Photon Research Team

Photon is Digital Shadows’ external facing security research team, comprised of security researchers, security practitioners and intelligence analysts. Photon is dedicated to researching trends in the threats organizations face from cyber criminals and accidental data exposure.

  • The Modern Cybercriminal Forum

    The Modern Cybercriminal Forum

    We took a deep-dive into the cybercriminal underground to investigate the persistence of forums, uncovering several reasons they remain attractive amid appealing alternatives.

    Read Report

  • Party with us at RSA Conference 2020!

    RSVP Now
  • Digital Shadows Photon Research Team2:55

    Digital Shadows Photon Research Team

    Photon is Digital Shadows’ external facing security research team, comprised of security researchers, security practitioners and intelligence analysts. Photon is dedicated to researching trends in the

    Watch Video

  • Follow us on Twitter (@photon_research)

    Follow Us
  • Citrix Vulnerability, Microsoft Data Breach, and Telnet Credentials Published

    Citrix Vulnerability, Microsoft Data Breach, and Telnet Credentials Published

    Following on from last week, Citrix released a first set of patches to fix a vulnerability (CVE-2019 -19781) affecting the company’s NetScaler ADC Application Delivery Controller and it’s Citrix...

    Read Post
  • Iranian Cyber Threats: Practical Advice for Security Professionals

    Iranian Cyber Threats: Practical Advice for Security Professionals

    Unless you went very dark for an extended holiday break, you are no doubt very well aware of the United ...

    Read Post
  • NSA Vulnerability Disclosure, Ransomware News, And Iran Updates

    NSA Vulnerability Disclosure, Ransomware News, And Iran Updates

    Kacey, Charles, Alex, and Harrison host this week’s threat intelligence update from Dallas. We kick off with vulnerabilities from the week. This includes both the NSA CVE and Citrix CVE. The team...

    Read Post

  • Heard our ShadowTalk Threat Intelligence Podcast?

    Subscribe Here!
  • NSA Vulnerability Disclosure: Pros and Cons

    NSA Vulnerability Disclosure: Pros and Cons

      On Monday, January 13th, Brian Krebs reported that Microsoft would be releasing “a software update on Tuesday to fix ...

    Read Post
  • CVE-2019-19781: Analyzing the Exploit

    CVE-2019-19781: Analyzing the Exploit

      On December 17th 2019, CVE-2019-19781 was disclosed. The vulnerability allows for directory traversal and remote code execution on Citrix ...

    Read Post
  • Cryptonite: Ransomware’s answer to Superman…

    Cryptonite: Ransomware’s answer to Superman…

    A new ransomware-as-a-service (RaaS) platform called Cryptonite plans to not only bring ransomware to the masses, but has the added benefit of reportedly being fully undetectable, requiring minimal...

    Read Post
  • Iran and the United States – start of the long war or return to normal?

    Iran and the United States – start of the long war or return to normal?

    There are useful precedents that can assist when we consider how this will unfold in the near-term future.

    Read Post
  • Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and Essential 819:50

    Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and Essential 8

    Rick Holland and Richard Gold talk through the team's research into Iranian APT groups' tradecraft styles using Mitre ATT&CK™ and the ASD Essential 8.

    Watch Video

  • Check out our Weekly Intelligence Summary

    Access Here
  • Iran and Soleimani: Monitoring the Situation

    Iran and Soleimani: Monitoring the Situation

    We focus on the cyber-related fallout from the situation, and ways that they may or may not impact our clients. We will continue to update this blog as related events unfold.

    Read Post
  • Iranian Cyber Threats: Practical Advice From CISO Rick Holland

    Iranian Cyber Threats: Practical Advice From CISO Rick Holland

    Rick Holland (CISO at Digital Shadows) joins Harrison to share his thoughts on the Iranian cyber threat and what it means for cyber defenders. What should security practitioners be concerned...

    Read Post
  • Iranian Cyber Threats: Practical Advice for Security Professionals28:12

    Iranian Cyber Threats: Practical Advice for Security Professionals

    Rick Holland and Harrison Van Riper sit down to walk through Rick's latest blog on advice around the Iranian cyber threats.

    Watch Video
  • Iranian Cyber Threats, Travelex Ransomware Attack, And Exploit Forum Updates

    Iranian Cyber Threats, Travelex Ransomware Attack, And Exploit Forum Updates

    Viktoria hosts this week and introduces the episode bringing Sammy on to provide some regional insight and context around the Iranian cyber threat and discusses whether a cyber response is likely.

    Read Post
  • Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and the ASD Essential 8

    Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and the ASD Essential 8

    We will use the Essential 8 as part of our toolkit in thinking about how to mitigate against the TTPs used by these APT groups.

    Read Post
  • Jingle Bell Ryuk: NOLA Ransomware, Ring Doorbells, And 2020 Predictions

    Jingle Bell Ryuk: NOLA Ransomware, Ring Doorbells, And 2020 Predictions

    CISO Rick Holland joins our ShadowTalk hosts (Viktoria, Alex, and Harrison) for our holiday special! This week the team covers: - Ring Doorbell security - New Orleans victim of Ryuk Ransomware -...

    Read Post
  • The Closure of Market.ms: A Cybercriminal Marketplace Ahead of Its Time

    The Closure of Market.ms: A Cybercriminal Marketplace Ahead of Its Time

    While it may be challenging to assess what went wrong for market[.]ms conclusively, this blog examines some potential reasons behind its demise, as well as looking at the extraordinary professionalism

    Read Post
  • 2020 Cybersecurity Forecasts: 5 trends and predictions for the new year

    2020 Cybersecurity Forecasts: 5 trends and predictions for the new year

    In this blog, we discuss several significant trends and events that have helped shape the cyber threat landscape, all of which will almost certainly continue through 2020.

    Read Post
  • Forums are Forever – Part 1: Cybercrime Never Dies

    Forums are Forever – Part 1: Cybercrime Never Dies

    The survival of the cybercriminal forum in the face of new, more secure technologies and constant pressure from law enforcement does not come as a surprise to researchers at Digital Shadows.

    Read Post
  • Tochka Dark Web Market Offline, Market.ms Closes, And Data Leakage Stories

    Tochka Dark Web Market Offline, Market.ms Closes, And Data Leakage Stories

    Alex, Harrison, Kacey, and Charles chat this week on some dark web and cybercriminal updates, data leakage stories that have hit the news, plus a GDPR story where an ISP was hit with a €9.6...

    Read Post
  • loading
    Loading More...