Read

Following the furore of last month’s WannaCry...
Account Takeover Credential Stuffing

7 Tips for Protecting Against Account Takeovers

May 22, 2017 | 3 Min Read

In May 2017, an amalgamation of over 1 billion...
Encrypted Files WannaCry

WannaCry: An Analysis of Competing Hypotheses

May 18, 2017 | 6 Min Read

On 12 May 2017, as the WannaCry ransomware spread...
WannaCry Ransomware

5 Lessons from WannaCry: Preventing Attacks with Security Engineering

May 16, 2017 | 5 Min Read

With the recent news storm concerning the...
WannaCry Ransomware

WannaCry: The Early 2000s Called, They Want Their Worms Back

May 12, 2017 | 3 Min Read

Earlier today it was revealed that the United...
NIST Authentication

Authentication Nation: 5 Ways NIST is Changing How We Think About Passwords

May 9, 2017 | 4 Min Read

Passwords have taken a beating over the past...
Brand Reputation Digital Risk

The 3 Pillars of Digital Risk Management: Part 3 – The Top 5 Main Risks of Reputational Damage

April 27, 2017 | 2 Min Read

In this 3-part blog series, we discuss how each...
Threat Actors Cyber Criminals

The Usual Suspects: Understanding the Nuances of Actors’ Motivations and Capabilities

April 21, 2017 | 3 Min Read

When it comes to their adversaries, organizations...
French Election Cyber Threats

Liberté, égalité, securité: 4 Threats to the French Presidential Election

April 20, 2017 | 5 Min Read

French citizens will take to the polls on April...
Cyber Threats

The 3 Pillars of Digital Risk Management: Part 1 Understanding Cyber Threats

April 13, 2017 | 3 Min Read

What is Digital Risk Management? The National...
Research Intelligence Sources

All Sources Are Not the Same; Why Diversity Is Good for Intelligence

April 11, 2017 | 3 Min Read

As we all know, if you listen to just one side of...
OpIsrael

OpIsrael Hacktivists Targeted By Unknown Threat Actor

March 30, 2017 | 3 Min Read

Ideologically-motivated “hacktivist” actors...
Turk Hack

Turk Hack Team and the “Netherlands Operation”

March 29, 2017 | 4 Min Read

Since mid-March, Turk Hack Team have been...
Tax Fraud

Tax Fraud in 2017

March 27, 2017 | 4 Min Read

The IRS recently released an alert that warned...
Dutch Flag

Dutch Elections – Looking Back at Cyber Activity

March 21, 2017 | 3 Min Read

Last week, I wrote about the potential threats to...
Mobile App Screen

5 Risks Posed By Mobile Applications That SearchLight Helps You Manage

March 14, 2017 | 2 Min Read

Organizations face a wide range of risks online,...
Dutch Elections Red Pencil

Back to the red pencil – Cyber threats to the Dutch elections

March 13, 2017 | 5 Min Read

Over the weekend, media reports surfaced about...
Financial Threats

Learning from the Top Threats Financial Services Faced in 2016

March 8, 2017 | 2 Min Read

Organizations operating within the financial...
Blaze Exploit Kit

New “Blaze” exploit kit claims to exploit recent Cisco WebEx vulnerability

March 2, 2017 | 4 Min Read

A previously undetected exploit kit has been...
Penetration Testing

Step by Step: The Changing Face of Threat Led Penetration Testing

February 28, 2017 | 4 Min Read

Organizations are increasingly adopting the...
Sunset Stock

Sun to Set on BEPS/Sundown Exploit Kit?

February 22, 2017 | 4 Min Read

On February 13, 2017, the security researcher...
Valentines Day

Four Things to Look Out for This Valentine’s Day

February 14, 2017 | 4 Min Read

Consumers are increasingly moving to the Internet...
Malware Taylor Swift

An unusually Swift(tay) malware delivery tactic

February 9, 2017 | 5 Min Read

While doing some background research into recent...
Intelligence Cycle

F3EAD: Find, Fix, Finish, Exploit, Analyze and Disseminate – The Alternative Intelligence Cycle

February 8, 2017 | 4 Min Read

The F3EAD cycle (Find, Fix Finish, Exploit,...
Mongo DB

How the Frenzy Unfolded: Analyzing Various Mongo Extortion Campaigns

February 7, 2017 | 4 Min Read

The MongoDB “ransom” pandemic, which has been...
Super Bowl 2017

Ready for the Blitz: Assessing the Threats to Super Bowl LI

February 2, 2017 | 4 Min Read

Like any major event, Super Bowl LI brings with...
ATM Malware

Making Cents of ATM Malware Campaigns – Comparing and Contrasting Operational Methodologies

January 30, 2017 | 4 Min Read

Throughout 2016 some of the most notable...
Two Factor Authentication

Dial “M” for malware: Two-factor scamming

January 26, 2017 | 4 Min Read

Adversaries are developing new ways of attacking...
Ripper cc

Innovation in The Underworld: Reducing the Risk of Ripper Fraud

January 23, 2017 | 7 Min Read

Reputation is incredibly important for business....
Calendar Threats for 2017

Known Unknowns: Key Events to Keep Your Eyes Out for in 2017

January 19, 2017 | 3 Min Read

On Friday, millions will tune in to see Donald...
Intelligence Sources

Two Ways to Effectively Tailor Your Intelligence Products

January 17, 2017 | 4 Min Read

In my previous blog, “Trump and Intelligence: 6...
Keyboard

All You Can Delete MongoDB Buffet

January 12, 2017 | 4 Min Read

A number of extortion actors were detected...
Website

10 Ways You Can Prepare for DDoS Attacks in 2017

January 11, 2017 | 1 Min Read

At the end of last month, we published a paper...
Intelligence Consumer Trump

Trump and Intelligence: 6 Ways To Deal With Challenging Intelligence Consumers

January 4, 2017 | 4 Min Read

It is no secret the President Elect Trump is...
Anonymous Hacktivist

Mirai: A Turning Point For Hacktivism?

December 16, 2016 | 5 Min Read

A “digital nuclear attack”. A “zombie...
Trojan

Coming to a Country Near You? The Rapid Development of The TrickBot Trojan

December 16, 2016 | 4 Min Read

Since the discovery of TrickBot in September...
DDoS Extortion

Crowdsourced DDoS Extortion – A Worrying Development?

December 13, 2016 | 3 Min Read

We all know about DDoS extortion – the process...
Forecasts Cyber Security

You Should Consider Forecasts, Not Predictions

December 9, 2016 | 4 Min Read

Well it’s that time of year again. Sorry, not...
Chess Game

A Model of Success: Anticipating Your Attackers’ Moves

December 1, 2016 | 4 Min Read

In a previous blog, we discussed the role of...
Retail Cyber Threats

Windows Shopping: 7 Threats To Look Out For This Holiday Season

November 23, 2016 | 5 Min Read

Thanksgiving, Black Friday, Cyber Monday,...
Ransomware as a service

Ransomware-as-a-service: The Business Case

November 22, 2016 | 4 Min Read

It can be tempting to dismiss cybercriminal...
Tesco Bank

Leak on Aisle 12! An Analysis of Competing Hypotheses for the Tesco Bank Incident

November 11, 2016 | 5 Min Read

On November 6, 2016 multiple UK media outlets...
Media and Broadcasting Threats

Top 5 Threats to the Media and Broadcasting Industry

November 11, 2016 | 3 Min Read

For media and broadcasting organizations, the...
Code

Surveying the Criminal Market

November 8, 2016 | 3 Min Read

It’s no secret your personal information and...
Email Security

Five Tips For Better Email Security

November 8, 2016 | 4 Min Read

While security is everyone’s responsibility,...