This guide outlines what potential data sources, detection methods, context, and remediation actions to consider if you want to effectively monitor domains and mitigate the risk of data loss, exposed credentials, and negative reputational impacts.
Other content in this Stream
$1 for a cheap domain. $12.99 for 10m email contacts. Cybercriminals can launch phishing campaigns for under $20!
In this upcoming webinar, Harrison Van Riper and Alex Guirakhoo walk through the Ecosystem of Phishing. The team will cover New phishing data findings, How cybercriminals are crafting and distributing
we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat
The Digital Shadows service continually identifies when new potentially impersonating domains emerge, and provides a risk score based on contextual information such as whether the domain is hosting...
This blog will outline the top threats to brands we see online, and some of the best practices for protecting them.
Photon Research Team thought it would be interesting to use this pool of candidates as a backdrop for research into typosquatted domains
Digital Shadows integrates with Mimecast email security to proactively protect your employees from known domains posing a phishing risk, reducing the likelihood of successful phishing attacks.
Time and time again, we see how the cybercriminal ecosystem often mirrors what happens in the business world. This can ...
Simon talks about how easy it is to conduct domain squatting and typosquatting, and how little monitoring still goes on around them in the industry.
See how one global retailer detected almost 2,000 domains impersonating their brand.
Kacey, Charles, Harrison, and Alex kick off this week’s episode talking about our Fall Dallas team event (an amateur version of Chopped). Then we dig into the hot topics of the week.
In the spotlight this week is the “Simjacker” exploit, publicly disclosed in September 2019 and now potentially affecting entities across 29 countries.
We decided to map this intrusion to the Mitre ATT&CK framework, as we have done previously for:
Here are 5 ways that cybercriminals gain access to emails without conducting a phishing campaign or network intrusion.
If the infamous bank robber, Willie Sutton, were alive today and honed his cyber skills, he might turn his attention ...
We cover a range of the different techniques attackers of all persuasions (whether sophisticated nation state or low-level hacker) choose when performing their phishing campaigns.
In the spotlight this week is the Iran-linked threat group “APT35”, which took aim at the email accounts of political entities in the United States and prominent Iranians living outside Iran.
We’re back in London this week! Viktoria chats with Adam Cook, Philip Doherty, and Josh Poole on this week’s top stories. - APT35 Targets Email of US political figures & prominent Iranians -...
How can the modern network of .onion marketplaces be understood through novels about a cyberpunk dystopia? The answer is in how dark web marketplaces grow and die.
Charles Ragland (a brand new ShadowTalk-er!) and Christian Rencken join Harrison this week to discuss an outbreak of ransomware attacks impacting local government entities across Texas. The team...