Until the 13th of July, 2021, things appeared to be going as expected with the threat actors behind REvil (AKA Sodinokibi) ransomware. Then, suddenly, the fairly public group vanished. With them disappeared their notorious “Happy Blog,” payment page, and other infrastructure that supported their ransomware and extortion operations. That same day, their primary representative was […]
Digital Shadows (now ReliaQuest)’ Photon Research Team recently released a comprehensive examination of the Analysis of Competing Hypothesis (ACH) method, in a full paper: Applying the Analysis of Competing Hypotheses to the Cyber Domain. Striving for analytical rigor in intelligence analysis is a given, but achieving it can be a challenge. To grease the […]
In November 2016, Tesco Bank suffered a series of fraud attacks that allowed cybercriminals to check out with £2.26m (roughly $3 million) in customer funds. Two years on, Dr Richard Gold and Simon Hall join Rafael Amado to discuss the UK Financial Conduct Authority’s (FCA) investigation into the attacks, which resulted in a fine of […]
Organizations rely on Digital Shadows (now ReliaQuest) to be an extension of their security team. Our global team of analysts provide relevant threat research, much needed context, tailored remediation advice and managed takedown support to make our clients’ jobs easier and more efficient. Crucially, by having analysts within the intelligence and collection cycle, we’re able […]
This time last year, we looked back at the blogs that caught our readers’ attention the most. In 2016, it was our Analysis of Competing Hypotheses of the Tesco Bank incident that reached the top of the pile. In 2017, it was yet another ACH that topped the Digital Shadows (now ReliaQuest) blog charts. WannaCry: […]
Following the furore of last month’s WannaCry ransomware attacks, Digital Shadows (now ReliaQuest) produced an Analysis of Competing Hypotheses (ACH) table to make some initial assessments on the type of actor most likely to have been responsible for the campaign. First and foremost, the ACH method was chosen as it allows us to assess the […]
On 12 May 2017, as the WannaCry ransomware spread across computer networks across the world, a variety of explanations also began to worm their way through the information security community. Who was responsible for the WannaCry campaign? And what was the objective? Ransomware suggested it was the work of cybercriminals, although, given the sheer scale […]
On November 6, 2016 multiple UK media outlets reported that the UK-based Tesco Bank had informed approximately 40,000 customers that fraudulent activity had been detected on their accounts between November 5 and 6, 2016. It was initially reported that approximately 20,000 of these accounts had been the victim of successful fraudulent transactions. However, it was […]