Most Popular Security Blog Topics of 2018
by Michael Marriott - Digital Shadows Senior Strategy & Research Analyst
It’s been a busy year for the Digital Shadows blog, with almost 150 blogs published since January 1. We share some of the most popular security blogs and themes for this year.
US-CERT Draws on Digital Shadows Research
It’s been a pleasure to have had our blogs featured in a couple of US-CERT alerts. First, in July, we released research on the growing threats to ERP (Enterprise Resource Planning) Applications
, which led to a US-CERT alert, Malicious Cyber Activity Targeting ERP Applications
, on the same topic.
Second, in October, our advice for securing PowerShell
was referenced in US CERT’s note on how five publicly-available tools have been used for malicious purposes. You can read the full advisory here: Publicly Available Tools Seen in Cyber Incidents Worldwide
MITRE ATT&CK Grows in Popularity
The MITRE ATT&CK framework, which provides a common vocabulary for how to talk about threat intelligence, has grown significantly in popularity and adoption in 2018. Drawing on the many indictments unsealed in 2018, we have published numerous blogs that map public indictments to the MITRE ATT&CK framework, including those against GRU for interference in 2016 US election, FIN7
, and a North Korea Programmer
. If you’re tired of reading, check out a podcast we recorded
with Katie Nickels, the MITRE ATT&CK Threat Intelligence Lead, on this topic.
Mapping these indictments to the MITRE ATT&CK framework is useful, but it’s also important to map these to our defences. That’s why we pulled all of these assessments together and mapped them to the ASD Essential 8
, helping to understand how we can best mitigate many typical adversary behaviours.
Alarming Amount of Data Exposed
Unsurprisingly, 2018 was yet another year with eye-watering amounts of data exposed with 4.5 billion breached records
in the first half of 2018. This was most recently demonstrated through the breach of 500 million Marriott records
While some data is exposed through intrusions, a staggering amount of information is already inadvertently exposed through employees and third parties. Our “Too Much Information
” research discovered over 1.5 billion files from a host of services, including Amazon S3 buckets, Rsync, SMB, FTP, NAS drives, and misconfigured websites. Almost all countries are affected, but the United States experienced the most exposure with 239,607,590 files.
There’s plenty more to come in 2019, so watch this space.
Source: Digital Shadows