Skip to Content

Tag: Data Exposure

SolarWinds Compromise: What security teams need to know

The Cybersecurity and Infrastructure Security Agency (CISA) recently released an Emergency Directive reporting on a long-running supply-chain attack actively exploiting product updates by the IT management company SolarWinds.  Attackers were able to monitor SolarWinds’ network traffic and maintain persistence on affected systems and environments by leveraging trojanized versions of product updates. The campaign likely began […]

Help your development teams keep their keys safe

Modern development practices are a blessing and a curse for organizations. Efficiency gains delivered by distributed workforces, and blended in and out-sourced development teams require collaboration tools like online code repositories. But these tools increase the chance of mistakes and create another attack surface to monitor for security problems. Security teams need new tools to […]

Modern Software Development and DevSecOps: Despite security controls, data leaks persist

Quick Synopsis No matter how many software developers you employ, development processes or cultures (such as DevOps or DevSecOps) that you adopt, sensitive technical data such as code, credentials or security infrastructure can still be prone to online exposure.  In this blog, we walk you through how modern software development practices lead to technical leakage, […]

Reducing technical leakage: Detecting software exposure from the outside-in

Modern Development Practices Leads to Increased Exposure As customers, we can be a bit demanding when it comes to technology products. We want the latest products, features – or the most recent versions of those. We’re not stuck for choice though. Rather, our menu of technology products is always growing. These days, companies are all […]

Law Firm Uncovers Exposed Sensitive Details About Top Attorney Online

VIPs and executives who are critical to your company and brand can be targeted by threat actors or groups who exploit their personal information to cause financial, brand or reputational damage – or even physical harm. Law firms are among the targets for this type of criminal activity as they possess sensitive data that threat […]

81,000 Hacked Facebook Accounts for Sale: 5 Things to Know

This morning, the British Broadcasting Corporation (BBC) published an article detailing how online actors had obtained and advertised at least 81,000 Facebook user accounts for sale. Digital Shadows (now ReliaQuest) assisted the BBC with its investigation, which included verifying the dataset in question. With so much confusion around the origins of these accounts and the […]

Thedarkoverlord Out to KickAss and Cash Out Their Data

A user claiming to be the notorious darkoverlord extortionist threat actor has appeared on a dark web cybercriminal forum offering breached datasets for sale. In this blog, Digital Shadows (now ReliaQuest) analyzes whether this is a case of a copy-cat actor hoping to profit from thedarkoverlord name, or whether this marks a genuine return for […]

GAO’s Equifax Post-mortem Report

It’s common for the exciting and novel issues that confront security professionals on a daily basis to be hyped up. Very often the reporting and discussion focuses on 0day exploits, nation state actors, sophisticated intrusions and theoretical attack classes. The reality, however, is much more mundane. This point is driven home by the GAO (General […]

Security Analyst Spotlight Series: Heather Farnsworth

Organizations rely on Digital Shadows (now ReliaQuest) to be an extension of their security team. Our global team of analysts provide relevant threat research, much needed context, tailored remediation advice and managed takedown support to make our clients’ jobs easier and more efficient. Crucially, by having analysts within the intelligence and collection cycle, we’re able […]

Digital Shadows (now ReliaQuest) Contributes to Insider Threat Research

On July 30, Forrester published its latest research report on malicious insiders, Defend Your Data As Insiders Monetize Their Access. With research content provided by Digital Shadows (now ReliaQuest), the report details how insiders with valuable data or privileged access are using online forums and marketplaces to find buyers. At the same time, cybercriminals are […]