The Most Popular Security Blog Topics of 2018

The Most Popular Security Blog Topics of 2018
Michael Marriott
More From Michael Marriott

3 Min Read

It’s been a busy year on the Digital Shadows blog, with almost 150 blogs published since January 1. As we move into the tail end of 2018, I wanted to share some of the most popular blogs and themes for this year.

US-CERT Draws on Digital Shadows Research

It’s been a pleasure to have had our blogs featured in a couple of US CERT alerts. First, in July, we released research on the growing threats to ERP (Enterprise Resource Planning) Applications, which led to a US CERT alert, Malicious Cyber Activity Targeting ERP Applications,  on the same topic.

Second, in October, our advice for securing PowerShell was referenced in US CERT’s note on how five publicly-available tools have been used for malicious purposes. You can read the full advisory here: Publicly Available Tools Seen in Cyber Incidents Worldwide.

MITRE ATT&CK Grows in Popularity

The MITRE ATT&CK framework, which provides a common vocabulary for how to talk about threat intelligence, has grown significantly in popularity and adoption in 2018. Drawing on the many indictments unsealed in 2018, we have published numerous blogs that map public indictments to the MITRE ATT&CK framework, including those against GRU for interference in 2016 US election, FIN7, FSB, and a North Korea Programmer. If you’re tired of reading, check out a podcast we recorded with Katie Nickels, the MITRE ATT&CK Threat Intelligence Lead, on this topic.

Mapping these indictments to the MITRE ATT&CK framework is useful, but it’s also important to map these to our defenses. That’s why we pulled all of these assessments together and mapped them to the ASD Essential 8, helping to understand how we can best mitigate many typical adversary behaviors.

Alarming Amount of Data Exposed

Unsurprisingly, 2018 was yet another year with eye-watering amounts of data exposed with 4.5 billion breached records in the first half of 2018. This was most recently demonstrated through the breach of 500 million Marriott records.

While some data is exposed through intrusions, a staggering amount of information is already inadvertently exposed through employees and third parties.  Our “Too Much Information” research discovered over 1.5 billion files from a host of services, including Amazon S3 buckets, rsync, SMB, FTP, NAS drives, and misconfigured websites. Almost all countries are affected, but the United States experienced the most exposure with 239,607,590 files.

 

There’s plenty more to come in 2019, so don’t forget to stay in touch and subscribe to our threat intelligence emails.

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

connect with us

Related Posts

Threat Model of a Remote Worker

Threat Model of a Remote Worker

March 25, 2020 | 7 Min Read

  Threat models are an often discussed...
The Iowa Caucus: Third-Party Apps Can Be Risky Business

The Iowa Caucus: Third-Party Apps Can Be Risky Business

February 6, 2020 | 7 Min Read

  If you’ve seen HBO’s Silicon...
NSA Vulnerability Disclosure: Pros and Cons

NSA Vulnerability Disclosure: Pros and Cons

January 15, 2020 | 5 Min Read

  On Monday, January 13th, Brian Krebs...
CVE-2019-19781: Analyzing the Exploit

CVE-2019-19781: Analyzing the Exploit

January 14, 2020 | 4 Min Read

  On December 17th 2019, CVE-2019-19781...