Fake sites spread fake stories to fuel pump and dump or other foul ends
Security experts have warned that disinformation campaigns are leading to “pump and dump” runs on cryptocurrencies
Following that brief spasm of activity, an account claiming to be from Anonymous Poland posted tweets declaring it had hacked data from U.S.
The Express Tribune: 'Fake news' fast becoming a profitable business model, say security researchers
Cyber criminals have latched onto the notion of “fake news” and turned it into a profitable business model, with services starting at under $10, security researchers said Thursday.
The online security firm Digital Shadows released a report highlighting services aimed at creating bogus media websites, fake reviews and social media "bots" or automated accounts to promote or denigrate commercial products and services.
Cyber criminals have latched onto the notion of "fake news" and turned it into a profitable business model, with services starting at under $10, security researchers said Thursday.
International Business Times: Dark Web: Hacker breaches Basetools and threatens to leak database, demanding $50,000 ransom
An unknown hacker appears to have breached a dark web marketplace called Basetools and leaked samples of its database online.
A security researcher reportedly disclosed a number of Equifax security issues to the company months before the major data breach, and none of the problems were fixed.
A Digital Shadows investigation saw a twist in the classic gambit of acquiring a company’s valuable data, threatening to release the data if a ransom is not paid, and then putting pressure...
While Equifax is the latest major data breach to hit the headlines, we know it will not be the last. How prepared is your organization if you were similarly targeted?
The breach will likely have a long-lasting impact, according to Michael Marriott, a research analyst at Digital Shadows, a cybercrime monitoring company.
eWeek takes a look at nine security vendors that raised money in September.
The Independent: Digital Shadows: London and San Francisco cyber security firm raises $26m in funding round
The cyber security firm's investment will be used to bolster programmes aimed at searching the dark web.
LONDON — Digital Shadows, a London and San Francisco-based cyber security firm, has raised $26 million in a funding round led by Octopus Ventures to support its expansion into markets...
City A.M.: Hot UK cyber startup Digital Shadows has raised $26m led by Zoopla backer Octopus Ventures
One of the UK's high-flying cyber security startups has attracted fresh funding from venture capital investors to fuel global expansion amid the growing threat to business of cyber crime.
LONDON (Reuters) - Digital Shadows, a London and San Francisco-based cyber security firm, has raised $26 million in a funding round led by Octopus Ventures to support its expansion into...
A British cyber security firm has raised $26m (£19m) to develop its technology that scans the internet for threats to businesses.
A London cyber security start-up which alerts companies to potential threats on the dark web has raised $26 million (£19 million) to fuel its expansion.
Business Insider: A startup has raised $26 million for a spy tool which scans the dark web for threats against companies
British cybersecurity firm Digital Shadows has raised $26 million (£19 million) for its platform that searches the darkest corners of the internet looking for the chatter associated with threats against...
"If this is indeed a capital offense, then I’d say that the majority of organizations are guilty," said Rick Holland, vice president of strategy at Digital Shadows, a cyber-intelligence firm...
"In a blog post for cybersecurity firm Digital Shadows, Vice President of Strategy Rick Holland detailed what’s most likely to happen next, including tax return fraud, benefits and medical care fraud, carding,...
"Rick Holland, VP of Strategy at Digital Shadows and a former incident responder, is even more sympathetic. Holland reckons a month to communicate the incident "is not that long".
Have a safe trip! Typically, when we wish someone well before they leave on a journey we are referring to their physical safety while in transit.
BLACK HAT USA 2017 -- Reasonably priced, module-based training courses and helpful forums will train a beginner in all the tools and techniques of the successful cybercriminal, Rick Holland of...
Exploit kits are on the way out, at least that's the message in a recent blog form Digital Shadows which reports that at least four major players in the market have ceased...
We’ve all heard the phrase: “When one door closes, a window opens.” You can bet that as you’re reading this, those engaged in cyber crime on the dark web are...
"Game of Thrones" and HBO are facing a dragon they can't slay: hackers. Digital Shadows' Rick Holland weighs in.
James Chappell, CTO and co-founder of threat intel firm Digital Shadows, said that UK government proposals go further than what’ll be required to achieve NIS Directive compliance.
Microsoft hides a fingerprint scanner in its newest keyboard for improved login security using Windows 10. A study by security firm Digital Shadows found that password reuse was disturbingly common is its analysis...
Given this information what can payment card companies, merchants and consumers do to better protect themselves? The list is long, but here are three tips for each.
Large firms are vulnerable to targeted hack attacks because they do little to strip data from files on their websites, suggests research.
Cybersecurity experts are bracing for a wave of ever-more-ambitious hacks to hit in months to come, while their ability to catch perpetrators is often limited.
Digital Shadows has found several Russian-language online training courses, pointing to the increasing sophistication of the professional ecosystem as fraudsters seek to up-skill themselves and would-be cybercriminals.
Michael Marriott, research analyst at Digital Shadows, said failures in operational security which contributed to the arrest of AlphaBay's founder could instill some fear in cybercriminals.
By analyzing hundreds of criminal forums, Digital Shadows discovered a new trend in the form of remote learning ‘schools’.
Discovered by threat intelligence firm Digital Shadows, the course is advertised on Russian underground sites and is available only in Russian.
Digital Shadows, the industry leader in digital risk management, revealed its findings on the changing habits and tactics of organized credit card fraud gangs, discovering a new trend in the...
In the same way that you might sign up for a course to learn a new language, criminals are now flocking to these six-week online courses, comprising 20 lectures from...
International Business Times: Dark Web now offering hackers crash courses on how to be a card fraudster
Experts at Digital Shadows said the course is in Russian, indicating that it is targeted at people in this region. Each of the lectures lasts for one to two hours.
Digital Shadows monitors hundreds of criminal forums on a day to day basis and AlphaBay had established itself as a prominent ‘go to' platform for the trade in illegal goods,”...
“If confirmed, the AlphaBay takedown is a hugely positive step,” said Rick Holland, vice president of strategy with dark web intelligence firm Digital Shadows.
International Business Times: AlphaBay Shut Down: Feds Announce AlphaBay, Hansa Market Taken Offline By Law Enforcement
Rick Holland, the vice president of strategy at cyber threat monitoring firm Digital Shadows, told IBT AlphaBay "had established itself as a prominent ‘go to’ platform for the trade in...
Researchers at Digital Shadows discovered a Russian carding forum provides a course on how to commit fraud, complete with instructors, syllabus, webinars, and reading material.
The course, found in a Russian forum, says it aims to teach would-be criminals “to become a professional in the world of carding,” according to Digital Shadows, which studied the course.
Online courses with instructions on how to become a cybercriminal aren't new, but one course examined by researchers at security company Digital Shadows reflects the level of professionalism now being adopted by...
Security firm Digital Shadows discovered the cybercrime class taught by five instructors and sold on a deep web forum.
The study from digital risk management company Digital Shadows finds the courses, available to Russian speakers only, last for six weeks and comprise 20 lectures with five expert instructors.
Online courses with instructions on how to become a cybercriminal aren't new, but one course examined by researchers at security company Digital Shadows reflects the level of professionalism now being adopted by...
The Register: School of card knocks: Russophone criminals offered online courses in credit card fraud
Risk management firm Digital Shadows flagged up the course as part of a wider report into trends in underground carding forums. The study, published on Wednesday, reports how remote-learning "schools"...
Undercover monitoring of the dark web by Digital Shadows, an online risk management company, found student reviews bragging of purchases made using stolen card details with images of cameras, games...
Digital Shadows, a cybersecurity firm based in the UK, dove into the online fraud ecosystem and released part of its research on Wednesday.
As cyber security reaches a 'crisis point,' experts say that the traditional approach of ‘building the castle walls higher’ is broken.
Stolen account credentials are widely available. They come in a range of prices on the Dark Web, depending on freshness and geography, says Michael Marriott, research analyst at Digital Shadows.
"There are hundreds of thousands of documents online that shouldn't be publicly available," says James Chappell at security company Digital Shadows.
"One user on Reddit claimed that law enforcement had raided the houses of two AlphaBay vendors, but provided no evidence to prove this had occurred," reports threat intel firm Digital Shadows.
The point is that criminal forums exist everywhere so focusing only on the dark web won’t give you a comprehensive view of your digital risk.
International Business Times: Has AlphaBay pulled an exit scam? Dark web market goes mysteriously offline sparking fears of heist
"Since its user base hit 200,000 in October 2015, AlphaBay has been widely regarded as the largest marketplace on the dark web, competing against the likes of Abraxas, Dream and...
The Times highlights how Level 39 companies, including Digital Shadows, are working with the world's leading banks.
Researchers from Digital Shadows, another company that scours the dark web, traced the origins of the site back to July of 2016, when a hacker named goldrose advertised it on...
International Business Times: Petya ransomware: What were the hackers' motives and how much money have they raked in so far?
Security experts at Digital Shadows are warning those affected by the Petya not to pay the $300 ransom.
Becky Pinkard, vice president of service delivery and intelligence at Digital Shadows, said: “There is some confusion over the origins and nature of Petya, with some reports suggesting there are similarities...
The study, done by London- and San Francisco-based Digital Shadows, which provides clients with information about their external digital risks, determined that 97 percent of the world’s largest 1,000 organizations had credentials exposed.
CRN Exclusive: Digital Shadows Launches First Partner Program, Looks To Bring New Services Opportunities To Channel
Digital Shadows launched its first partner program Thursday, part of what the digital risk management company called a "conscious strategic move" to focus on the channel.
How can you mitigate risk? To protect your organization against account takeovers, CEO Alastair Paterson shares seven steps you can take.
According to a recent Digital Shadows report, cybercriminals are increasingly using stolen data like this to launch credential stuffing attacks, automating the process of trying large sets of stolen credentials on...
Influential Organizations and Individuals or Those With Ties to Government or Political Institutions May be Targets for Cyber Attacks
According to a new report by risk analysis specialist Digital Shadows, 'credential stuffing' tools are the latest technique being used to automate attempts at account takeover.
Digital Shadows said today in a new report that credential leaks, such as this past month’s Anti Public Combo List and others, have buoyed the market for credential stuffing and made it a...
There's no shortage of leaked credentials for attackers to employ. Nearly all (97%) of the world's 1,000 largest companies have had corporate credentials exposed, Digital Shadows reports in its newly...
SC Magazine discusses Digital Shadows' ACH on WannaCry.
Digital Shadows' Rick Holland discusses why companies shouldn't give in to digital blackmail.
“One of the challenges we have with it is people don’t talk about paying their extortions,” says Rick Holland, vice president of strategy at the threat intelligence firm Digital Shadows.
Los Angeles Times: It almost makes you WannaCry: The search for the hackers who infected computers around the world
Becky Pinkard, vice president of service delivery and intelligence at the British cybersecurity firm Digital Shadows, said a slip-up might occur when crooks try to access the ransom money.
Imagine a network of 100 computers. These computers communicate with each other through digital roads. One of the roads is port 445, and it is usually reserved for Windows-running computers...
One notable difference with this attack is that the perpetrators demanded a relatively small amount of money but from a large number of people, said James Chappell, chief technology officer...
"As governments all over the world invest in finding weaknesses in computer systems we are going to continue to see organizations exploiting these," James Chappell, chief technology officer at London-based cybersecurity start-up Digital...
Security firm Digital Shadows said on Sunday that transactions totalling US$32,000 had taken place through Bitcoin addresses used by the ransomware.
Microsoft released a security update a month before the exploit was leaked, but according to security firm Digital Shadows, internet scans reveal that at least 1.3 million Microsoft Windows systems...
Becky Pinkard, from Digital Shadows, a UK-based cyber-security firm, told AFP news agency that it would be easy for the initial attackers or "copy-cat authors" to change the virus code...
Many factors will help narrow down the search, such as the compile times, the languages the original code was written in, but direct attribution will not be possible until a...
“There’s no guarantee of service even if they do pay,” said Becky Pinkard, vice president for service delivery and intelligence operations at Digital Shadows, a cybersecurity firm.
Rick Holland, Digital Shadows’ VP of Strategy, said: “Just over eight weeks later, we are seeing the initial implications of not deploying this SMB patch.
The situation is developing rapidly, but here are the seven big takeaways from what we know so far.
“Regulatory frameworks are fantastic,” said Becky Pinkard, vice president of service delivery and intelligence at the cybersecurity firm Digital Shadows.
“Whoever it is it looks very much like they are taking advantage of the NSA’s tools,” said Becky Pinkard, vice-president at Digital Shadows, a cyber intelligence firm.
"Companies can benefit by understanding how threat actors are targeting companies in their sector and specific vulnerabilities they are looking to exploit – this intelligence can be gleaned from criminal...
In this increasingly mobile-first world, organizations are turning to mobile applications that enable them to better interact with their customers and provide new tools for employees.
Rick Holland, vice president of strategy at Digital Shadows, said the financial impact of pretexting makes it worth highlighting.
Michael Marriott discusses how security leaders can address and mitigate the rising threat of fake mobile apps.
Companies including Digital Shadows have embraced the concept of "digital risk monitoring" as a complementary category to the massive "threat intelligence" market.
“W-2 data is the holy grail because you can’t reset it, like a password,” says Michael Marriott, a research analyst with Digital Shadows, a digital-risk management company.
In today’s connected world securing your own network is simply not enough. Today your digital risk extends not only to your own servers, PCs and other devices in your offices...
Rick Holland, vice president of strategy at Digital Shadows and formerly of Forrester, coined the phrase "expense in depth" to illustrate that many companies will shell out money to add...
Digital Shadows' CTO and Co-Founder, James Chappell, discusses how key elements like strategy development, roles and responsibilities, conflict management, leadership and decision-making styles can support or hinder performance.
Bad actors will do whatever they can to take advantage of the lucrative tax season. There are numerous instances of bad actors requesting and selling items pertaining to tax fraud across...
Digging through the vast number of tweets, threat intelligence analysts from US cyber-security firm Digital Shadows found a Twitter account that was offering free DDoS tools for anyone willing to participate in...
"Organizations need to understand the implications of paying out a ransom," said Digital Shadows' Holland. "A cyber security insurance policy could be invalidated because of a ransom payment."
Digital Shadows says it has observed the distribution of two denial of service (DoS) tools - one for Windows and one for Android devices - which are actually RATs.
The huge cost of cybercrime was once again graphically illustrated this week by a story on the BBC of a hacker who allegedly used phishing techniques and fake websites to steal over...
A recent look at insider trading on the dark web shows how underground operators use OPSEC to protect their businesses.
External digital risk-management firm Digital Shadows has appointed Alex Seton as vice president of business and corporate development.
Mobile is no longer a niche or isolated part of an organizations’ digital footprint. New devices and applications are the status quo but organizations must be aware of the digital...
Rick Holland stresses how important it is for both consumers and businesses to under that there are differences in the types of cyber campaigns criminals perpetrate during tax season and that...
Digital Shadows analyst Michael Marriott talks cybercrime services currently in “startup mode”.
In order to better defend against financially- and non-financially motivated attacks, we must continually strive to understand the threats and the actors behind them.
"Although there's all this professionalisation of cybercrime, we have seen evidence with Ripper.cc that they still find it hard to find good talent," says Marriott.
Michael Marriott, a research analyst at Digital Shadows, says there's been a great deal of change in the exploit kit landscape over the past year.
Digital Shadows CEO Alastair Paterson named one of the Re-Inventors bringing about the next wave of digital security.
Clearly we as an industry need to do a better job to excite and encourage more young people to look to a career in cybersecurity and we need governments and...
Many people were this week startled by reports that GCHQ technical director Dr Ian Levy had apparently claimed that security firms exaggerated the threat posed by hackers to promote the services...
Valentine’s Day is fast-approaching and the story goes that if Cupid hits you with his golden arrow you’ll fall madly in love.
James Chappell, CTO and co-founder of threat intelligence firm Digital Shadows, believes collaboration has been evolving in areas such as skills, standards and threat intelligence.
An investigation by threat intelligence specialists Digital Shadows has uncovered the existence of a "Rat-as-a-Service" site called Ripper.cc
In its analysis of Ripper, Digital Shadows Ltd. says the prevalence of fraudsters on underground cybercrime markets is so widespread that criminals have become accustomed to paying a “ripper tax,”...
International Business Times: Honour among thieves: This cybercrime site aims to help hackers avoid falling victim to fraud
Researchers from Digital Shadows claim that the site aims to mitigate scam issues and help cybercrime marketplaces thrive.
Security experts have discovered a new online service designed to alert cyber-criminals to rivals, or "rippers", who commit fraud on underground forums.
Researchers at threat intelligence firm Digital Shadows have analyzed a relatively new service named Ripper that aims to expose fraudsters who target the users of cybercrime marketplaces.
Discovered by threat intelligence firm Digital Shadows, Ripper.cc launched in June 2016, when its authors announced the service through a topic on the Exploit.in hacking forum.
Computer Business Review: There IS honour among thieves – new service for cyber criminals names and shames ‘rippers’
Ripper.cc provides a service to cyber-criminals by upholding a code of honour.
Ripper.cc offers a service to help protect the genuine cybercriminals from the scammers in their midst.
Ripper.cc has close to 1,000 profiles of known scammers.
Digital Shadows named one of the Top 10 Cybersecurity Companies to Watch.
The website, Ripper[.]cc, appears to have been launched in the summer of 2016 via a post on a hacking forum called Exploit.in.
To help you assess your digital risk, here are three examples of trojans from 2016 that will likely continue to be active into 2017.
CTO and co-founder James Chappell discusses the UK digital skills shortage.
Brian Krebs discusses Digital Shadows' analysis around the Mirai author's real life identity.
Three pieces of vulnerable software are most targeted by the exploit kits studied in a Digital Shadows report.
Rick Holland, vice president of strategy at Digital Shadows, said including URL formatting in phishing education in enterprise would be only a "marginal benefit" to IT pros.
James Chappell, CTO and cofounder of Digital Shadows joined this week’s Hacker Tracker to shed light on how the latest trend of ATM jackpotting is just the tip of the iceberg for cybercriminals...
While the year might be new, many of the Cybersecurity challenges we face are far from new.
Digital Shadows' Michael Marriott gives an analysis around the future of the Mirai botnet.
Some security vendors such as Digital Shadows said the release of the code to Mirai wasn't what it was painted to be, as it wasn't as easy to deploy as...
“We know that good security staff – even if you have the budget – are hard to recruit,” adds Alastair Paterson, CEO of cybersecurity fintech firm Digital Shadows.
"The fact that there are 10 digits of the credit card number, name and address all available means the people who had accounts with the company really are exposed and...
The availability of the Mirai malware source code online isn’t a guarantee that just anyone can quickly convert it into a money-making IoT-based DDoS botnet.
A new report by security company Digital Shadows claims that the release of the source code to the Mirai botnet is a godsend for cyber-extortionists who are looking to make...
These are just a few examples of countless wannabe hackers asking for coding help to use Mirai, all collected by Digital Shadows.
While a company that is breached by hackers can really only work from the digital evidence left behind, nation states or intelligence agencies have many more sources to draw on...
“Who knows what’s going to actually come up before the end of the year,” Digital Shadows’ Holland says. “Mirai is certainly not going away any time soon.”
Rick Holland VP of strategy at Digital Shadows told SC: “We've already seen an evolution of both the code itself and the business models that look to exploit it for financial...
James Chappell, CTO and co-founder of Digital Shadows, joined PYMNTS for this week’s Hacker Tracker to discuss how cybercriminals are enjoying their own version of the holiday shopping season across...
Digital Shadows provides these types of services -- tailored threat analysis and alerts, dark web searches for stolen data and credentials, and more -- through its SearchLight platform.
Digital Shadows outlines some of the biggest threats facing both retailers and consumers in the upcoming holiday season.
"Once again we can see how professional the cybercriminal underworld is in their operations," said James Chappell, chief technology officer and co-founder of Digital Shadows.
According to security firm Digital Shadows, Black Friday is a chance for cyber-criminals to show off their skills.
“When a new campaign for the POS malware known as FastPoS was discovered in September 2016, it became clear that the malware was still under active development.
Ultimately we need to be conscious of the cyber risk in everything we do - make sure we use even basic security techniques and approaches when accessing ANY sort of...
Digital Shadows, a provider of cyber situational awareness, released its Shooting the Messenger: Understanding the Threats to the Media and Broadcasting Industry report which revealed that revenue generating websites are a threat...
Security firm Digital Shadows uses the "analysis of competing hypothesis" to narrow down possible causes of the $3.1 million Tesco bank theft.
A mass cash-out operation using cloned cards is the most plausible explanation of the Tesco Bank breach earlier this month which saw crooks steal around £2.5 million from 9000 customer...
Digital Shadows has applied the technique of the Analysis of Competing Hypothesis (ACH) on the available data in an attempt to narrow down the possibilities between four competition theories.
Rick Holland said account takeovers, spear phishing and extortion are just a few of the risks that corporate staff could face from this breach.
Taking down websites is penny-ante stuff, and "I'd make a distinction between attacks that disrupt the availability of websites and attacks that raise questions regarding the integrity of the U.S.
Rick Holland discusses that in order to build resilience into your OPSEC program, you need to be aware of the changes around you and prepare for scenarios beyond normal operations.
The news that the UK government is to invest £1.9 billion in new automated cybersecurity defences is a welcome and logical one considering the threat landscape and increased proficiency and professionalism...
Rick Holland of Digital Shadows discusses concern that the hacker will continue to try to influence U.S. politics, even after the election.
Michael Marriott of Digital Shadows talks with Sky News about cyber security strategies.
As a security professional, what stands out is the steady stream of cyber security-related incidents, particularly when compared to the U.S. elections of 2012 and 2008.
Clearly companies, both large and small, need to act now and start putting in place robust standards and procedures to counter the cyber security threat, or face the prospect of...
The need for companies to adopt a more intelligent approach to threat assessment is also what drove Digital Shadows to develop SearchLight.
Digital Shadows named on the Digital Innovators 2016 Power List.
Financial institutions are not inclined to share secrets. That's changing as savvy tech adversaries threaten to breach digital walls.
Technical and Process Controls for the Enterprise Must Extend to Employees and How They Engage in Personal Services.
Rick Holland said the "code release is particularly dangerous, since it once again lowers the barrier to entry for threat actors."
Rick Holland of Digital Shadows visits the Dark Reading News Desk at Black Hat to explain how the attackers' superior business agility, faster change management, specialized job force, lower barriers...
A recent Digital Shadows report indicates that the exploit kit market is not that crowded anymore, and that malware operators don’t have much choice.
The UAE was the most affected country in the Middle East with over 15,000 leaked credentials publicly available online, according to cyber situational awareness company Digital Shadows’ latest research report.
Michael Marriott, Digital Shadows security expert, believes that when analysing breach severity, there are six factors that should be considered: recoverable passwords, data sensitivity, dataset freshness, dataset transferability, data accuracy...
According to a recent Digital Shadows report, the exploit kit market is not that crowded, and malware distributors don't have that many options to choose from.
Digital Shadows, a provider of cyber situational awareness, released its Compromised Credentials research paper which analyzed the largest 1,000 companies listed on the Forbes Global 2000.
Until retina or fingerprint scanning, or any other security process becomes a regular feature in IT and replaces the password, we as employees need to take control of online habits...
Michael Marriott of Digital Shadows looks at how hackers are increasingly using tactics used by commercial organizations to raise their profile and publicize their 'business'.
An analysis from Digital Shadows of the Forbes Top 1000 companies reveals that 97 percent of all organizations have been affected by recent data breaches at large Internet services.
“The listing description contained 586 rows of data provided as a sample, each of which contained a username, date of birth and unsalted MD5 password hash.
"I would err on the side of caution and force a password change. It's better to be out in front of it than behind it," says Rick Holland, vice president...
Digital Shadows has reportedly uncovered the compromised personal data of approximately 5.5 million employees of the world’s 1,000 largest corporations.
“The listing description contained 586 rows of data provided as a sample, each of which contained a username, date of birth and unsalted MD5 password hash.
Earlier this week, researchers at Digital Shadows revealed that 97 percent of the top 1,000 global companies have leaked user credentials online, and many of them are from third-party breaches.
97 percent of the 1000 largest companies have suffered compromise of employee credentials, comprising email and password combinations.
Digital Shadows searched through data compromised by recent breaches of popular websites and managed to dig up 5.5 million or so passwords.
San Francisco Business Times: Study finds that 97% of large companies have had credentials leaked online
Digital Shadows analyzed the largest 1,000 companies listed on the Forbes Global 2000, and found that 97 percent of those companies, spanning all businesses sectors and geographical regions, had leaked...
Companies in the entertainment and technology sectors are far more exposed than others, Digital Shadows analysis shows.
A survey of breach data finds that 97 percent of Global 1000 companies have had employees impacted by the loss of their credentials, according to research by security firm Digital Shadows.
Personal details of 5.5m employees from the world’s 1,000 biggest public companies have been discovered online by Digital Shadows.
A new report shows that there are leaked employee credentials online for 97 percent of the top 1,000 global companies, many of which came from third-party breaches.
Credentials for employees at almost all the largest organizations in the world were leaked in major data breaches, according to research by Digital Shadows.
Credentials discovered from workers at 97 percent of Forbes-ranked companies.
The Wall Street Journal: The Morning Risk Report: Shareholder Activism Set for Record Year in Europe
Stolen data from major companies found. The Financial Times reports personal details of 5.5 million employees from the world’s 1,000 biggest public companies have been found online by cybersecurity company...
A recent report released by Digital Shadows reveals that RIG is one of the five active exploit kits left on the market today, along with Neutrino, Magnitude, Sundown and the lesser...
A new research conducted by Digital Shadows reveals that 76 vulnerabilities are being exploited in exploit kit attacks.
While much is changing, what continues to be true is that in today’s world of IoT, security needs to be top of mind as the number and type of attack...
CVE-2013-2551 is the most popular vulnerability with EKs according to a Digital Shadows study that analyzed all the 22 exploit kits active in the past years.
Exploit kits make the job of an attacker much easier but can be defended against easily by understanding the vulnerabilities and software they most often target.
Organizations need a proactive approach to defend against targeted attacks by engaging in supply chain security and through greater cyber situational awareness.
Rick Holland, vice president of strategy for Digital Shadows, details why cybercriminals increasingly embrace software-as-a-service models.
New research shows that most of the popular exploit kits are actually going after flaws from 2015 and later, and the most commonly exploited vulnerabilities are in Flash and Java.
Digital Shadows new report notes that Angler EK holds the dubious record of having exploited the largest number of vulnerabilities of all 22 EKs studied.
To many financially motivated cybercriminals, one of the most valuable commodities is data. But not all data is valued equally. They want data that is fresh, good quality and easily monetized.
News last week that dozens of high end U.S. Hotels have been subjected to attack by cybercriminals who installed malware on their payment processing systems might be shocking but can...
Analysts at security awareness specialist Digital Shadows have identified a growing trend of some hackers actively seeking the limelight to promote their businesses.
Dennis Fisher talks with Rick Holland of Digital Shadows about what this all means for enterprises, the political implications, and the ethics of the government hoarding zero days.
Rick Holland chats with TechTarget regarding the Shadow Brokers' claims.
Ransomware and other forms of cyber extortion are effective moneymakers for the bad guys. Learn why, and how not to fall prey to digital extortionists.
InfoWorld talks with Digital Shadows' Rick Holland about the security tools hackers use to protect themselves while ripping you off
The cybersecurity firm Digital Shadows says that online criminals have used a Russian web hosting service to reap more than $3 million in the sale of illegal goods.
Millions of Americans will watch the Summer Olympics at work — and that will create a major opportunity for cyber criminals to attack corporate computer systems. This could cause serious...
As recent events have shown, you shouldn’t let your guard down because a threat actor or operation appears to have been shut down.
New research has identified a one-stop, outsourced online shop, providing hosting, design and payment solutions for cyber criminals looking for a low-cost of entry method to sell their ill-gotten assets.
Researchers at security firm Digital Shadows have conducted an analysis of Deer.io, a Russian website that they claim makes it easy even for less technically skilled individuals to become cybercriminals.
International Business Times: Russia-based Deer.io identified as cybercrime hub linked to hacker behind LinkedIn breach
Deer.io is said to be hosting over 1,000 shops, most of which sell stolen products from compromised accounts.
Cyber attack prevention specialist Digital Shadows conducted research into deer.io, a Russian-language site that hosted darkside.global.
The use of sites like Deer.io prove the barriers to entry for cybercrime are continually being lowered, according to threat intel firm Digital Shadows.
Digital Shadows was named one of the 10 fastest growing fintechs in the UK, according to data compiled by recruitment finance provider Sonovate.
Cyber situational awareness company Digital Shadows has unearthed an “all-in-one” outsourced online shop for cyber-criminals looking for low-cost entry methods to sell their ill-gotten assets.
Setting up a cyber criminal business is easier than ever believed, according to UK information security startup Digital Shadows
Mitigating ransomware threats is a complex operation that “requires a combination of technical and process controls and company-wide engagement – from employees, to executives, to IT security teams.” - Alastair...
What’s needed is greater threat intelligence, specifically cyber situational awareness – the ability to look at your environment through the eyes of an attacker to detect the threats and vulnerabilities...
Researchers at Digital Shadows shared with Threatpost an incident report disclosing that a June 24 post on the Russian-language forum "exploit.in" contained a link to a new Tor site hosting the underground market.
On June 24, an anonymous user named xDedic was spotted sharing the site’s new address on a Russian hacking forum, according to Digital Shadows.
Digital Shadows reveals that a user named xDedic posted on 24 Jun 2016 a link to the new site on the criminal forum exploit[.]in.
International Business Times: XDedic: Dark Web marketplace selling access to thousands of hacked servers reopens
According to Digital Shadows, the criminal market has resurfaced on a Tor network domain with one crucial difference: it now demands a $50 (£38, €45) enrollment fee for access.
Researchers at Digital Shadows reported today that a June 24 post to the Russian-language forum, exploit[.]in, included a link to the .onion site now hosting xDedic.
After a brief hiatus, the makers of xDedic have been quick to revive the marketplace, security firm Digital Shadows said on Tuesday.
Alastair Paterson explained that extortion is one of the seven cyber threats that any financial services firm should know about.
"It takes time for organizations to materially improve their security maturity, so 'it's likely that Ashley Madison and Avid Media still have significant opportunities to mature,' Holland remarked."
"We have certainly noted an increase in the use of Brexit-related topics in email to encourage users to click on content since last Friday’s referendum," James Chappell.
"We have certainly noted an increase in the use of Brexit-related topics in email to encourage users to click on content since [the] referendum." - James Chappell
There had been a sharp rise in such attacks since polling day, James Chappell, co-founder of London cybersecurity company Digital Shadows, told the Telegraph.
Digital Shadows urged people to keep a close on eye on emails referring to FTSE changes, currency fluctuations and political uncertainty, and to avoid clicking on any shady-looking links if...
James Chappell advises, “Do not open attachments or click on links and delete this type of email straight away.”
"We have certainly noted an increase in the use of Brexit-related topics in email to encourage users to click on content since last Friday’s referendum," said James Chappell.
Daily Mail: Beware the ‘Brexit’ emails that hack into your computer and promise to protect your savings
Emails promising to protect savers against turmoil in financial markets are already appearing, according to security firm Digital Shadows.
Cybercriminals exercise Opsec in a number of ways, noted Rick Holland, vice president of strategy at Digital Shadows.
James Chappell of Digital Shadows said that the problem lay with 'individual human behaviour' noting training had to be more innovative.
Alastair Paterson gives an overview of the most common types of attacks that financial service providers should understand in order to better protect themselves.
Holland suggested that in order to protect themselves from attacks like these, "enterprises should focus on fundamentals like segmented networks, the fundamental of least privilege and increasing visibility to quickly detect and respond to...
Rick Holland discusses how buyers with the ability to purchase this much data likely have the capability to collect it themselves at a lower cost.
Rick Holland discusses how cybercriminals exercise Opsec in a number of ways.
Three main tactics are behind cyber extortion: the threat of distributed denial of service (DDoS), the threat of data compromise and ransomware.
James Chappell discusses why organizations should focus on reducing the time to discovery.
"It’s right to embrace all these new technologies and continue to outsource, but you need to look at the vendors and assess their security and check the data that is...
“Data breaches and other security incidents are unfortunately inevitable in most modern businesses and any proposed legislation should recognize this and offer a mix of ‘carrot and stick' – fines...
The Lurk group hacker arrests in Russia came at the same time as the shutdown of a major exploit kit, ransomware family and botnet. Chappell notes that it is not publicly known...
"The only really effective tool available to you is to continually monitor uses of that information on an ongoing basis," says Chappell.
Rick Holland suggests users protect passwords by not using password managers, enabling multifactor authentication whenever possible, investigate credential dumps to determine if employees are at risk and enable multi-factor authentication for...
Cyber crime is big business and that means the people behind it face many of the same challenges as legitimate organizations, including operational security (OPSEC).
In addition to mapping out use cases, it is important to have an inventory of the devices and different versions of mobile OSes that connect to your network, according to...
When done well, OPSEC denies adversaries information they could use to do harm to an organization or individual. But criminals also use OPSEC as a means to an end.
According to Rick Holland, another classic military aspect has been ported to the cyber-realm: Operations security, or OpSec.
New research from Digital Shadows into the operational security practices of attacker groups shows that there is a wide variety in the quality and professionalism that attackers display when conducting...
Corporate IT managers ought to pick up tricks from spies and place Operations Security (OPSEC) at the heart of their security policies and practices, cyber intelligence outfit Digital Shadows argues.
Research from cyber situational awareness specialist Digital Shadows reveals that criminals are using OPSEC as a means to an end.
“Attacks are become more sophisticated involving criminals going so far as monitoring a CEO’s social media feed to best time and color a fake request for a wire transfer,” Paterson said.
San Francisco Business Times: Digital Shadows shines a spotlight on the dark places where cyberthreats lurk
Digital Shadows analyzes the “shadows” that companies leave online, meaning confidential information targeted by cyber criminals. It uncovers potential threats, data loss, stolen intellectual property and damage to brand and reputation.
The Dallas Morning News: London-based cybersecurity firm adding office in Dallas and looking to hire
Digital Shadows, a London-based cybersecurity firm with $22 million in backing, is opening an office in Dallas and looking to hire technology workers in the rapidly growing industry.
Business Insider: A London startup that has raised $22 million is expanding its US empire from San Francisco to Dallas
Digital Shadows — a cybersecurity startup that searches the darkest corners of the internet looking for the chatter associated with threats against specific organizations — is looking for talented technology...
The IT security firm in Canary Wharf is keen to develop the technology it has to help companies defend themselves against cyber attacks.
The new version of SearchLight enables customers to identify, verify and assess compromised credentials, and detect typosquatting domains. The company also introduced Topical Research Reports, increasing cyber situational awareness.
"The sudden closing of the ransomware project is strange, especially as TeslaCrypt was one of the most prevalent strains of ransomware at the time and was likely making significant money,"...
According to Chappell, it’s no longer enough simply to know that bad something has happened. Stolen data has turned from a problem of detection into one of deeper understanding and...
Bobs Guide took a look at the best cybersecurity fintechs out there and how they are making a difference for businesses worldwide.
The new update to the cyber situational awareness platform enhances the detection of typosquatting and breached credentials.
Always seeking to stay one step ahead of the game, the firm has just announced some new additions to its already impressive SearchLight data analysis platform.
Global merger and acquisitions (M&A) activity reached record-breaking deal values in 2015 at over $5 trillion. Whilst these vast sums excite shareholders, they also attract cyber criminals who sense an opportunity via...
By understanding the different types of incidents and the different returns, you can make a strong case for greater cyber situational awareness in the short- and long-term.
James Chappell talks about looking at external sources of information in order to gain a more comprehensive awareness of threats.
CBR: Before fighting a cyber attack, you have to find it first - How to tell if a data breach has hit your business
James Chappell discusses how an organization can understand where it is likely to be most vulnerable by understanding where key info assets, employee credentials and sensitive documents are being exposed online.
“Many [cyber security teams] are under-resourced and often use technology that simply bombards them with hundreds or thousands of alerts a day which are difficult to make sense of.’ -...
James Chappell discusses how gaining situational awareness can help organizations such as Uber make more effective security decisions.
While mergers and acquisitions propel companies forward, the M&A process also fuels significant opportunities for cyber criminals.
According to Mr. Chappell, interest in the criminal side of the dark web has led to the more positive connotations of having an anonymous online space being overlooked.
The 50 financial technology (fintech) businesses most likely to revolutionize the world of money, from currency transfer start-ups to invoice sharing apps, have been unveiled - and almost two-thirds hail from...
A company’s security infrastructure is more vulnerable during the Mergers and Acquisition (M&A) process, according to new research from Digital Shadows.
Digital Shadows found a growing interest among hackers for information involving companies involved in mergers and acquisitions, and advises companies in the deal-making process to be aware of potential threats and...
Cyber situational awareness can become a kill chain killjoy, serving as a valuable tool to gather intelligence about adversaries’ actions and our vulnerabilities and to thwart attacks.
Companies going through a merger or acquisition, as well as their lawyers, financial advisers, and other associated firms are all tempting targets for cyberattackers, according to a new report from...
Richard Stiennon discusses the explosive growth and chaotic dynamics of the threat intelligence market.
The security skills gap isn’t just affecting legitimate businesses; it’s also impacting the recruiting efforts of cybercriminals.
James Chappell discusses how criminality is an Internet-wide problem, rather than exclusively a problem limited to just the technologies that are labeled with the dark web.
CEO Alastair Paterson talks to FusionWire about Digital Shadows' move to San Francisco.
Financial Times: Risk management: fake social media sites drive growth of ‘threat intelligence’ sector
“Not every business faces the same risks, nor every industry, but what most organizations have in common is a lack of awareness of how widespread and serious the risks are.”...
IT-Harvest: Digital Shadows’ James Chappell Discusses Threat Intelligence, Cyber Situational Awareness, and More
James Chappell, co-founder and CTO of Digital Shadows, introduces the concept of cyber situational awareness, an all-encompassing take on threat intelligence as it pertains to each customer.
BrightTALK caught up with Digital Shadows CTO and Co-Founder James Chappell to get his thoughts on financial digitalization and whether the security can keep up, cyber situational awareness and how...
Enterprises must monitor their entire digital shadow in order to more accurately identify specific risks as they unfold.
Know your enemy: studying cybercriminal recruitment could prove invaluable.
According to new research by Digital Shadows, candidates have to fill out application forms, interview over Skype, and even go through a probationary period.
Research by Digital Shadows found cyber-criminals are also struggling to find the best talent who not only have the right technical knowledge but are trustworthy.
Rick Holland, vice president of strategy for Digital Shadows, notes that many online attack groups now openly advertise for new employees on both public and darknet sites.
Digital Shadows takes a look at how hackers recruit and finds some lessons learned for enterprises.
Cybercriminals and hacktivists face many of the same hiring problems as defending security organizations, but with their own particular twists, according to report released this morning.
The skills shortage has hit the attacking community too, with cyber-criminals also struggling to find the right talent.
Cybercrooks, much like ethical security defenders, are facing a skills crisis and difficulties in recruiting qualified staff.
Tracking a cyber adversary that is recruiting and the skills they desire can improve the overall maturity of an organisation’s security programme, according to Digital Shadows.
A thriving market now exists to help cybercriminals promote themselves – or what they’ve stolen – as well as recruit new talent.
In 2015 we saw a surge in attacks that involved extortion, social engineering, credential-stealing malware and sophisticated threats.
Digital Shadows named one of the “20 Cybersecurity Startups To Watch In 2016” with its recent funding and all-star security executives.
Southern Fried Security hosts Episode 174 on the topic of threat intelligence, and discusses the Digital Shadows funding round and what this means for the market.
Tech City News: Over $120m UK investment, Tech Nation Report, Amsterdam in the spotlight & more in your week in tech
Cybersecurity startup Digital Shadows has closed a $14m series B round.
Over in the U.K., B2B Software-as-a-Service company Digital Shadows announced Tuesday (Feb. 9) that it secured $14 million in funding.
A UK-based company offers a new approach to cybersecurity monitoring for oil and gas and other industries.
Digital Shadows says it continuously monitors more than 100 million data sources in 27 languages to provide client organizations with an “attacker’s eye view” of their exposed data and risks...
UK cyber security startup Digital Shadows, which sells a SaaS service to businesses wanting to monitor and manage potential risks by keeping tabs on activity related to their digital footprint...
A London and San Francisco-headquartered startup that helps banks prevent cyber-attacks has raised new money from Silicon Valley investors, as financial institutions increase their focus on protecting against digital threats.
Business Insider: Digital Shadows has raised $14 million for its security platform that helps businesses monitor the darkest corners of the internet
Digital Shadows has raised $14 million for its security platform, bringing total investment in the company to $22 million.
Computer Business Review: UK cybersecurity start-up Digital Shadows raises $14m to expand data analytics tool
Digital Shadows has announced that it has closed a Series B funding round of $14m.
Tech City News: Cybersecurity startup Digital Shadows closes $14m funding round led by Trinity Ventures
Cybersecurity startup Digital Shadows has closed a $14m Series B funding round led by Trinity Ventures.
In these uncertain times, Digital Shadows looks determined to buck the trend and announces $14m series B funding led by Trinity Ventures.
City A.M.: London Fintech startup Digital Shadows raises $14m from Trinity Ventures, Paladin Capital and existing investors
One of London’s up and coming fintech startups Digital Shadows has landed $14m of new funding from venture capital investors.
“Britain has always been a buyer of cybersecurity, never a creator – until now.”
Government plans to support UK security start-ups have been welcomed as a crucial support mechanism for UK industry.
As security professionals, it’s our job to enable business while protecting it; embracing social media is an imperative, but we also need to mitigate the exploitation of what our organizations...
Digital Shadows named as a Bloomberg Business Top Innovator of 2016, a new initiative from Bloomberg to champion and showcase 50 of the UK’s most exciting breakthrough companies.
Former analyst Rick Holland outlines what he sees as the future of threat intelligence in his new role at threat intel provider Digital Shadows.
When planning an attack, criminals study their target victims looking for the weakest links. We should be learning what they do.
Predictions describe a set of events that will or are highly likely to happen in the future; they connote a degree of inevitability.
Entrepreneurs have been ramping up their workforces as they try to make a name on the world stage. Alastair Paterson talks to the Sunday Times about Digital Shadows' success in 2015.
Cyber situational awareness shifts from only delivering generic threat intelligence that informs, to also delivering specific information to defend against adversaries launching targeted attacks against an organization or individual(s) within...
James Chappell, CTO and Co-Founder, discusses the targeting of retailers' loyalty card schemes.
Digital Shadows offer predictions for security threats in 2016.
James Chappell, Chief Technology Officer and Co-Founder at Digital Shadows, discusses how organizations can exploit the digital shadows their adversaries cast.
Our vulnerability online has quickly become the top concern of British consumers, and it’s totally justified. James Chappell, CTO and Co-Founder of Digital Shadows, talks to the Memo.
Security experts say the vulnerabilities of "Internet of Things" devices such as fitness bands, smartwatches, drones and connected appliances could be exploited as consumers adopt these products for the holiday season.
The Dark Web’s sinister allure draws outsized attention, but time-strapped security teams would benefit from knowing what's already circulating in places they don't need Tor or I2P to find.
More than one IT security expert has warned CISOs need to be proactive to thwart cyber attacks before they get started rather than be play defence.
The adversary also casts a shadow similar to that of private and public corporations. These ‘shadows’ can be used to better understand the threat you face.
Digital Shadows, which operates a search engine for services running on Tor and other deep web networks, also had records of Moneybookers accounts for sale as far back as 2010...
From the right to be forgotten to preventative techniques, Aleks Krotoski talks to CEO Alastair Paterson and examines how businesses and individuals can take control back when it comes to...
James Chappell, CTO of Digital Shadows, talked to Byron Acohido of ThirdCertainty about how attackers use Twitter.
Not a day goes by without another cyber attack being reported: in December Sony Pictures was hacked; in August hackers released the personal information of 37 million users of infidelity...
What's lacking in many organisations' cyber-defences is cyber-situational-awareness that provides a more holistic and specific view of threats and vulnerabilities relevant to your organisation says Alastair Paterson.
It was expected that Ashley Madison customers might be being extorted following the site's data breach, and this is indeed now happening according to cyber-security company, Digital Shadows.
Alastair Paterson, CEO of Digital Shadows, writes in Infosecurity magazine about the rise of the Internet of Things, the opportunities and risks to business.
The conventional wisdom among SMB owners who do not handle a lot of very confidential or sensitive data is that they will not be targets of cybercriminals.
Alastair Paterson and James Chappell talk to Real Business about how their different approach to cyber security may be the UK's needed solution.
Digital Shadows analysts found DrXanax, who did indeed appear to ship from Canada, was just one of many vendors offering replicas of Xanax…in Tor-based marketplaces, including two of the biggest:...
Security intelligence is a hot buzzword in the modern IT marketplace, but it's a term that means different things, depending on the vendor and the context.
Key features: empowers customers to achieve an "attacker’s eye view" of their organizations with cyber situational awareness, including new cybercrime capabilities, attacker activity trending, and extended reporting and search.
Although many of the security risks posed by IoT devices are localized -- attacks on a single home or a public access point -- local attacks can have larger consequences
Attackers are strangers, visitors from the unknown. Digital Shadows knows how to unmask them.
A cybercriminal group going by the name “DD4BC” is blackmailing financial institutions, threatening to take down their customer websites unless they pay a hefty bitcoin ransom.
Alastair Paterson discusses how cyber situational awareness can help protect against cyber-attacks, loss of intellectual property and loss of brand and reputational integrity.
The Ashley Madison breach has been a Christmas-in-August present for spammers and scammers of all kinds, and your company could be the next target.
Barclays Plc is hacking its own computer systems to stay a step ahead of the criminals.
Digital security is booming and attracting more British entrepreneurs. The Sunday Times looks at the companies that hope to become world leaders.
Looking at your organization from the outside in helps you understand who is likely to attack, why, how and where.
New government business adviser says Britain will easily surpass Silicon Valley in finance technology.
Listen to the TechCityInsider interview with Alastair Paterson, Digital Shadows CEO.
When we go online to tweet, post, like, email or chat we surrender small pieces of our identity as we do so - a surname here, a nickname there, the...
Office space Level39 in Canary Wharf is the biggest hub of fintech talent in London, and possibly the world.
The Telegraph: Ashley Madison hack – more than one million British adulterers could be at risk of blackmail
Warnings that hackers could blackmail individuals, as the threat of class action suits hits the website that encourages cheating.
Dismissing the existence of "The Impact Team", the name given by the Ashley Madison hackers, McAfee claimed there was only one person involved in the attack.
Millions of users of the infidelity website may have good reason to be worried as cybercrime experts warn that ‘Impact Team’ may be focused on blackmail.
A Canadian company that runs an adultery website with 37 million user profiles has been hacked by a group that says it has stolen private information, including names, nude photos...
The adultery website Ashley Madison has been hacked. Hackers stole large caches of data, including, it seems, information about users who paid to have their data deleted.
Millions of people who used the "have an affair" website Ashley Madison faced exposure Monday after a breach by hackers seeking to shut it down.
While the breach at the Italian spyware firm shines a light on the shadowy world of surveillance technology, it has also made the Web a much more dangerous place, giving...
A new report from The Ponemon Institute reveals that security staff spend a significant portion of their time chasing up 'false positive' malware alerts, with faulty cyber-intelligence to blame.
Digital Shadows hunts through the deep, dark web for the hidden threats that could topple global businesses.
The battle to prevent the leak of IP to the web is often lost. Managing a company’s ‘digital shadow’ is now the priority, explains James Chappell.
Digital Shadows and Growth Intelligence, both Level39 and High Growth Space members, started off in humble beginnings – small teams, small spaces but big ideas.
Financial News’s annual Fintech 40 list represents a snapshot of the industry, and the changes this year speak volumes for the growth of the sector across Europe during the past...
Digital Shadows, the Level39 and High Growth Space member, scooped the Europa award for ‘Best Cybersecurity Startup’ at last week’s awards ceremony.
Digital Shadows CTO James Chappell discusses how to use big data and data analytics to stay ahead of attackers.
Digital Shadows received the Europa award for ‘Best Cybersecurity Startup’ at the recent European Tech Start-Up Awards. Thanks to everyone who voted for us!
Digital Shadows have been named in Informilo's list of 'Top 25 Hottest London Start-ups' for 2015. Read the full article here
Founded in 2011, cyber security intelligence startup Digital Shadows has created a big data analytics and threat intelligence platform that monitors sensitive information in cloud, mobile and social networking services.
The CTO of tech start-up Digital Shadows has spoken about the dangers of leaving the EU for UK businesses.
To help financial companies thwart attacks, Digital Shadows is taking the offensive.
Alastair Paterson, CEO of Digital Shadows, was named on Inc.com among the list of 10 'Tech Genuises' who are working to protecting peoples' digital lives.
Digital Shadows were recently featured on Inc.com. The article describes how we "monitor the web for scams" and "keep tabs on the world's hacker groups, mapping their attacks for their...
Digital Shadows CEO, Alastair Paterson, spoke to Forbes about the recent headlines surrounding the Evolution marketplace.
James Ashton spoke with James Chappell, CTO and co-founder of Digital Shadows, to discuss how London security start-ups are leading the world in the war against massive financial data heists.
Digital Shadows are proud to be named in Informilo's list of Top 25 EMEA Start-Ups To Watch In 2015.
Dan Raywood, editor of IT Security Guru, tasked Digital Shadows to unearth his digital footprint. He added "What I wanted to learn about in this instance was how big my...