ESG: The Pressing Need for Digital Risk Management
CISOs and risk officers must adopt a thorough digital risk management strategy that includes monitoring, fi...
Error - something went wrong!
Other content in this Stream
Top Cyber Threats to the Healthcare & Pharmaceutical Sector
There is no shortage of cyber threats against the lucrative health care, medical device and pharmaceutical sectors. Discover the top cyber threats to these industries.
Social Media Oversharing by Healthcare Executive Puts Firm at Risk
Digital Shadows helped a healthcare organization discover that one of its technical executives had included specific system, server models, and software versions on a career biography posted online.
Weekly Intelligence Summary 05 Dec - 12 Dec 2019
“Lazarus Group” has been linked to a new trojanized Mac OS X application, demonstrating the threat group’s preference for employing OS X malware over the past two years.
Tochka Dark Web Market Offline, Market.ms Closes, And Data Leakage Stories
Alex, Harrison, Kacey, and Charles chat this week on some dark web and cybercriminal updates, data leakage stories that have hit the news, plus a GDPR story where an ISP was hit with a €9.6...
Threat Intelligence: A Deep Dive
Welcome to our deep dive on threat intelligence: intended to help security professionals embarking on creating and building a ...
Eliminating Third Party Cyber Risks from Healthcare Delivery
Hear from Associate Director Suzanne Schwartz from the Food and Drug Administration and Digital Shadows for an informative session on best practices for eliminating third party risks.
Digital Risk Protection: Forrester New Wave Report
Digital Shadows Named a "Leader" in 2018 Forrester New Wave for Digital Risk Protection
Forums are Forever – Part 1: Cybercrime Never Dies
The survival of the cybercriminal forum in the face of new, more secure technologies and constant pressure from law enforcement does not come as a surprise to researchers at Digital Shadows.
Forums are Forever – Part 2: Shaken, but not Stirred
Part 2 looks at cybercriminal forum users’ resistance to moving away from the forum model.
A Threat Intelligence Analyst’s Guide to Today’s Sources of Bias
This blog seeks to rebalance intelligence tradecraft discussions by highlighting some of the less glamorous everyday sources of bias that are too often overlooked.
A Practical Guide to Reducing Digital Risk
This practical guide provides advice to help understand how to identify critical business assets, understand the threat, monitor for exposure, and take action.
Probiv: The missing pieces to a cybercriminal’s puzzle
in the cybercriminal underground, there’s a service (and even a dedicated platform) that enables anyone to obtain sensitive information via insiders: Probiv.
SecDevOps: Continued Database Exposures Point to Growing Challenges
Last week, we learned that millions of Ecuadorian’s personal details had been exposed by a misconfigured ElasticSearch database. This is ...
Cybercriminal credit card stores: Is Brian out of the club?
In this blog, we determine whether this targeted attack on BriansClub will impact the wider cybercriminal credit carding landscape, and speculate whether it could galvanize the community to push anoth
Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground
we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat
Too Much Information: The Sequel | New Research
There are now 750 million more files exposed than we reported last year; not all of them are blatantly sensitive, but there is plenty of gold in these mountains.
Domain Squatting: The Phisher-man’s Friend
Simon talks about how easy it is to conduct domain squatting and typosquatting, and how little monitoring still goes on around them in the industry.
Dark Web Monitoring: The Good, The Bad, and The Ugly
Gaining access to dark web and deep web sources can be extremely powerful – if you focus on relevant use cases. The most successful strategies we observe have clear requirements, such as fraud detecti
Two-Factor in Review
A technical assessment of the most popular mitigation for account takeover attacks
Detecting Infrastructure Weaknesses - Open Ports | Case Study