Advanced persistent threat group feature: Mustang Panda
Advanced persistent threat (APT) groups are often tricky to wrap your head around. By their nature, state-associated groups are well-resourced ...
Read Post
Five years after the WannaCry dumpster fire, ransomware remains a global threat
It has been five years since the dumpster fire we all remember as WannaCry. WannaCry is self-propagating ransomware that held ...
Read Post
Weekly: The Return of REvil, China APT Activity, Russia-Ukraine RoundUp
ShadowTalk host Chris alongside Ivan and Nicole bring you the latest in threat intelligence. This week they cover:
* REvil ransomware returns with new malware
* Moshen Dragon targeting...
Read Post
ALPHV: The First Rust-Based Ransomware
In late 2021, we observed a new ransomware operation named “ALPHV” (also known as BlackCat) emerge. The group operates as ...
Read Post
Colonial Pipeline One Year Later: What’s Changed?
For the first half of 2021, ransomware groups looked unstoppable. Ransomware gangs were adding victim after victim on their dark ...
Read Post
The Russia – Ukraine war: Two months in
The two-month mark of the Russia and Ukraine war has passed, with Russia almost certainly having failed to meet its ...
Read Post
Opportunity in the midst of chaos: Russian-speaking cybercriminals grapple with sanctions and forum takedowns
As a threat intelligence professional, it’s difficult to ignore how major developments in the real world affect the lives of ...
Read Post
The Power Of Data Analysis In Threat Intelligence – Part 2: Machine Learning
This blog is the second part of our Data Analysis in Threat Intelligence series, where we focus on the tools ...
Read Post
What We’re Reading This Month: April 2022
As an intelligence analyst, it’s paramount to stay on top of what’s happening in the world around you. To inform ...
Read Post
The role of Non-Fungible Tokens (NFTs) in facilitating cybercrime
You’d have to have been living under a rock to have avoided the excitement surrounding Non-Fungible-Tokens (NFTs) in the last ...
Read Post
Weekly: Cybercriminal Forums Go Down & Cyber Activity in the Russia-Ukraine War Go Up
ShadowTalk host Stefano alongside Rory bring you the latest in threat intelligence. This week they cover:
* 'RaidForums' has been shut down and seized
* SandWorm targets electrical substations in...
Read Post
Q1 2022 Vulnerability Roundup
In the first quarter of 2022, several high-severity vulnerabilities were targeted by threat actors to facilitate malicious campaigns. The first ...
Read Post
Q1 2022 Ransomware Roundup
As the new year has reached the end of its first quarter, it’s time for us to go back and ...
Read Post
Intelligence Collection Plans: Preparation breeds success
It’s been a little over a month since I wrote about how intelligence requirements (IRs) can help plan a cyber ...
Read Post
Team A vs Team B: What is Motivating Lapsus$?
In the past few weeks, the Lapsus$ threat group captured the security community’s attention with a series of brazen and ...
Read Post
Five things we learned from the Conti chat logs
At the end of February, the cybersecurity community was rocked by the appearance of alleged chat logs recording conversations between ...
Read Post
Special: Structured Analytical Techniques and Office Banter
ShadowTalk host Stefano alongside Chris and Rick bring you the latest on structured analytical techniques. This episode they cover:
*Why they use SATs in their intel team
*How they came up with...
Read Post
Weekly: Q1 Review Including Russia-Ukraine War, REvil Arrests, Emergence of Lapsus$ & More!
ShadowTalk host Stefano alongside Kim, Xue, and Rick bring you the latest in threat intelligence. This week they cover:
* A recap of a highly dynamic quarter including:
* Log4j complex mitigation...
Read Post
The Power of Data Analysis in Threat Intelligence – Part 1: Data Collection and Data Mining
In 2020, there was an estimated 59 trillion gigabytes of data in the world. Most of which was created in ...
Read Post
“Your rubles will only be good for lighting a fire”: Cybercriminals reel from impact of sanctions
Since Russia’s invasion of Ukraine in February, the Digital Shadows Photon team has been following multiple aspects of the tragic ...
Read Post