Digital Shadows helps a security manager of a large technology company find that 5,000 employee pay stubs were publicly available online.
Home » Data Loss Detection » Digital Shadows Detects and Removes Publicly Accessible Employee Pay Stubs
Digital Shadows finds 1.5 billion business and consumer files exposed online
Digital Shadows finds 1.5 billion business and consumer files exposed online – just one month prior to GDPR...
Error - something went wrong!
Other content in this Stream
Too Much Information: The Sequel | New Research
There are now 750 million more files exposed than we reported last year; not all of them are blatantly sensitive, but there is plenty of gold in these mountains.
2.3 billion files exposed across online file storage technologies
Currently 2.3 billion files are being made publicly available by misconfigured and non-secured technologies used to store this data such as Amazon S3 buckets, Server Message Block (SMB), File Transfer
SecDevOps: Continued Database Exposures Point to Growing Challenges
Last week, we learned that millions of Ecuadorian’s personal details had been exposed by a misconfigured ElasticSearch database. This is ...
Detecting Exposed Credentials | Case Study
See how one large bank detected more than 50,000 exposed credentials in 1 year.
Data Leakage Detection
Detect sensitive data that's been exposed by employees, contractors, or third parties.
Tochka Dark Web Market Offline, Market.ms Closes, And Data Leakage Stories
Alex, Harrison, Kacey, and Charles chat this week on some dark web and cybercriminal updates, data leakage stories that have hit the news, plus a GDPR story where an ISP was hit with a €9.6...
Weekly Intelligence Summary 05 Dec - 12 Dec 2019
“Lazarus Group” has been linked to a new trojanized Mac OS X application, demonstrating the threat group’s preference for employing OS X malware over the past two years.
Threat Intelligence: A Deep Dive
Welcome to our deep dive on threat intelligence: intended to help security professionals embarking on creating and building a ...
Asset Inventory Management: Difficult But Essential
Asset inventories are one of the most important things to get right. Done correctly, they give you the best insight into your potential attack surface and identify where to focus your efforts.
Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground
we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat
Black Friday Deals On The Dark Web, Phineas Fisher Manifesto, And DarkMarket
Adam Cook and Viktoria Austin talk through the security and threat intelligence stories of this week including an update around Phineas Fisher, where the hacker offered up to $100k in what they...
Cybercriminal credit card stores: Is Brian out of the club?
In this blog, we determine whether this targeted attack on BriansClub will impact the wider cybercriminal credit carding landscape, and speculate whether it could galvanize the community to push anoth
Your Data at Risk – Emerging Cyber Threats to Your Enterprise with the FBI Cyber Division
The first half of 2019 has revealed no ebb in the number of massive data breaches and cybersecurity disasters. As the threat landscape continues to evolve and unfortunate enterprises have become the v
Honeypots: Tracking Attacks Against Misconfigured or Exposed Services
Honeypots can be useful tools for gathering information on current attack techniques. Conversely, they can be an overwhelming source of ...
Understanding the Consequences of Data Leakage through History
One of the most interesting aspects of transitioning from high school history teacher to cyber threat intelligence professional is the ...
Breach! Exploring the Modern Digital Breach: Part 2
What practical steps should organizations and the professionals within them be thinking about in this new world? We have a special two-part series where Rick Holland, VP Intelligence and CISO at Digit
ANU Breach Report: Mapping to Mitre ATT&CK Framework
We decided to map this intrusion to the Mitre ATT&CK framework, as we have done previously for:
Mapping the Tyurin Indictment to the Mitre ATT&CK™ framework
When the attacker, Andrei Tyurin, pleaded guilty, we thought we could look at the attacker goals, their TTPs and map this to the Mitre PRE-ATT&CK and ATT&CK framework.
Harnessing Exposed Data to Enhance Cyber Intelligence
We will walk you through each stage of this exploited data cycle to illustrate the economy of exposed credentials, and then present ways you can protect and mitigate the threats targeting your organiz
Data Loss Detection Overview