A recent indictment revealed how the GRU (Russia’s Military Intelligence agency) used both influence operations and network intrusions to achieve its policy aims. More precisely, the GRU weaponized the use of the network intrusions in its influence operations. The indictment goes into detail about the TTPs (Tactics, Techniques and Procedures) used by the attackers and it is worthwhile to pay careful attention to the adversary tradecraft that was used and how it can be defended against. For this blog we have used the MITRE ATT&CK™ framework as our methodology to play back the findings of the indictment: https://www.digitalshadows.com/blog-and-research/mitre-attck-and-the-mueller-gru-indictment-lessons-for-organizations/
Too Much Information Misconfigured FTP, SMB, Rsync, and S3 Buckets Exposing 1.5 Billion Files
Digital Shadows finds 1.5 billion business and consumer files exposed online – just one month before busine...
Error - something went wrong!
Other content in this Stream
Top Cyber Threats to the Technology Sector
The nature of the services offered by technology companies means they often collect sensitive customer data and supply critical communication infrastructure to their clients.
Nightmare Market In Disarray And SEC Investigation Into Data Leak At First American Financial Corp
Harrison is back! Alex and Christian join this week to discuss how Black Hat and DEFCON went last week, analyze the irregularities of the dark web criminal market, Nightmare, and explore the story...
Two-Factor in Review
A technical assessment of the most popular mitigation for account takeover attacks
Weekly Intelligence Summary 08 Aug - 15 Aug 2019
In the spotlight this week are details of ongoing sextortion campaigns which consistently use unsophisticated tactics and techniques to target users indiscriminately.
Facebook’s Libra Cryptocurrency: Cybercriminals tipping the scales in their favor
Since Facebook’s announcement on June 18, there has been a gold rush, with people scrambling to register a myriad of domain permutations that infringe on the new trademarks. These have ranged from see
Too Much Information: The Sequel | New Research
There are now 750 million more files exposed than we reported last year; not all of them are blatantly sensitive, but there is plenty of gold in these mountains.
A Practical Guide to Reducing Digital Risk
This practical guide provides advice to help understand how to identify critical business assets, understand the threat, monitor for exposure, and take action.
Detecting Spoof Domains - Domain Infringement | Case Study
See how one global retailer detected almost 2,000 domains impersonating their brand.
Best Practices Protecting Your Brand Online - Webinar Recording
Learn how to combat Online counterfeiting, Trademark infringement, Fake social media sites, Fraudulent websites, and Fake mobile apps. Check out this recorded webinar for more.
FBI IC3: Cybercrime Surges in 2018, Causing $2.7 Billion in Losses
This week, the Federal Bureau of Investigation released its 2018 Internet Crime Complaints Center (IC3). In 2018, the IC3 responded ...
A Tale of Epic Extortions - How Cybercriminals Monetize Our Online Exposure
Digital Shadows’ Photon Research Team has found that cybercriminals have diversified their extortion methods, and the threat landscape is as wide and varied as it’s ever been.
Detecting Exposed Credentials | Case Study
See how one large bank detected more than 50,000 exposed credentials in 1 year.
Digital Risk: The C-Suite's Critical Missing Part of Overall Risk
In this report, you will learn the emergence of Digital Risk Protection, a framework for protecting against Digital Risks, questions the C-Suite should be asking.
Digital Risk Protection: Forrester New Wave Report
Digital Shadows Named a "Leader" in 2018 Forrester New Wave for Digital Risk Protection
Detecting Fake Social Media Profiles | Case Study
See how a bank removed a spoof social media profiles targeting customers.
FBI Cyber Squad: Surging Cyber Threats to Watch in 2019 - Recorded Webinar
Hear firsthand from FBI Cyber Squad Supervisory Special Agent, Elvis Chan on the cyber threats that you’re most likely to encounter in 2019. You’ll also hear from Harrison Van Riper on cyber threat tr
ISO27001 certification - Interview with CISO Rick Holland of Digital Shadows
CISO Rick Holland is interviewed around Digital Shadows' ISO27001 certification. This is an important compliance milestone for our customers.
Security Practitioner’s Guide to Email Spoofing and Risk Reduction
In our previous extended blog, Tackling Phishing: The Most Popular Phishing Techniques and What You Can Do About It, we ...
Detecting Infrastructure Weaknesses - Open Ports | Case Study
See how a technology company prevented a possible ransomware infection.
Extortion Exposed: Sextortion, thedarkoverlord, and SamSam