Digital Shadows
Follow Digital Shadows on their other social channels!
About Us
Company Size:
51-200 employees
Company Type:
San Francisco, CA / USA
Digital Shadows monitors and manages an organization’s digital risk, providing relevant threat intelligence across the widest range of data sources within the open, deep, and dark web to protect their brand, and reputation. The Digital Shadows SearchLight™ service combines scalable data analy ...
Read more
Promoted Content
2018 Forrester New Wave: Digital Risk Protection
Using Shadow Search to Power Investigations: Sextortion Campaigns
We recently wrote about sextortion campaigns and how they’ve developed their lures over time. As a result of these campaigns, tens of thousands of dollars have been transferred to attacker-controlled bitcoin wallets. In this blog, I wanted to share how you can power responses to extortion campaigns with Shadow Search (while I’m using the sextortion campaign in this example, any extortion campaign could apply). Within the long and rambling email, we can identify three elements requiri ...
2019 Cyber Security Forecasts: Six Things on the Horizon
The new year is upon us! 2018 brought us Spectre and Meltdown, Russian GRU indictments, and the exposure of 500 million Marriott hotel goers. 2019 is sure to throw us a few curveballs as well. For this blog, we looked at trends and events that have shaped the digital risk landscape this year and how they might play out in 2019. 1. GDPR watchdogs start to bite. Expect new fines for data breach incidents 2018 was the year of GDPR; 2019 will be the year of GDPR fines. Under the European General Da ...
ShadowTalk Update – 12.03.2018
Michael Marriott, Dr Richard Gold and Simon Hall discuss our recent findings on threat actors using cracked versions of Cobalt Strike to conduct their attacks in this week’s ShadowTalk. Cobalt Strike is a powerful platform for performing offensive cyber operations, containing a wide variety of tools for conducting spear phishing and web drive-by attacks to gain initial access. While it’s used widely by security teams – including in Digital Shadows’ own internal Purple Tea ...
Threat Actors Use of Cobalt Strike: Why Defense is Offense’s Child
I’m a big fan of the Cobalt Strike threat emulation software. Here at Digital Shadows, it’s a staple of our internal Purple Team assessments and we’re always impressed by its capabilities. However, it appears that we are not the only ones to feel this way and we have seen how Cobalt Strike is used for illegitimate purposes by threat actors. It is therefore important for network defenders to familiarize themselves with the capabilities of this offensive toolset. We would like to ...
ShadowTalk Update – 11.26.2018
With Black Friday kicking off the holiday spending season, Harrison Van Riper, Jamie Collier, and Rafael Amado focus on cyber security threats faced by retailers and online shoppers. Despite increased sales for retailers and bargain opportunities for consumers, Black Friday has had the unintended consequence of emboldening and enabling profit-seeking cybercriminals. The team discuss continuing activity by the Magecart group, as well as the ways in which cybercriminals are gearing up for the holi ...
Mapping the ASD Essential 8 to the Mitre ATT&CK™ framework
Australian Signals Directorate Essential 8 The Australian Signals Directorate (ASD) has published what it calls the “Essential 8”: a set of fundamental mitigation strategies as a baseline for securing an organization. It is intended to be a pragmatic set of mitigation strategies designed to address the most common adversary behaviors. They are:   Application whitelisting. This ensures that only approved programs can run, and is intended to prevent the execution of not only binar ...
ShadowTalk Update – 11.19.2018
Leaked court documents surfaced this week detailing how Italian authorities tried and ultimately failed to identify and convict the vigilante hacker, Phineas Fisher, best known for the infamous breach against the Italian surveillance and technology company, Hacking Team. Dr. Richard Gold and Harrison Van Riper join Rafael Amado in this week’s edition of ShadowTalk. The team discuss the history of Phineas Fisher, the techniques used to break into the Hacking Team network, and the operationa ...
Sextortion 2.0: A New Lure
Back in September we released a blog about the large volume of sextortion email campaigns that were hitting people’s inboxes. We have continued to monitor the campaigns and have seen a recent change in tactics, with some unusual approaches being favoured by the sextortionists this time around.   Cisco ASA vulnerability lure – too long; didn’t read Previously the emails were simple and straightforward for the target – “I have your password this is proof tha ...
Black Friday and Cybercrime: Retail’s Frankenstein Monster
With every year that passes, Black Friday seems to morph into a creation its original proponents could not have even envisioned. Not so long ago, it was simply the day following Thanksgiving in the United States (US), when retailers would offer sales and discounts to mark the beginning of the holiday shopping season. Now, Black Friday has become a global phenomenon that stretches over weeks, if not months, rather than a single day. Technological advances have brought new opportunities and challe ...

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?