Michael Marriott is a research analyst at Digital Shadows, which he joined in late 2014. A strong up-and-comer in cybersecurity, Michael has a passion for security analysis and the trends they indicate, in order to better protect clients. He has written several articles and papers, and designed the “CATER” model of cyber threat intelligence, which is a call to action to the industry for more relevant insights to make threat intelligence less daunting for the end users who rely on it. He holds a BA in History and Masters in Applied Security and Strategy, both from the University of Exeter.
In this 3-part blog series, we discuss how each of the 3 pillars, Cyber Threat, Data Leakage, and Reputational Damage, contributes to Digital Risk Management.
Risk is a well-developed concept within cybersecurity. The National Institute of Standards and Technology (NIST) defines the field of risk management as: “The process of identifying risk, assessing risk, and...
Organizations face a wide range of risks online, including cyber threats, data leakage and reputational damage.
Organizations operating within the financial services industry represent an attractive target for threat actors. Our latest white paper, Threats to Financial Services: Taking Note from 2016, takes a look at...
On Friday, millions will tune in to see Donald Trump inaugurated as the President of the United States.
At the end of last month, we published a paper that forecasted the DDoS landscape for 2017.
We all know about DDoS extortion – the process is straightforward. Contact the company, threaten to launch a crippling DDoS attack that will happen unless the company pays a ransom.
For media and broadcasting organizations, the threat of having their websites forced offline is a significant one.
Contrary to some media reporting, our latest whitepaper finds that cyber activity during the 2016 U.S. presidential election does not appear to have demonstrably altered events in the short-term.
There has been no shortage of media coverage surrounding U.S. election and the associated nefarious cyber activity.
Data breaches and credential compromise are not new. After all, 2014 was known as the “year of the data breach”. Last year was similarly dubbed the “year of the breach”.
We’ve previously written on the most popular vulnerabilities that exploit kits are using. But how might the exploit kit market develop over the next year?
One significant aspect of mitigating the risk posed by exploit kits is keeping software up-to-date. However, for some organizations, knowing what to patch as a priority can be difficult.
At the beginning of 2016, it was reported that two suspected members of the DD4BC, a DDoS extortion group, were arrested in Europe.
We’ve written before about how we like to map our services to the intelligence cycle. Of course, the intelligence cycle has its challenges – you only need to look to...
As explained in a previous blog, extortion is not new – it’s now just been applied to the digital world in many different forms. In fact, as our extortion whitepaper...
DDoS extortion and ransomware attacks have featured heavily in the headlines recently. But the practice of obtaining money through threats is not new.
The dark web receives more than its fair share of media coverage pertaining to cyber crime.
After having discussed the importance of planning and persistence in APTs, it is important to conclude by considering the significance of resources.
There’s no shortage of online hacktivist operations launched by actors who are seeking to readdress injustices, perceived or actual. Indeed, we have previously posted blogs on such OpIsrael and OpOlympicHacking.
Ransomware can cause big problems for individuals and organizations, but what are the new types of malware that are being advertised on the dark web, are they genuine and what...
For organizations that are looking to secure their online presence, there is no shortage of products on offer.
On 17 April 2016, two posts were added to Pastebin (one in Spanish, the other in English) detailing the alleged methods and tools used to access the internal network of...
When striving to understand threats outside of an organization’s boundary, continuous monitoring and real-time alerts are two features that are often talked about.
Strong, robust, stable, resilience – these are all words associated with a successful security posture. They’re comforting words that serve to gain the confidence of executives.
In our last blog on OpIsrael, we assessed what we were likely to observe on April 7.
Last month our intelligence team published a blog on the use of ABI in understanding OpIsrael 2016, which suggested that the level of talk was indicative of an active campaign...
Achieving a better understanding of the threat landscape is key for organizations; the better they know their enemies, the better they can align their security postures. But it is hard.
Last month, TalkTalk disclosed that they been the victim of a cyber attack on its website.
One of the most active actors of the past several months has been a hacktivist group who identify themselves as ‘Crackas With Attitude’ (CWA).
On 13 Oct 2015, it was revealed in an indictment on the US department of Justice website that Dridex (AKA Bugat and Cridex) activity had been disrupted and charges filed...
Our white paper, Cyber Threat Intelligence: A Buyer’s Guide, provides an overview of current CTI approaches and the types of offerings available.
There is no shortage of credit card information being sold online. In the past six months alone, our spider (which covers I2P and ToR Darknet overlay networks as well as surface web carding sites) detected thousands of instances of sites offering credit...
This post moves on to the second cause of groupthink and tries to understand how organizational structural faults may result in manifestations of groupthink.