Photon Research Team

Photon is Digital Shadows’ external facing security research team, comprised of security researchers, security practitioners and intelligence analysts. Photon is dedicated to researching trends in the threats organizations face from cyber criminals and accidental data exposure.

  • Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground

    Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground

    we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat

    Read Post
  • Digital Shadows Photon Research Team2:55

    Digital Shadows Photon Research Team

    Photon is Digital Shadows’ external facing security research team, comprised of security researchers, security practitioners and intelligence analysts. Photon is dedicated to researching trends in the

    Watch Video
  • Follow us on Twitter (@photon_research)

    Follow Us
  • Cybercriminal credit card stores: Is Brian out of the club?

    Cybercriminal credit card stores: Is Brian out of the club?

    In this blog, we determine whether this targeted attack on BriansClub will impact the wider cybercriminal credit carding landscape, and speculate whether it could galvanize the community to push anoth

    Read Post
  • BlueKeep Attacks, Megacortex Ransomware, and Web.com Breach

    BlueKeep Attacks, Megacortex Ransomware, and Web.com Breach

    This week the London team looks at the following stories: - BlueKeep Exploit Could Rapidly Spread - Megacortex Ransomware Changes Windows Passwords - Japanese Media Company Nikkei - $29 million...

    Read Post
  • Understanding the Different Cybercriminal Platforms: AVCs, Marketplaces, and Forums

    Understanding the Different Cybercriminal Platforms: AVCs, Marketplaces, and Forums

    We’re all familiar with forums and marketplaces (we use them in our daily lives – think Reddit, eBay, or Amazon, for example), but what exactly is an AVC? What do they look like?

    Read Post
  • Heard our ShadowTalk Threat Intelligence Podcast?

    Subscribe Here!
  • Your Cyber Security Career – Press start to begin

    Your Cyber Security Career – Press start to begin

    October was Cyber Security Awareness month, and as a follow-up, I thought it would be good to talk about careers in Information (or Cyber) Security.

    Read Post
  • 7.5M Adobe Creative Cloud User Records Exposed, City Of Joburg Ransomware Attack, and APT28 Updates

    7.5M Adobe Creative Cloud User Records Exposed, City Of Joburg Ransomware Attack, and APT28 Updates

    Adam Cook, Philip Doherty, and Viktoria Austin host this week’s ShadowTalk update around an unsecured Elasticsearch database exposing account information of aboutt 7.5 million Adobe Creative Cloud...

    Read Post
  • Weekly Intelligence Summary 31 Oct - 07 Nov 2019

    Weekly Intelligence Summary 31 Oct - 07 Nov 2019

    A string of data breach incidents affecting perceptively smaller organizations this week has outlined the need for all companies, regardless of size, to take a proactive security stance in preference

    Read Report
  • WiFi Security: Dispelling myths of using public networks

    WiFi Security: Dispelling myths of using public networks

    In this blog we are going to review where this view of dangerous public WiFi networks came from, how close it comes to reality, and how to actually protect yourself from the real dangers which can occ

    Read Post
  • Singapore Cyber Threat Landscape Updates 1H 2019

    Singapore Cyber Threat Landscape Updates 1H 2019

    Adam Cook, Philip Doherty, and Xueyin Peh join Viktoria Austin for a special ShadowTalk episode around the Singapore Cyber Threat Landscape. The team looks at the heightened threat level for...

    Read Post
  • Check out our Weekly Intelligence Summary

    Access Here
  • Honeypots: Tracking Attacks Against Misconfigured or Exposed Services

    Honeypots: Tracking Attacks Against Misconfigured or Exposed Services

    Honeypots can be useful tools for gathering information on current attack techniques. Conversely, they can be an overwhelming source of ...

    Read Post
  • Typosquatting and the 2020 U.S. Presidential election10:00

    Typosquatting and the 2020 U.S. Presidential election

    Photon Research Team thought it would be interesting to use this pool of candidates as a backdrop for research into typosquatted domains

    Watch Video
  • Typosquatting and the 2020 U.S. Election, Honeypots, And Sudo Vulnerability

    Typosquatting and the 2020 U.S. Election, Honeypots, And Sudo Vulnerability

    Kacey, Charles, Harrison, and Alex kick off this week’s episode talking about our Fall Dallas team event (an amateur version of Chopped). Then we dig into the hot topics of the week.

    Read Post
  • ANU Breach Report: Mapping to Mitre ATT&CK Framework

    ANU Breach Report: Mapping to Mitre ATT&CK Framework

    We decided to map this intrusion to the Mitre ATT&CK framework, as we have done previously for:

    Read Post
  • Iran-Linked APT35, Skimming By Magecart 4, Rancour, And Emotet Resurgence

    Iran-Linked APT35, Skimming By Magecart 4, Rancour, And Emotet Resurgence

    We’re back in London this week! Viktoria chats with Adam Cook, Philip Doherty, and Josh Poole on this week’s top stories. - APT35 Targets Email of US political figures & prominent Iranians -...

    Read Post
  • Dark Web Overdrive: The Criminal Marketplace Understood Through Cyberpunk Fiction

    Dark Web Overdrive: The Criminal Marketplace Understood Through Cyberpunk Fiction

    How can the modern network of .onion marketplaces be understood through novels about a cyberpunk dystopia? The answer is in how dark web marketplaces grow and die.

    Read Post
  • Top Threat Intelligence Podcasts to Add to Your Playlist

    Top Threat Intelligence Podcasts to Add to Your Playlist

    Looking for some new threat intelligence podcasts to add to your playlist? Look no further! Our Photon Threat Intelligence Research team shares their top tracks.

    Read Post
  • Two-Factor in Review

    Two-Factor in Review

    A technical assessment of the most popular mitigation for account takeover attacks

    Read Report
  • The Tyurin Indictment- Mapping To The Mitre ATT&CK™ Framework

    The Tyurin Indictment- Mapping To The Mitre ATT&CK™ Framework

    Director of Security Engineering, Richard Gold, joins Viktoria Austin in this special episode of ShadowTalk to look at the attacker goals, their TTPs, and map this to the Mitre PRE-ATT&CK and...

    Read Post
  • Domain Squatting: The Phisher-man’s Friend

    Domain Squatting: The Phisher-man’s Friend

    Simon talks about how easy it is to conduct domain squatting and typosquatting, and how little monitoring still goes on around them in the industry.

    Read Post
  • loading
    Loading More...