See how one global retailer detected almost 2,000 domains impersonating their brand.
Other content in this Stream
Phishing Protection
Discover attackers impersonating your domains, social accounts, people, and mobile applications.
Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground
we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat
Combatting Domain-Centric Fraud: Why Mimecast is partnering with Digital Shadows
The Digital Shadows service continually identifies when new potentially impersonating domains emerge, and provides a risk score based on contextual information such as whether the domain is hosting...
10:00Typosquatting and the 2020 U.S. Presidential election
Photon Research Team thought it would be interesting to use this pool of candidates as a backdrop for research into typosquatted domains
Mimecast and Digital Shadows Integration
Digital Shadows integrates with Mimecast email security to proactively protect your employees from known domains posing a phishing risk, reducing the likelihood of successful phishing attacks.
Dark Web Typosquatting: Scammers v. Tor
Time and time again, we see how the cybercriminal ecosystem often mirrors what happens in the business world. This can ...
Simon talks about how easy it is to conduct domain squatting and typosquatting, and how little monitoring still goes on around them in the industry.
Typosquatting and the 2020 U.S. Election, Honeypots, And Sudo Vulnerability
Kacey, Charles, Harrison, and Alex kick off this week’s episode talking about our Fall Dallas team event (an amateur version of Chopped). Then we dig into the hot topics of the week.
Weekly Intelligence Summary 10 Oct - 17 Oct 2019
In the spotlight this week is the “Simjacker” exploit, publicly disclosed in September 2019 and now potentially affecting entities across 29 countries.
ANU Breach Report: Mapping to Mitre ATT&CK Framework
We decided to map this intrusion to the Mitre ATT&CK framework, as we have done previously for:
5 Ways Cybercriminals Can Access Your Emails Without Phishing
Here are 5 ways that cybercriminals gain access to emails without conducting a phishing campaign or network intrusion.
Phishing Site Impersonates Financial Services Institution
If the infamous bank robber, Willie Sutton, were alive today and honed his cyber skills, he might turn his attention ...
Tackling Phishing: The Most Popular Phishing Techniques and What You Can Do About It
We cover a range of the different techniques attackers of all persuasions (whether sophisticated nation state or low-level hacker) choose when performing their phishing campaigns.
Weekly Intelligence Summary 03 Oct - 10 Oct 2019
In the spotlight this week is the Iran-linked threat group “APT35”, which took aim at the email accounts of political entities in the United States and prominent Iranians living outside Iran.
Iran-Linked APT35, Skimming By Magecart 4, Rancour, And Emotet Resurgence
We’re back in London this week! Viktoria chats with Adam Cook, Philip Doherty, and Josh Poole on this week’s top stories. - APT35 Targets Email of US political figures & prominent Iranians -...
Dark Web Overdrive: The Criminal Marketplace Understood Through Cyberpunk Fiction
How can the modern network of .onion marketplaces be understood through novels about a cyberpunk dystopia? The answer is in how dark web marketplaces grow and die.
Texas Ransomware Outbreaks And Phishing Attacks Using Custom 404 Pages
Charles Ragland (a brand new ShadowTalk-er!) and Christian Rencken join Harrison this week to discuss an outbreak of ransomware attacks impacting local government entities across Texas. The team...
Facebook’s Libra Cryptocurrency: Cybercriminals tipping the scales in their favor
Since Facebook’s announcement on June 18, there has been a gold rush, with people scrambling to register a myriad of domain permutations that infringe on the new trademarks. These have ranged from see
Detecting Fake Social Media Profiles | Case Study
See how a bank removed a spoof social media profiles targeting customers.
Automating 2FA phishing and post-phishing looting with Muraena and Necrobrowser