Cybercriminals on the Outlook for Your Emails
In this research, Digital Shadows outlines the declining barriers to entry for this type of fraud. Check ou...
Error - something went wrong!
Other content in this Stream
Top Cyber Threats to the Legal Sector
Legal firms can be attractive targets for cybercriminals. This is especially true for those firms working on mergers and acquisitions, where they possess a lot of sensitive, non-public information.
Law Firm Uncovers Sensitive Executive Details Online
Digital Shadows helped a regional law firm discover key employee details exposed online for its Chief Counsel - including family names and home addresses.
Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground
we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat
Digital Risk Protection: Forrester New Wave Report
Digital Shadows Named a "Leader" in 2018 Forrester New Wave for Digital Risk Protection
A Threat Intelligence Analyst’s Guide to Today’s Sources of Bias
This blog seeks to rebalance intelligence tradecraft discussions by highlighting some of the less glamorous everyday sources of bias that are too often overlooked.
The Modern Cybercriminal Forum
We took a deep-dive into the cybercriminal underground to investigate the persistence of forums, uncovering several reasons they remain attractive amid appealing alternatives.
Weekly Intelligence Summary 05 Dec - 12 Dec 2019
“Lazarus Group” has been linked to a new trojanized Mac OS X application, demonstrating the threat group’s preference for employing OS X malware over the past two years.
Breach! Exploring the Modern Digital Breach: Part 1
It seems like we read about new breaches every day. What’s changing? How is exposure and the adoption of digital technology changing the breach landscape? We have a special two-part series where Rick
Tochka Dark Web Market Offline, Market.ms Closes, And Data Leakage Stories
Alex, Harrison, Kacey, and Charles chat this week on some dark web and cybercriminal updates, data leakage stories that have hit the news, plus a GDPR story where an ISP was hit with a €9.6...
Threat Intelligence: A Deep Dive
Welcome to our deep dive on threat intelligence: intended to help security professionals embarking on creating and building a ...
Forums are Forever – Part 2: Shaken, but not Stirred
Part 2 looks at cybercriminal forum users’ resistance to moving away from the forum model.
Forums are Forever – Part 1: Cybercrime Never Dies
The survival of the cybercriminal forum in the face of new, more secure technologies and constant pressure from law enforcement does not come as a surprise to researchers at Digital Shadows.
Mapping the Tyurin Indictment to the Mitre ATT&CK™ framework
When the attacker, Andrei Tyurin, pleaded guilty, we thought we could look at the attacker goals, their TTPs and map this to the Mitre PRE-ATT&CK and ATT&CK framework.
Understanding the Different Cybercriminal Platforms: AVCs, Marketplaces, and Forums
We’re all familiar with forums and marketplaces (we use them in our daily lives – think Reddit, eBay, or Amazon, for example), but what exactly is an AVC? What do they look like?
Understanding the Consequences of Data Leakage through History
One of the most interesting aspects of transitioning from high school history teacher to cyber threat intelligence professional is the ...
Typosquatting and the 2020 U.S. Presidential election
Photon Research Team thought it would be interesting to use this pool of candidates as a backdrop for research into typosquatted domains
SecDevOps: Continued Database Exposures Point to Growing Challenges
Last week, we learned that millions of Ecuadorian’s personal details had been exposed by a misconfigured ElasticSearch database. This is ...
Two-Factor in Review
A technical assessment of the most popular mitigation for account takeover attacks
Detecting Exposed Credentials | Case Study
See how one large bank detected more than 50,000 exposed credentials in 1 year.
Too Much Information: The Sequel | New Research