Threat Intelligence

Understand threat actors, their behavior, and the assets they target.

Threat Intelligence: A Deep Dive

Welcome to our deep dive on threat intelligence: intended to help security professionals embarking on creating and building a ...
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
Weekly Intelligence Summary 17 Jan 2020

The cyber-extortion landscape has shown real signs of strength and advancement in the past three months...
- Facebook
- Twitter
- Email
- LinkedIn
Read Report
Threat Intelligence

Understand threat actors, their behavior, and the assets they target.
- Facebook
- Twitter
- Email
- LinkedIn
Read Report
Top Threat Intelligence Podcasts to Add to Your Playlist

Looking for some new threat intelligence podcasts to add to your playlist? Look no further! Our Photon Threat Intelligence Research team shares their top tracks.
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
Heard our ShadowTalk Threat Intelligence Podcast?
Subscribe Here!
NSA Vulnerability Disclosure, Ransomware News, And Iran Updates

Kacey, Charles, Alex, and Harrison host this week’s threat intelligence update from Dallas. We kick off with vulnerabilities from the week. This includes both the NSA CVE and Citrix CVE. The team...
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and the ASD Essential 8

We will use the Essential 8 as part of our toolkit in thinking about how to mitigate against the TTPs used by these APT groups.
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
Iranian Cyber Threats: Practical Advice for Security Professionals

Unless you went very dark for an extended holiday break, you are no doubt very well aware of the United ...
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
Iranian Cyber Threats: Practical Advice From CISO Rick Holland

Rick Holland (CISO at Digital Shadows) joins Harrison to share his thoughts on the Iranian cyber threat and what it means for cyber defenders. What should security practitioners be concerned...
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
Third Party Risk: 4 ways to manage your security ecosystem

The digital economy has multiplied the number of suppliers that organizations work and interact with. Using a supplier can ...
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
NSA Vulnerability Disclosure: Pros and Cons

On Monday, January 13th, Brian Krebs reported that Microsoft would be releasing “a software update on Tuesday to fix ...
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
CVE-2019-19781: Analyzing the Exploit

On December 17th 2019, CVE-2019-19781 was disclosed. The vulnerability allows for directory traversal and remote code execution on Citrix ...
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
Cryptonite: Ransomware’s answer to Superman…

A new ransomware-as-a-service (RaaS) platform called Cryptonite plans to not only bring ransomware to the masses, but has the added benefit of reportedly being fully undetectable, requiring minimal...
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
Iranian Cyber Threats, Travelex Ransomware Attack, And Exploit Forum Updates

Viktoria hosts this week and introduces the episode bringing Sammy on to provide some regional insight and context around the Iranian cyber threat and discusses whether a cyber response is likely.
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
19:50
Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and Essential 8

Rick Holland and Richard Gold talk through the team's research into Iranian APT groups' tradecraft styles using Mitre ATT&CK™ and the ASD Essential 8.
- Facebook
- Twitter
- Email
- LinkedIn
Watch Video
Iran and Soleimani: Monitoring the Situation

We focus on the cyber-related fallout from the situation, and ways that they may or may not impact our clients. We will continue to update this blog as related events unfold.
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
28:12
Iranian Cyber Threats: Practical Advice for Security Professionals

Rick Holland and Harrison Van Riper sit down to walk through Rick's latest blog on advice around the Iranian cyber threats.
- Facebook
- Twitter
- Email
- LinkedIn
Watch Video
The Closure of Market.ms: A Cybercriminal Marketplace Ahead of Its Time

While it may be challenging to assess what went wrong for market[.]ms conclusively, this blog examines some potential reasons behind its demise, as well as looking at the extraordinary professionalism
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
Jingle Bell Ryuk: NOLA Ransomware, Ring Doorbells, And 2020 Predictions

CISO Rick Holland joins our ShadowTalk hosts (Viktoria, Alex, and Harrison) for our holiday special! This week the team covers: - Ring Doorbell security - New Orleans victim of Ryuk Ransomware -...
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
2020 Cybersecurity Forecasts: 5 trends and predictions for the new year

In this blog, we discuss several significant trends and events that have helped shape the cyber threat landscape, all of which will almost certainly continue through 2020.
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
Tochka Dark Web Market Offline, Market.ms Closes, And Data Leakage Stories

Alex, Harrison, Kacey, and Charles chat this week on some dark web and cybercriminal updates, data leakage stories that have hit the news, plus a GDPR story where an ISP was hit with a €9.6...
- Facebook
- Twitter
- Email
- LinkedIn
Read Post
Loading More...

Threat Intelligence

Threat Intelligence: A Deep Dive

Welcome to our deep dive on threat intelligence: intended to help security professionals embarking on creating and building a ...

Weekly Intelligence Summary 17 Jan 2020

The cyber-extortion landscape has shown real signs of strength and advancement in the past three months...

Threat Intelligence

Understand threat actors, their behavior, and the assets they target.

Top Threat Intelligence Podcasts to Add to Your Playlist

Looking for some new threat intelligence podcasts to add to your playlist? Look no further! Our Photon Threat Intelligence Research team shares their top tracks.

NSA Vulnerability Disclosure, Ransomware News, And Iran Updates

Kacey, Charles, Alex, and Harrison host this week’s threat intelligence update from Dallas. We kick off with vulnerabilities from the week. This includes both the NSA CVE and Citrix CVE. The team...

Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and the ASD Essential 8

We will use the Essential 8 as part of our toolkit in thinking about how to mitigate against the TTPs used by these APT groups.

Iranian Cyber Threats: Practical Advice for Security Professionals

Unless you went very dark for an extended holiday break, you are no doubt very well aware of the United ...

Iranian Cyber Threats: Practical Advice From CISO Rick Holland

Rick Holland (CISO at Digital Shadows) joins Harrison to share his thoughts on the Iranian cyber threat and what it means for cyber defenders. What should security practitioners be concerned...

Third Party Risk: 4 ways to manage your security ecosystem

The digital economy has multiplied the number of suppliers that organizations work and interact with. Using a supplier can ...

NSA Vulnerability Disclosure: Pros and Cons

On Monday, January 13th, Brian Krebs reported that Microsoft would be releasing “a software update on Tuesday to fix ...

CVE-2019-19781: Analyzing the Exploit

On December 17th 2019, CVE-2019-19781 was disclosed. The vulnerability allows for directory traversal and remote code execution on Citrix ...

Cryptonite: Ransomware’s answer to Superman…

A new ransomware-as-a-service (RaaS) platform called Cryptonite plans to not only bring ransomware to the masses, but has the added benefit of reportedly being fully undetectable, requiring minimal...

Iranian Cyber Threats, Travelex Ransomware Attack, And Exploit Forum Updates

Viktoria hosts this week and introduces the episode bringing Sammy on to provide some regional insight and context around the Iranian cyber threat and discusses whether a cyber response is likely.

Iranian APT Groups’ Tradecraft Styles: Using Mitre ATT&CK™ and Essential 8

Rick Holland and Richard Gold talk through the team's research into Iranian APT groups' tradecraft styles using Mitre ATT&CK™ and the ASD Essential 8.

Iran and Soleimani: Monitoring the Situation

We focus on the cyber-related fallout from the situation, and ways that they may or may not impact our clients. We will continue to update this blog as related events unfold.

Iranian Cyber Threats: Practical Advice for Security Professionals

Rick Holland and Harrison Van Riper sit down to walk through Rick's latest blog on advice around the Iranian cyber threats.

The Closure of Market.ms: A Cybercriminal Marketplace Ahead of Its Time

While it may be challenging to assess what went wrong for market[.]ms conclusively, this blog examines some potential reasons behind its demise, as well as looking at the extraordinary professionalism

Jingle Bell Ryuk: NOLA Ransomware, Ring Doorbells, And 2020 Predictions

CISO Rick Holland joins our ShadowTalk hosts (Viktoria, Alex, and Harrison) for our holiday special! This week the team covers: - Ring Doorbell security - New Orleans victim of Ryuk Ransomware -...

2020 Cybersecurity Forecasts: 5 trends and predictions for the new year

In this blog, we discuss several significant trends and events that have helped shape the cyber threat landscape, all of which will almost certainly continue through 2020.

Tochka Dark Web Market Offline, Market.ms Closes, And Data Leakage Stories

Alex, Harrison, Kacey, and Charles chat this week on some dark web and cybercriminal updates, data leakage stories that have hit the news, plus a GDPR story where an ISP was hit with a €9.6...