The Most Popular Security Blog Topics of 2018

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

It’s been a busy year on the Digital Shadows blog, with almost 150 blogs published since January 1. As we move into the tail end of 2018, I wanted to share some of the most popular blogs and themes for this year.

US-CERT Draws on Digital Shadows Research

It’s been a pleasure to have had our blogs featured in a couple of US CERT alerts. First, in July, we released research on the growing threats to ERP (Enterprise Resource Planning) Applications, which led to a US CERT alert, Malicious Cyber Activity Targeting ERP Applications,  on the same topic.

Second, in October, our advice for securing PowerShell was referenced in US CERT’s note on how five publicly-available tools have been used for malicious purposes. You can read the full advisory here: Publicly Available Tools Seen in Cyber Incidents Worldwide.

MITRE ATT&CK Grows in Popularity

The MITRE ATT&CK framework, which provides a common vocabulary for how to talk about threat intelligence, has grown significantly in popularity and adoption in 2018. Drawing on the many indictments unsealed in 2018, we have published numerous blogs that map public indictments to the MITRE ATT&CK framework, including those against GRU for interference in 2016 US election, FIN7, FSB, and a North Korea Programmer. If you’re tired of reading, check out a podcast we recorded with Katie Nickels, the MITRE ATT&CK Threat Intelligence Lead, on this topic.

Mapping these indictments to the MITRE ATT&CK framework is useful, but it’s also important to map these to our defenses. That’s why we pulled all of these assessments together and mapped them to the ASD Essential 8, helping to understand how we can best mitigate many typical adversary behaviors.

Alarming Amount of Data Exposed

Unsurprisingly, 2018 was yet another year with eye-watering amounts of data exposed with 4.5 billion breached records in the first half of 2018. This was most recently demonstrated through the breach of 500 million Marriott records.

While some data is exposed through intrusions, a staggering amount of information is already inadvertently exposed through employees and third parties.  Our “Too Much Information” research discovered over 1.5 billion files from a host of services, including Amazon S3 buckets, rsync, SMB, FTP, NAS drives, and misconfigured websites. Almost all countries are affected, but the United States experienced the most exposure with 239,607,590 files.

 

There’s plenty more to come in 2019, so don’t forget to stay in touch and subscribe to our threat intelligence emails.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
4 Followers
About Digital Shadows
Digital Shadows monitors and manages an organization’s digital risk, providing relevant threat intelligence across the widest range of data sources within the open, deep, and dark web to protect their brand, and reputation. The Digital Shadows SearchLight™ service combines scalable data analytics with human data analysts to manage and mitigate risks of an organization’s brand exposure, VIP exposure, cyber threat, data exposure, infrastructure exposure, physical threat, and third party risk, and create an up-to-the minute view of an organization’s digital risk with tailored threat intelligence.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

DNS Rebinding – Behind The Enemy Lines
Views: 994 / January 19, 2019
My IT Learning Journey
Views: 1493 / January 18, 2019
A New Age of Digital Interconnection
Views: 1244 / January 18, 2019
7 Project Management Basic Rules
Views: 1701 / January 17, 2019
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel