A recent indictment revealed how the GRU (Russia’s Military Intelligence agency) used both influence operations and network intrusions to achieve its policy aims. More precisely, the GRU weaponized the use of the network intrusions in its influence operations. The indictment goes into detail about the TTPs (Tactics, Techniques and Procedures) used by the attackers and it is worthwhile to pay careful attention to the adversary tradecraft that was used and how it can be defended against. For this blog we have used the MITRE ATT&CK™ framework as our methodology to play back the findings of the indictment: https://www.digitalshadows.com/blog-and-research/mitre-attck-and-the-mueller-gru-indictment-lessons-for-organizations/
Too Much Information Misconfigured FTP, SMB, Rsync, and S3 Buckets Exposing 1.5 Billion Files
Digital Shadows finds 1.5 billion business and consumer files exposed online – just one month before busine...
Error - something went wrong!
Other content in this Stream
Top Cyber Threats to the Technology Sector
The nature of the services offered by technology companies means they often collect sensitive customer data and supply critical communication infrastructure to their clients.
A Practical Guide to Reducing Digital Risk
This practical guide provides advice to help understand how to identify critical business assets, understand the threat, monitor for exposure, and take action.
Digital Risk: The C-Suite's Critical Missing Part of Overall Risk
In this report, you will learn the emergence of Digital Risk Protection, a framework for protecting against Digital Risks, questions the C-Suite should be asking.
Security Practitioner’s Guide to Email Spoofing and Risk Reduction
In our previous extended blog, Tackling Phishing: The Most Popular Phishing Techniques and What You Can Do About It, we ...
Weekly Intelligence Summary: Ep 4
This week, Alex Guirakhoo and Jamie Collier join Harrison to discuss APT39, a new Iran-linked espionage group, as well as other highlights from this week involving updated information about...
FBI Cyber Squad: Surging Cyber Threats to Watch in 2019 - Recorded Webinar
Hear firsthand from FBI Cyber Squad Supervisory Special Agent, Elvis Chan on the cyber threats that you’re most likely to encounter in 2019. You’ll also hear from Harrison Van Riper on cyber threat tr
Digital Risk Protection 2018 Forrester New Wave
Digital Shadows Named a "Leader" in 2018 Forrester New Wave for Digital Risk Protection
Detecting Infrastructure Weaknesses - Open Ports
See how a technology company prevented a possible ransomware infection.
Powering Investigations with Nuix Software: The Case of thedarkoverlord and the 9/11 Files
The Panama Papers in 2016 highlighted the challenges facing investigators dealing with large document leaks. With over 11.5 million documents ...
Tackling Phishing: The Most Popular Phishing Techniques and What You Can Do About It
We cover a range of the different techniques attackers of all persuasions (whether sophisticated nation state or low-level hacker) choose when performing their phishing campaigns.
Sextortion 2.0: A New Lure
Back in September we released a blog about the large volume of sextortion email campaigns that were hitting people’s inboxes. ...
2019 Cyber Security Forecasts: Six Things on the Horizon
For this blog, we looked at trends and events that have shaped the digital risk landscape this year and how they might play out in 2019.
How to Leverage Threat Intelligence to Protect Against Digital Risks
Hear from Neal Humphrey of ThreatQuotient and Brian Roy of Digital Shadows who will explain how to use tailored threat intelligence from the open, deep, and dark web to identify risks, gain context ab
Mitigating the Top 7 Dark Web Threats to Your Enterprise
The dark web continues to pose extremely dangerous threats as cyber criminals coordinate attacks and trade intelligence about your enterprise. Join us for us for an informative session on the 7 most p
Mapping the ASD Essential 8 to the Mitre ATT&CK™ framework
Australian Signals Directorate Essential 8 The Australian Signals Directorate (ASD) has published what it calls the “Essential 8”: a set ...
Black Friday and Cybercrime: Retail’s Frankenstein Monster
With every year that passes, Black Friday seems to morph into a creation its original proponents could not have even ...
Infographic: Mapping the ASD Essential 8 to the Mitre ATTCK framework
We took our recent work on the Mitre ATT&CK framework and various indictments of cyber criminals and nation state actors and mapped them to the Essential 8 framework.
Cybercriminals on the Outlook for Your Emails
In this research, Digital Shadows outlines the declining barriers to entry for this type of fraud. Check out our key findings.
ERP Applications Under Fire
The findings of this joint research between Digital Shadows and Onapsis shed light into how nation-state actors, cybercriminals and hacktivist groups are actively attacking these applications and what
Source Code and Admin Password Shared on Public Site by Developer