A recent indictment revealed how the GRU (Russia’s Military Intelligence agency) used both influence operations and network intrusions to achieve its policy aims. More precisely, the GRU weaponized the use of the network intrusions in its influence operations. The indictment goes into detail about the TTPs (Tactics, Techniques and Procedures) used by the attackers and it is worthwhile to pay careful attention to the adversary tradecraft that was used and how it can be defended against. For this blog we have used the MITRE ATT&CK™ framework as our methodology to play back the findings of the indictment: https://www.digitalshadows.com/blog-and-research/mitre-attck-and-the-mueller-gru-indictment-lessons-for-organizations/
Too Much Information Misconfigured FTP, SMB, Rsync, and S3 Buckets Exposing 1.5 Billion Files
Digital Shadows finds 1.5 billion business and consumer files exposed online – just one month before busine...
Error - something went wrong!
Other content in this Stream
Top Cyber Threats to the Technology Sector
The nature of the services offered by technology companies means they often collect sensitive customer data and supply critical communication infrastructure to their clients.
Digital Risk Protection: Forrester New Wave Report
Digital Shadows Named a "Leader" in 2018 Forrester New Wave for Digital Risk Protection
Weekly Intelligence Summary 17 Jan 2020
The cyber-extortion landscape has shown real signs of strength and advancement in the past three months...
NSA Vulnerability Disclosure, Ransomware News, And Iran Updates
Kacey, Charles, Alex, and Harrison host this week’s threat intelligence update from Dallas. We kick off with vulnerabilities from the week. This includes both the NSA CVE and Citrix CVE. The team...
Third Party Risk: 4 ways to manage your security ecosystem
The digital economy has multiplied the number of suppliers that organizations work and interact with. Using a supplier can ...
NSA Vulnerability Disclosure: Pros and Cons
On Monday, January 13th, Brian Krebs reported that Microsoft would be releasing “a software update on Tuesday to fix ...
A Practical Guide to Reducing Digital Risk
This practical guide provides advice to help understand how to identify critical business assets, understand the threat, monitor for exposure, and take action.
Too Much Information: The Sequel | New Research
There are now 750 million more files exposed than we reported last year; not all of them are blatantly sensitive, but there is plenty of gold in these mountains.
Domain Squatting: The Phisher-man’s Friend
Simon talks about how easy it is to conduct domain squatting and typosquatting, and how little monitoring still goes on around them in the industry.
Detecting Fake Social Media Profiles | Case Study
See how a bank removed a spoof social media profiles targeting customers.
The Modern Cybercriminal Forum
We took a deep-dive into the cybercriminal underground to investigate the persistence of forums, uncovering several reasons they remain attractive amid appealing alternatives.
2020 Cybersecurity Forecasts: 5 trends and predictions for the new year
In this blog, we discuss several significant trends and events that have helped shape the cyber threat landscape, all of which will almost certainly continue through 2020.
Dark Web Marketplace Trends 2019
Our team of researchers recently dug into the different popular dark web marketplaces to understand which marketplaces are gaining the most traction and what is being sold on these cybercriminal platf
How One Global Retailer Detected Almost 2,000 Spoof Domains | Case Study
See how one global retailer detected almost 2,000 domains impersonating their brand.
Threat Intelligence: A Deep Dive
Welcome to our deep dive on threat intelligence: intended to help security professionals embarking on creating and building a ...
Forums are Forever – Part 1: Cybercrime Never Dies
The survival of the cybercriminal forum in the face of new, more secure technologies and constant pressure from law enforcement does not come as a surprise to researchers at Digital Shadows.
Forums are Forever – Part 2: Shaken, but not Stirred
Part 2 looks at cybercriminal forum users’ resistance to moving away from the forum model.
A Threat Intelligence Analyst’s Guide to Today’s Sources of Bias
This blog seeks to rebalance intelligence tradecraft discussions by highlighting some of the less glamorous everyday sources of bias that are too often overlooked.
Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground
we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat
Asset Inventory Management: Difficult But Essential