Most organizations have evolved to embrace the API economy and utilize multiple vendors and systems for the delivery of their products and services. Whenever you utilize a vendor, that requires data, systems or network access, their attack surface poses a threat to your data. Learn how complex enterprises rely on third party systems, networks and service providers and the associated steps they take to protect data.
Other content in this Stream
This practical guide provides advice to help understand how to identify critical business assets, understand the threat, monitor for exposure, and take action.
Dallas is sound effects and all this week with Kacey, Charles, Alex, and Harrison. The team discusses their recent OSINT workshop at BSidesDFW and how you can access the training materials, plus...
Multiple reports of successful ransomware attacks have highlighted the risk to organizations of all sizes but, despite the media attention, other extortion tactics are being overlooked.
we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat
If an attacker had all my credit card information, would this 2FA solution prevent it from being used illegitimately?
The Digital Shadows service continually identifies when new potentially impersonating domains emerge, and provides a risk score based on contextual information such as whether the domain is hosting...
In this blog, we determine whether this targeted attack on BriansClub will impact the wider cybercriminal credit carding landscape, and speculate whether it could galvanize the community to push anoth
Digital Shadows integrates with Mimecast email security to proactively protect your employees from known domains posing a phishing risk, reducing the likelihood of successful phishing attacks.
We’re all familiar with forums and marketplaces (we use them in our daily lives – think Reddit, eBay, or Amazon, for example), but what exactly is an AVC? What do they look like?
Adam Cook, Philip Doherty, and Viktoria Austin host this week’s ShadowTalk update around an unsecured Elasticsearch database exposing account information of aboutt 7.5 million Adobe Creative Cloud...
In this blog we are going to review where this view of dangerous public WiFi networks came from, how close it comes to reality, and how to actually protect yourself from the real dangers which can occ
10:00Photon Research Team thought it would be interesting to use this pool of candidates as a backdrop for research into typosquatted domains
One of the most interesting aspects of transitioning from high school history teacher to cyber threat intelligence professional is the ...
Honeypots can be useful tools for gathering information on current attack techniques. Conversely, they can be an overwhelming source of ...
Gaining access to dark web and deep web sources can be extremely powerful – if you focus on relevant use cases. The most successful strategies we observe have clear requirements, such as fraud detecti
Since founding the company in 2011, we’ve had some memorable milestones: from the first release of SearchLight in 2014, to ...
How can the modern network of .onion marketplaces be understood through novels about a cyberpunk dystopia? The answer is in how dark web marketplaces grow and die.
Last week, we learned that millions of Ecuadorian’s personal details had been exposed by a misconfigured ElasticSearch database. This is ...
