The Photon Research Team have used the MITRE ATT&CK™ framework to map the tactics, techniques, and procedures detailed in the indictment and provide key lessons for organizations to take away. Additional on the tooling used for the SamSam ransomware attacks are available in the Avoiding the Shakedown section of our “A Tale of Epic Extortions” research report.The Photon Research Team have used the MITRE ATT&CK™ framework to map the tactics, techniques, and procedures detailed in the indictment and provide key lessons for organizations to take away. Additional on the tooling used for the SamSam ransomware attacks are available in the Avoiding the Shakedown section of our “A Tale of Epic Extortions” research report
Photon Research Team Shines Light On Digital Risks
I’m very excited to announce the launch of the Digital Shadows’ Photon Research Team. We have decided to bo...
Other content in this Stream
Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground
we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat
Digital Shadows Photon Research Team
Photon is Digital Shadows’ external facing security research team, comprised of security researchers, security practitioners and intelligence analysts. Photon is dedicated to researching trends in the
Cybercriminal credit card stores: Is Brian out of the club?
In this blog, we determine whether this targeted attack on BriansClub will impact the wider cybercriminal credit carding landscape, and speculate whether it could galvanize the community to push anoth
BlueKeep Attacks, Megacortex Ransomware, and Web.com Breach
This week the London team looks at the following stories: - BlueKeep Exploit Could Rapidly Spread - Megacortex Ransomware Changes Windows Passwords - Japanese Media Company Nikkei - $29 million...
Understanding the Different Cybercriminal Platforms: AVCs, Marketplaces, and Forums
We’re all familiar with forums and marketplaces (we use them in our daily lives – think Reddit, eBay, or Amazon, for example), but what exactly is an AVC? What do they look like?
Your Cyber Security Career – Press start to begin
October was Cyber Security Awareness month, and as a follow-up, I thought it would be good to talk about careers in Information (or Cyber) Security.
7.5M Adobe Creative Cloud User Records Exposed, City Of Joburg Ransomware Attack, and APT28 Updates
Adam Cook, Philip Doherty, and Viktoria Austin host this week’s ShadowTalk update around an unsecured Elasticsearch database exposing account information of aboutt 7.5 million Adobe Creative Cloud...
Weekly Intelligence Summary 31 Oct - 07 Nov 2019
A string of data breach incidents affecting perceptively smaller organizations this week has outlined the need for all companies, regardless of size, to take a proactive security stance in preference
WiFi Security: Dispelling myths of using public networks
In this blog we are going to review where this view of dangerous public WiFi networks came from, how close it comes to reality, and how to actually protect yourself from the real dangers which can occ
Singapore Cyber Threat Landscape Updates 1H 2019
Adam Cook, Philip Doherty, and Xueyin Peh join Viktoria Austin for a special ShadowTalk episode around the Singapore Cyber Threat Landscape. The team looks at the heightened threat level for...
Honeypots: Tracking Attacks Against Misconfigured or Exposed Services
Honeypots can be useful tools for gathering information on current attack techniques. Conversely, they can be an overwhelming source of ...
Typosquatting and the 2020 U.S. Presidential election
Photon Research Team thought it would be interesting to use this pool of candidates as a backdrop for research into typosquatted domains
Typosquatting and the 2020 U.S. Election, Honeypots, And Sudo Vulnerability
Kacey, Charles, Harrison, and Alex kick off this week’s episode talking about our Fall Dallas team event (an amateur version of Chopped). Then we dig into the hot topics of the week.
ANU Breach Report: Mapping to Mitre ATT&CK Framework
We decided to map this intrusion to the Mitre ATT&CK framework, as we have done previously for:
Iran-Linked APT35, Skimming By Magecart 4, Rancour, And Emotet Resurgence
We’re back in London this week! Viktoria chats with Adam Cook, Philip Doherty, and Josh Poole on this week’s top stories. - APT35 Targets Email of US political figures & prominent Iranians -...
Dark Web Overdrive: The Criminal Marketplace Understood Through Cyberpunk Fiction
How can the modern network of .onion marketplaces be understood through novels about a cyberpunk dystopia? The answer is in how dark web marketplaces grow and die.
Top Threat Intelligence Podcasts to Add to Your Playlist
Looking for some new threat intelligence podcasts to add to your playlist? Look no further! Our Photon Threat Intelligence Research team shares their top tracks.
Two-Factor in Review
A technical assessment of the most popular mitigation for account takeover attacks
The Tyurin Indictment- Mapping To The Mitre ATT&CK™ Framework
Director of Security Engineering, Richard Gold, joins Viktoria Austin in this special episode of ShadowTalk to look at the attacker goals, their TTPs, and map this to the Mitre PRE-ATT&CK and...
Domain Squatting: The Phisher-man’s Friend