Photon Research Team

Photon is Digital Shadows’ external facing security research team, comprised of security researchers, security practitioners and intelligence analysts. Photon is dedicated to researching trends in the threats organizations face from cyber criminals and accidental data exposure.

  • Year in Review: COVID-19 Concerns for Cybersecurity

    Year in Review: COVID-19 Concerns for Cybersecurity

    Note: This blog is a follow-up on our remote worker series on navigating security as organizations continue to work from ...

    Read Post

  • Operationalizing Cyber Threat Intelligence with SearchLight

    On-demand Webinar

    Watch Here
  • Initial Access Brokers Report

    Initial Access Brokers Report

    Initial access brokers are benefitting from a rise in adoption of remote access software. This Initial Access Brokers Report analyzes this phenomenon and what it means for security practitioners.

    Read Report

  • Follow us on Twitter (@photon_research)

    Follow Us
  • Weekly: Photon Team Talks BeagleBoys, DarkSide, and DeathStalker, oh my!

    Weekly: Photon Team Talks BeagleBoys, DarkSide, and DeathStalker, oh my!

    ShadowTalk hosts Kacey, Alec, Charles, and Rick bring you the latest in threat intel.

    Read Post
  • Special: Guest Geoff White Talks Best-Selling Book Crime Dot Com

    Special: Guest Geoff White Talks Best-Selling Book Crime Dot Com

    ShadowTalk hosts Viktoria and James talk to special guest Geoff about his best selling book Crime Dot Com.

    Read Post
  • Weekly: Garmin ransomware attack, QSnatch malware, and ShinyHunters Stage 2

    Weekly: Garmin ransomware attack, QSnatch malware, and ShinyHunters Stage 2

    This week it’s a full house with ShadowTalk hosts Alex, Kacey, Charles, Alec and Rick.

    Read Post

  • Heard our ShadowTalk Threat Intelligence Podcast?

    Subscribe Here!

  • Resources for Your Team during the Coronavirus Pandemic

    Take Me There
  • From Exposure to Takeover: The 15 billion stolen credentials allowing account takeover

    From Exposure to Takeover: The 15 billion stolen credentials allowing account takeover

    Over the past 2.5 years, we have been analyzing how cybercriminals conspire to prey upon users of online services by “taking over” the accounts they all use...

    Read Report
  • Weekly: Trickbot trojan mishaps, Emotet resurgence, Twitter takeovers, and APT group updates

    Weekly: Trickbot trojan mishaps, Emotet resurgence, Twitter takeovers, and APT group updates

    This week’s ShadowTalk hosts Adam, Demi, Stefano and Kim discuss the latest threat intelligence stories.

    Read Post
  • Webinar: Account Takeover: Data Findings, Popular Tools, and Prevalent Actors0:00

    Webinar: Account Takeover: Data Findings, Popular Tools, and Prevalent Actors

    Join the Photon team to learn about our latest research on account takeover.

    Watch Video

  • Ransomware Round-Up: On-demand Webinar

    Watch Here
  • Weekly: Twitter takeovers, Data Viper breached by NightLion, and a look at CryptBB

    Weekly: Twitter takeovers, Data Viper breached by NightLion, and a look at CryptBB

    This week’s ShadowTalk hosts Alex, Kacey, and Alec discuss the latest threat intelligence stories.

    Read Post
  • Weekly: PAN-OS Vulnerability, Lazarus Group, BEC scammer “Hushpuppi”, and New Photon ATO Research

    Weekly: PAN-OS Vulnerability, Lazarus Group, BEC scammer “Hushpuppi”, and New Photon ATO Research

    Digital Shadows team Viktoria, Demelza, Adam and Stefano host this week's podcast.

    Read Post

  • Check out our Weekly Intelligence Summary

    Access Here
  • SPECIAL: Guest Speaker Tom Schmitt Talks About His Origins in Cyber Threat Intel and TITO

    SPECIAL: Guest Speaker Tom Schmitt Talks About His Origins in Cyber Threat Intel and TITO

    CISO Rick Holland and Host Alex Guirakhoo chat with this week's special guest Tom Schmitt, Global Director of Threat Intelligence at Anheuser-Busch InBev.

    Read Post
  • Weekly: Torigon, Nulledflix, and BlueLeaks, Plus DevSecOps Insights From DS CISO Rick

    Weekly: Torigon, Nulledflix, and BlueLeaks, Plus DevSecOps Insights From DS CISO Rick

    Alex, Kacey, Charles and Rick host this week’s ShadowTalk to bring you the latest threat intelligence stories.

    Read Post
  • Dark Web Digest: Gaining Valuable Threat Intel from Cybercriminal Forums29:51

    Dark Web Digest: Gaining Valuable Threat Intel from Cybercriminal Forums

    In this webinar, Alex and Kacey cover dark web trends that we have recently observed, the risk impact associated with cybercriminal behaviors, and mitigation strategies for your organization.

    Watch Video
  • WEEKLY: Lookback Operators Deploy New Malware Against US Utilities Sector And Honda Cyber Attack

    WEEKLY: Lookback Operators Deploy New Malware Against US Utilities Sector And Honda Cyber Attack

    Demelza, Viktoria, Adam, and Stefano host this week’s ShadowTalk to bring you the latest threat intelligence stories from the week.

    Read Post
  • New DDoS protection tool advertised on the dark web

    New DDoS protection tool advertised on the dark web

    This blog examines a newly launched DDoS protection filter mechanism dubbed EndGame advertised last week on the dark web community ...

    Read Post
  • WEEKLY: Maze Ransomware Alliance, EndGame DDoS Protection Tool, And Ransomware Disguises

    WEEKLY: Maze Ransomware Alliance, EndGame DDoS Protection Tool, And Ransomware Disguises

    Alex is joined by Kacey and Charles this week to chat through the top threat intel stories of the week. This week’s highlights include Zorab Ransomware Disguised as STOP Djvu Ransomware...

    Read Post
  • CISA and FBI alert: Top vulnerabilities exploited from 2016-2019 and trends from 2020

    CISA and FBI alert: Top vulnerabilities exploited from 2016-2019 and trends from 2020

    A couple of weeks ago, the United States Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation ...

    Read Post
  • WEEKLY: Hacktivist Group Chooses Destruction Over Profit w/ Ransomware and Collection 1 Hacker Identified

    WEEKLY: Hacktivist Group Chooses Destruction Over Profit w/ Ransomware and Collection 1 Hacker Identified

    Pietro, Viktoria, Adam, and Demelza cover this week’s top threat intelligence stories, including a Hacktivist group choosing destruction over profit with ransomware.

    Read Post
  • Threat Model of a Remote Worker [Recorded Webinar]56:31

    Threat Model of a Remote Worker [Recorded Webinar]

    Though the remote-work landscape has been steadily moving forward over the past decade, COVID-19 has forced many organizations to accelerate their plans or create them on the fly. Digital Shadows has

    Watch Video
  • The 2020 Verizon Data Breach Investigations Report: One CISO’s View

    The 2020 Verizon Data Breach Investigations Report: One CISO’s View

    Sadly, Marvel’s Black Widow release date was pushed back as a result of COVID19, but thankfully the 2020 Verizon Data ...

    Read Post
  • loading
    Loading More...