A recent indictment revealed how the GRU (Russia’s Military Intelligence agency) used both influence operations and network intrusions to achieve its policy aims. More precisely, the GRU weaponized the use of the network intrusions in its influence operations. The indictment goes into detail about the TTPs (Tactics, Techniques and Procedures) used by the attackers and it is worthwhile to pay careful attention to the adversary tradecraft that was used and how it can be defended against. For this blog we have used the MITRE ATT&CK™ framework as our methodology to play back the findings of the indictment: https://www.digitalshadows.com/blog-and-research/mitre-attck-and-the-mueller-gru-indictment-lessons-for-organizations/
Other content in this Stream
The nature of the services offered by technology companies means they often collect sensitive customer data and supply critical communication infrastructure to their clients.
The cyber-extortion landscape has shown real signs of strength and advancement in the past three months...
Kacey, Charles, Alex, and Harrison host this week’s threat intelligence update from Dallas. We kick off with vulnerabilities from the week. This includes both the NSA CVE and Citrix CVE. The team...
The digital economy has multiplied the number of suppliers that organizations work and interact with. Using a supplier can ...
On Monday, January 13th, Brian Krebs reported that Microsoft would be releasing “a software update on Tuesday to fix ...
This practical guide provides advice to help understand how to identify critical business assets, understand the threat, monitor for exposure, and take action.
There are now 750 million more files exposed than we reported last year; not all of them are blatantly sensitive, but there is plenty of gold in these mountains.
Simon talks about how easy it is to conduct domain squatting and typosquatting, and how little monitoring still goes on around them in the industry.
We took a deep-dive into the cybercriminal underground to investigate the persistence of forums, uncovering several reasons they remain attractive amid appealing alternatives.
In this blog, we discuss several significant trends and events that have helped shape the cyber threat landscape, all of which will almost certainly continue through 2020.
Our team of researchers recently dug into the different popular dark web marketplaces to understand which marketplaces are gaining the most traction and what is being sold on these cybercriminal platf
Welcome to our deep dive on threat intelligence: intended to help security professionals embarking on creating and building a ...
The survival of the cybercriminal forum in the face of new, more secure technologies and constant pressure from law enforcement does not come as a surprise to researchers at Digital Shadows.
Part 2 looks at cybercriminal forum users’ resistance to moving away from the forum model.
This blog seeks to rebalance intelligence tradecraft discussions by highlighting some of the less glamorous everyday sources of bias that are too often overlooked.
we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat
