Digital Shadows Blogs

Manage Your Digital Risk

  • Third Party Risk: 4 ways to manage your security ecosystem

    Third Party Risk: 4 ways to manage your security ecosystem

      The digital economy has multiplied the number of suppliers that organizations work and interact with. Using a supplier can ...

    Read Post
  • Taz | Big Brother hilft Microsoft

    Taz | Big Brother hilft Microsoft

    Ein US-amerikanischer Geheimdienst findet eine Windows-Sicherheitslücke und informiert Microsoft. Das könnte Teil einer neuen Strategie sein.

    Read Post
  • NSA Vulnerability Disclosure: Pros and Cons

    NSA Vulnerability Disclosure: Pros and Cons

      On Monday, January 13th, Brian Krebs reported that Microsoft would be releasing “a software update on Tuesday to fix ...

    Read Post
  • CVE-2019-19781: Analyzing the Exploit

    CVE-2019-19781: Analyzing the Exploit

      On December 17th 2019, CVE-2019-19781 was disclosed. The vulnerability allows for directory traversal and remote code execution on Citrix ...

    Read Post
  • Cryptonite: Ransomware’s answer to Superman…

    Cryptonite: Ransomware’s answer to Superman…

    A new ransomware-as-a-service (RaaS) platform called Cryptonite plans to not only bring ransomware to the masses, but has the added benefit of reportedly being fully undetectable, requiring minimal...

    Read Post
  • Iran and the United States – start of the long war or return to normal?

    Iran and the United States – start of the long war or return to normal?

    There are useful precedents that can assist when we consider how this will unfold in the near-term future.

    Read Post
  • ShadowTalk Update – Iranian Cyber Threats, Travelex Ransomware Attack, and Exploit Forum updates

    ShadowTalk Update – Iranian Cyber Threats, Travelex Ransomware Attack, and Exploit Forum updates

    Viktoria hosts this week and introduces the episode bringing Sammy on to provide some regional insight and context around the Iranian cyber threat and discusses whether a cyber response is likely.

    Read Post
  • Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and the ASD Essential 8

    Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and the ASD Essential 8

    We will use the Essential 8 as part of our toolkit in thinking about how to mitigate against the TTPs used by these APT groups.

    Read Post
  • Iran and Soleimani: Monitoring the Situation

    Iran and Soleimani: Monitoring the Situation

    We focus on the cyber-related fallout from the situation, and ways that they may or may not impact our clients. We will continue to update this blog as related events unfold.

    Read Post
  • Iranian Cyber Threats: Practical Advice for Security Professionals

    Iranian Cyber Threats: Practical Advice for Security Professionals

    Unless you went very dark for an extended holiday break, you are no doubt very well aware of the United ...

    Read Post
  • ShadowTalk Update – Jingle Bell Ryuk: NOLA Ransomware, Ring Doorbells, and 2020 Predictions

    ShadowTalk Update – Jingle Bell Ryuk: NOLA Ransomware, Ring Doorbells, and 2020 Predictions

    CISO Rick Holland joins our ShadowTalk hosts (Viktoria, Alex, and Harrison) for our holiday special! This week the team covers: ...

    Read Post
  • Top Security Blogs of 2019 from Digital Shadows

    Top Security Blogs of 2019 from Digital Shadows

    As we approach the end of 2019, we wanted to share some of the most popular security trends and blogs from this year that we saw on our blog.

    Read Post
  • The Closure of Market.ms: A Cybercriminal Marketplace Ahead of Its Time

    The Closure of Market.ms: A Cybercriminal Marketplace Ahead of Its Time

    While it may be challenging to assess what went wrong for market[.]ms conclusively, this blog examines some potential reasons behind its demise, as well as looking at the extraordinary professionalism

    Read Post
  • 2020 Cybersecurity Forecasts: 5 trends and predictions for the new year

    2020 Cybersecurity Forecasts: 5 trends and predictions for the new year

    In this blog, we discuss several significant trends and events that have helped shape the cyber threat landscape, all of which will almost certainly continue through 2020.

    Read Post
  • Forums are Forever – Part 3: From Runet with Love

    Forums are Forever – Part 3: From Runet with Love

    The third and final installment of this blog series investigates several characteristics of forums that make them ideal for supporting cybercriminal communities.

    Read Post
  • ShadowTalk Update – Tochka Dark Web Market Offline, Market.ms Closes, and Data Leakage Stories

    ShadowTalk Update – Tochka Dark Web Market Offline, Market.ms Closes, and Data Leakage Stories

    Alex, Harrison, Kacey, and Charles chat this week on some dark web and cybercriminal updates, data leakage stories that have hit the news, plus a GDPR story where an ISP was hit with a €9.6 Million Fi

    Read Post
  • Threat Intelligence: A Deep Dive

    Threat Intelligence: A Deep Dive

      Welcome to our deep dive on threat intelligence: intended to help security professionals embarking on creating and building a ...

    Read Post
  • SecurityInsider: Doppelt hält (nicht immer) besser

    SecurityInsider: Doppelt hält (nicht immer) besser

    Zwei-Faktor-Authentifizierung (2FA) hat sich als die Lösung für Online-Banking, E-Commerce-Seiten und Social-Media-Plattformen etabliert. Absolute Sicherheit ist damit jedoch nicht garantiert.

    Read Post
  • Forums are Forever – Part 2: Shaken, but not Stirred

    Forums are Forever – Part 2: Shaken, but not Stirred

    Part 2 looks at cybercriminal forum users’ resistance to moving away from the forum model.

    Read Post
  • ShadowTalk Update – Cybercriminal Forum Research, Mixcloud Breach, and International Crackdown on RAT Spyware

    ShadowTalk Update – Cybercriminal Forum Research, Mixcloud Breach, and International Crackdown on RAT Spyware

    Viktoria invites Stewart Bertram to kick-off this week’s episode around new cybercrime research we put out on the Modern Cybercriminal Forum and how the rise of alternative technologies hasn’t spelled

    Read Post
  • loading
    Loading More...