A recent indictment revealed how the GRU (Russia’s Military Intelligence agency) used both influence operations and network intrusions to achieve its policy aims. More precisely, the GRU weaponized the use of the network intrusions in its influence operations. The indictment goes into detail about the TTPs (Tactics, Techniques and Procedures) used by the attackers and it is worthwhile to pay careful attention to the adversary tradecraft that was used and how it can be defended against. For this blog we have used the MITRE ATT&CK™ framework as our methodology to play back the findings of the indictment: https://www.digitalshadows.com/blog-and-research/mitre-attck-and-the-mueller-gru-indictment-lessons-for-organizations/
Other content in this Stream
The nature of the services offered by technology companies means they often collect sensitive customer data and supply critical communication infrastructure to their clients.
This practical guide provides advice to help understand how to identify critical business assets, understand the threat, monitor for exposure, and take action.
Highlights from the week include: A new financially motivated threat actor advertised up to 841 million data records for sale on Dream Market; “APT-C-36” has targeted multiple Colombian sectors, inclu
Digital Shadows’ Photon Research Team has found that cybercriminals have diversified their extortion methods, and the threat landscape is as wide and varied as it’s ever been.
In this report, you will learn the emergence of Digital Risk Protection, a framework for protecting against Digital Risks, questions the C-Suite should be asking.
In our previous extended blog, Tackling Phishing: The Most Popular Phishing Techniques and What You Can Do About It, we ...
In our most recent research, A Tale of Epic Extortions, the Digital Shadows Photon Research Team approached the topic of ...
50:49Hear firsthand from FBI Cyber Squad Supervisory Special Agent, Elvis Chan on the cyber threats that you’re most likely to encounter in 2019. You’ll also hear from Harrison Van Riper on cyber threat tr
The Panama Papers in 2016 highlighted the challenges facing investigators dealing with large document leaks. With over 11.5 million documents ...
We cover a range of the different techniques attackers of all persuasions (whether sophisticated nation state or low-level hacker) choose when performing their phishing campaigns.
Back in September we released a blog about the large volume of sextortion email campaigns that were hitting people’s inboxes. ...
For this blog, we looked at trends and events that have shaped the digital risk landscape this year and how they might play out in 2019.
30:01Hear from Neal Humphrey of ThreatQuotient and Brian Roy of Digital Shadows who will explain how to use tailored threat intelligence from the open, deep, and dark web to identify risks, gain context ab
59:01The dark web continues to pose extremely dangerous threats as cyber criminals coordinate attacks and trade intelligence about your enterprise. Join us for us for an informative session on the 7 most p
Australian Signals Directorate Essential 8 The Australian Signals Directorate (ASD) has published what it calls the “Essential 8”: a set ...
With every year that passes, Black Friday seems to morph into a creation its original proponents could not have even ...
We took our recent work on the Mitre ATT&CK framework and various indictments of cyber criminals and nation state actors and mapped them to the Essential 8 framework.
