A recent indictment revealed how the GRU (Russia’s Military Intelligence agency) used both influence operations and network intrusions to achieve its policy aims. More precisely, the GRU weaponized the use of the network intrusions in its influence operations. The indictment goes into detail about the TTPs (Tactics, Techniques and Procedures) used by the attackers and it is worthwhile to pay careful attention to the adversary tradecraft that was used and how it can be defended against. For this blog we have used the MITRE ATT&CK™ framework as our methodology to play back the findings of the indictment: https://www.digitalshadows.com/blog-and-research/mitre-attck-and-the-mueller-gru-indictment-lessons-for-organizations/
Other content in this Stream
The nature of the services offered by technology companies means they often collect sensitive customer data and supply critical communication infrastructure to their clients.
Digital Shadows has been able to analyse a series of these bomb threat emails. In this blog, we provide six things we know so far.
We cover a range of the different techniques attackers of all persuasions (whether sophisticated nation state or low-level hacker) choose when performing their phishing campaigns.
For this blog, we looked at trends and events that have shaped the digital risk landscape this year and how they might play out in 2019.
30:01Hear from Neal Humphrey of ThreatQuotient and Brian Roy of Digital Shadows who will explain how to use tailored threat intelligence from the open, deep, and dark web to identify risks, gain context ab
Rick Holland and Harrison Van Riper join Michael Marriott to discuss the implications of the Marriott data breach, as well as a look forward to trends we might see in 2019. Specifically, we dig...
59:01The dark web continues to pose extremely dangerous threats as cyber criminals coordinate attacks and trade intelligence about your enterprise. Join us for us for an informative session on the 7 most p
Simon Hall and Richard Gold join Rafael Amado to wade in on the topic of phishing. By looking at details revealed in law enforcement indictments against nation state and organized criminal groups,...
Australian Signals Directorate Essential 8 The Australian Signals Directorate (ASD) has published what it calls the “Essential 8”: a set ...
With every year that passes, Black Friday seems to morph into a creation its original proponents could not have even ...
Back in September we released a blog about the large volume of sextortion email campaigns that were hitting people’s inboxes. ...
We took our recent work on the Mitre ATT&CK framework and various indictments of cyber criminals and nation state actors and mapped them to the Essential 8 framework.
In this research, Digital Shadows outlines the declining barriers to entry for this type of fraud. Check out our key findings.
The findings of this joint research between Digital Shadows and Onapsis shed light into how nation-state actors, cybercriminals and hacktivist groups are actively attacking these applications and what
Digital Shadows helped an IT manager of a large technology company discover a significant amount of their source code - including their credentials for their administrator - on a public site.
Harrison Van Riper and Rafael Amado join Michael Marriott to discuss the latest stories from the week. This week’s podcast has a strong Guy Richie flavor, with a focus on lock, stock and ru...
1:03:52Hear this informative session on mitigating risks from the dark web and best practices in data loss prevention.
When selecting the optimal CTI solution for your organization, buyers should use CARTER as a guide to assess threat intelligence providers across six critical categories.
49:02