Digital Shadows Blogs

Manage Your Digital Risk

  • ShadowTalk Update – Typosquatting and the 2020 U.S. Election, Honeypots, And Sudo Vulnerability

    ShadowTalk Update – Typosquatting and the 2020 U.S. Election, Honeypots, And Sudo Vulnerability

    Kacey, Charles, Harrison, and Alex kick off this week’s episode talking about our Fall Dallas team event (an amateur version ...

    Read Post
  • Honeypots: Tracking Attacks Against Misconfigured or Exposed Services

    Honeypots: Tracking Attacks Against Misconfigured or Exposed Services

    Honeypots can be useful tools for gathering information on current attack techniques. Conversely, they can be an overwhelming source of ...

    Read Post
  • Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground

    Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground

    we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat

    Read Post
  • Cybercriminal Forum Developments: Escrow Services

    Cybercriminal Forum Developments: Escrow Services

    On Russian- and English-language cybercriminal forums on the clear and dark web, vendors are increasingly asking interested buyers to place money in a forum escrow service before they will provide fur

    Read Post
  • ShadowTalk Update – Iran-linked APT35, Skimming by Magecart 4, Rancour, and Emotet Resurgence

    ShadowTalk Update – Iran-linked APT35, Skimming by Magecart 4, Rancour, and Emotet Resurgence

    We’re back in London this week! Viktoria chats with Adam Cook, Philip Doherty, and Josh Poole on this week’s top stories.

    Read Post
  • ANU Breach Report: Mapping to Mitre ATT&CK Framework

    ANU Breach Report: Mapping to Mitre ATT&CK Framework

    We decided to map this intrusion to the Mitre ATT&CK framework, as we have done previously for:

    Read Post
  • Dark Web Overdrive: The Criminal Marketplace Understood Through Cyberpunk Fiction

    Dark Web Overdrive: The Criminal Marketplace Understood Through Cyberpunk Fiction

    How can the modern network of .onion marketplaces be understood through novels about a cyberpunk dystopia? The answer is in how dark web marketplaces grow and die.

    Read Post
  • ShadowTalk Update – Magecart Five Widens Attack Vectors, Suspected Chinese Threat Actor Targets Airbus Suppliers, and Tortoiseshell Developm

    ShadowTalk Update – Magecart Five Widens Attack Vectors, Suspected Chinese Threat Actor Targets Airbus Suppliers, and Tortoiseshell Developm

    Coming to you from London this week, Jamie Collier, Philip Doherty, and Josh Poole join Viktoria Austin for our weekly ...

    Read Post
  • Interactive Threat Hunting on the Dark Web - Live Webinar Workshop

    Interactive Threat Hunting on the Dark Web - Live Webinar Workshop

    Curious about the dark web but tired of the hype? This interactive webinar workshop will outline the history of the dark web, some recent trends, and some interesting war stories.

    Read Post
  • Top Threat Intelligence Podcasts to Add to Your Playlist

    Top Threat Intelligence Podcasts to Add to Your Playlist

    Looking for some new threat intelligence podcasts to add to your playlist? Look no further! Our Photon Threat Intelligence Research team shares their top tracks.

    Read Post
  • Domain Squatting: The Phisher-man’s Friend

    Domain Squatting: The Phisher-man’s Friend

    Simon talks about how easy it is to conduct domain squatting and typosquatting, and how little monitoring still goes on around them in the industry.

    Read Post
  • ShadowTalk Update – Tortoiseshell Targets IT Providers, the Tyurin Indictment, and Emotet’s Return

    ShadowTalk Update – Tortoiseshell Targets IT Providers, the Tyurin Indictment, and Emotet’s Return

    Viktoria hosts this week’s episode in London with Phillip Doherty and Adam Cook. After a quick debate around the top ...

    Read Post
  • Singapore Cyber Threat Landscape report (H1 2019)

    Singapore Cyber Threat Landscape report (H1 2019)

    Despite being the second smallest country in Asia, Singapore is a global financial and economic hub. On top of this, ...

    Read Post
  • Mapping the Tyurin Indictment to the Mitre ATT&CK™ framework

    Mapping the Tyurin Indictment to the Mitre ATT&CK™ framework

    When the attacker, Andrei Tyurin, pleaded guilty, we thought we could look at the attacker goals, their TTPs and map this to the Mitre PRE-ATT&CK and ATT&CK framework.

    Read Post
  • SecDevOps: Continued Database Exposures Point to Growing Challenges

    SecDevOps: Continued Database Exposures Point to Growing Challenges

    Last week, we learned that millions of Ecuadorian’s personal details had been exposed by a misconfigured ElasticSearch database. This is ...

    Read Post
  • ShadowTalk Update – Universities still attracting espionage from Iran, SimJacker exploit, NCSC Threat Trends, and Ransomware Updates

    ShadowTalk Update – Universities still attracting espionage from Iran, SimJacker exploit, NCSC Threat Trends, and Ransomware Updates

    It’s Harrison and Alex this week for your threat intelligence updates. The guys first dig into the NCSC’s recent threat ...

    Read Post
  • Nemty Ransomware: Slow and Steady Wins the Race?

    Nemty Ransomware: Slow and Steady Wins the Race?

    As we outlined recently, ransomware is a key theme of the NCSC Cyber Trends Report: it’s a pervasive threat that ...

    Read Post
  • NCSC Cyber Threat Trends Report: Analysis of Attacks Across UK Industries

    NCSC Cyber Threat Trends Report: Analysis of Attacks Across UK Industries

    The United Kingdom’s National Cyber Security Centre (NCSC) recently released their Incident trends report (October 2018 – April 2019) which ...

    Read Post
  • Your Data at Risk: FBI Cyber Division Shares Top Emerging Cyber Threats to Your Enterprise

    Your Data at Risk: FBI Cyber Division Shares Top Emerging Cyber Threats to Your Enterprise

    Data breaches are not slowing down. Nobody expects to be a victim, but the data shows the exponential growth in ...

    Read Post
  • ShadowTalk Update – Metasploit Project Publishes Exploit For Bluekeep, plus APT3 and Silence Cybercrime Group Updates

    ShadowTalk Update – Metasploit Project Publishes Exploit For Bluekeep, plus APT3 and Silence Cybercrime Group Updates

    Viktoria Austin is joined by Adam Cook and Phil Dohetry this week in the London office to talk about the ...

    Read Post
  • loading
    Loading More...