The FBI made digital copies of malicious web-shells before removing them from hundreds of vulnerable servers in the US, without any warning to affected organizations. The servers likely belong to private-sector companies that had been compromised via the “Proxylogon” Microsoft Exchange vulnerabilities. A court order issued by the US Department of Justice (DoJ) authorized the FBI to conduct the actions. Affected organizations were reportedly only contacted if the FBI could find contact details through the servers’ WHOIS records. The DoJ’s and FBI’s actions have raised concerns that extend to the companies’ privacy, proportionality and accountability, and the government’s role in combating cyber-threat events.
Other content in this Stream
ShadowTalk hosts Alec, Ivan, Sean, and Digital Shadows CISO, Rick, bring you the latest in threat intelligence.
Security researchers discovered two unrelated cyber-threat campaigns targeting Microsoft SharePoint.
This guide outlines best practices for cyber threat intelligence and features resources to leverage when developing or improving your organization's cyber threat intelligence capabilities.
ShadowTalk hosts Alec, Ivan, Charles, and newcomer, Sean, bring you the latest in threat intelligence.
A cyber-espionage campaign was found targeting the Vietnamese military and government, as well as other sectors and some entities in Thailand and Central Asia.
ShadowTalk hosts Stefano, Adam, Kim, and Chris bring you the latest in threat intelligence.
A compilation of some of our favorite readings, resources, and tools that relate to Cyber Threat Intelligence.
ShadowTalk hosts Alec, Ivan, Charles, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
A user of the cybercriminal forum RaidForums has offered 533 million records of Facebook user data for only a few US dollars.
This illustration of the intelligence cycle will allow you to see what we do at each stage of the cycle to ensure we effectively answer stakeholder requirements.
ShadowTalk hosts Stefano, Dylan, Kim, and Chris bring you the latest in threat intelligence.
Insurance provider CNA Financial has announced it was targeted in a cyber attack, later confirmed as involving the newly identified “Phoenix Cryptolocker” ransomware.
ShadowTalk hosts Alec, Austin, Charles, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
The new Internet of Things (IoT) botnet ZHtrap has been turning devices it has infected into honeypots, in a novel technique that highlights yet another risk presented by exposed IoT devices.
Digital Shadows CISO Rick hosts this edition of ShadowTalk. He’s joined by special guest John Kindervag, creator of Zero Trust and Senior Vice President, Cybersecurity Strategy at ON2IT Cybersecurity.
ShadowTalk hosts Stefano, Adam, Kim, and first-timer Chris bring you the latest in threat intelligence.
Four zero-day vulnerabilities in Microsoft Exchange Servers have been linked to more than 30,000 cyber attacks taking place in the week following their discovery.
Initial access brokers are benefitting from a rise in adoption of remote access software. This Initial Access Brokers Report analyzes this phenomenon and what it means for security practitioners.
Let’s start with a scenario. You’ve finally convinced the business to begin the journey of building up a threat intelligence ...