Error - something went wrong!
FIN7: Arrests and Developments
Three alleged members of FIN7 arrested On August 1st, 2018, the US Department of Justice filed criminal cha...
Other content in this Stream
Understand threat actors, their behavior, and the assets they target.
Weekly Intelligence Summary 31 Oct - 07 Nov 2019
A string of data breach incidents affecting perceptively smaller organizations this week has outlined the need for all companies, regardless of size, to take a proactive security stance in preference
BlueKeep Attacks, Megacortex Ransomware, and Web.com Breach
This week the London team looks at the following stories: - BlueKeep Exploit Could Rapidly Spread - Megacortex Ransomware Changes Windows Passwords - Japanese Media Company Nikkei - $29 million...
Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground
we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat
Cybercriminal credit card stores: Is Brian out of the club?
In this blog, we determine whether this targeted attack on BriansClub will impact the wider cybercriminal credit carding landscape, and speculate whether it could galvanize the community to push anoth
Top Threat Intelligence Podcasts to Add to Your Playlist
Looking for some new threat intelligence podcasts to add to your playlist? Look no further! Our Photon Threat Intelligence Research team shares their top tracks.
7.5M Adobe Creative Cloud User Records Exposed, City Of Joburg Ransomware Attack, and APT28 Updates
Adam Cook, Philip Doherty, and Viktoria Austin host this week’s ShadowTalk update around an unsecured Elasticsearch database exposing account information of aboutt 7.5 million Adobe Creative Cloud...
Typosquatting and the 2020 U.S. Presidential election
Photon Research Team thought it would be interesting to use this pool of candidates as a backdrop for research into typosquatted domains
Understanding the Different Cybercriminal Platforms: AVCs, Marketplaces, and Forums
We’re all familiar with forums and marketplaces (we use them in our daily lives – think Reddit, eBay, or Amazon, for example), but what exactly is an AVC? What do they look like?
Threat Intelligence Time Management and Prioritization: An Interview with Xena Olsen
Rick Holland and Harrison Van Riper interview Xena Olsen in this episode of ShadowTalk. The team focus their discussion on how to get timely, but effective intelligence out the door.
NCSC Cyber Threat Trends Report: Analysis of Attacks Across UK Industries
The United Kingdom’s National Cyber Security Centre (NCSC) recently released their Incident trends report (October 2018 – April 2019) which ...
ANU Breach Report: Mapping to Mitre ATT&CK Framework
We decided to map this intrusion to the Mitre ATT&CK framework, as we have done previously for:
The Tyurin Indictment- Mapping To The Mitre ATT&CK™ Framework
Director of Security Engineering, Richard Gold, joins Viktoria Austin in this special episode of ShadowTalk to look at the attacker goals, their TTPs, and map this to the Mitre PRE-ATT&CK and...
Dark Web Overdrive: The Criminal Marketplace Understood Through Cyberpunk Fiction
How can the modern network of .onion marketplaces be understood through novels about a cyberpunk dystopia? The answer is in how dark web marketplaces grow and die.
Magecart Five Widens Attack Vectors, Targeting of Airbus Suppliers, & Tortoiseshell Developments
Coming to you from London this week, Jamie Collier, Philip Doherty, and Josh Poole join Viktoria Austin for our weekly threat intelligence updates. The team kicks off with a discussion around the...
Mapping the Tyurin Indictment to the Mitre ATT&CK™ framework
When the attacker, Andrei Tyurin, pleaded guilty, we thought we could look at the attacker goals, their TTPs and map this to the Mitre PRE-ATT&CK and ATT&CK framework.
WiFi Security: Dispelling myths of using public networks
In this blog we are going to review where this view of dangerous public WiFi networks came from, how close it comes to reality, and how to actually protect yourself from the real dangers which can occ
Domain Squatting: The Phisher-man’s Friend
Simon talks about how easy it is to conduct domain squatting and typosquatting, and how little monitoring still goes on around them in the industry.
Digital Risk Protection and Threat Intelligence: An Overview
Hear from co-founder of Digital Shadows, James Chappell, as he walks through the differences between Digital Risk Protection and Cyber Threat Intelligence. Resources Center: https://resources.digita
Dark Web Monitoring: The Good, The Bad, and The Ugly