Close Window

BREAK FREE

FROM APPLICATIONS

BLOG

RECENT NEWS

21

Dec

2018

Most Popular Security Blog Topics of 2018

by Michael Marriott - Digital Shadows Senior Strategy & Research Analyst

It’s been a busy year for the Digital Shadows blog, with almost 150 blogs published since January 1. We share some of the most popular security blogs and themes for this year.

US-CERT Draws on Digital Shadows Research

It’s been a pleasure to have had our blogs featured in a couple of US-CERT alerts. First, in July, we released research on the growing threats to ERP (Enterprise Resource Planning) Applications, which led to a US-CERT alert, Malicious Cyber Activity Targeting ERP Applications, on the same topic.

Second, in October, our advice for securing PowerShell was referenced in US CERT’s note on how five publicly-available tools have been used for malicious purposes. You can read the full advisory here: Publicly Available Tools Seen in Cyber Incidents Worldwide.

MITRE ATT&CK Grows in Popularity

The MITRE ATT&CK framework, which provides a common vocabulary for how to talk about threat intelligence, has grown significantly in popularity and adoption in 2018. Drawing on the many indictments unsealed in 2018, we have published numerous blogs that map public indictments to the MITRE ATT&CK framework, including those against GRU for interference in 2016 US election, FIN7FSB, and a North Korea Programmer. If you’re tired of reading, check out a podcast we recorded with Katie Nickels, the MITRE ATT&CK Threat Intelligence Lead, on this topic.

Mapping these indictments to the MITRE ATT&CK framework is useful, but it’s also important to map these to our defences. That’s why we pulled all of these assessments together and mapped them to the ASD Essential 8, helping to understand how we can best mitigate many typical adversary behaviours.

Alarming Amount of Data Exposed

Unsurprisingly, 2018 was yet another year with eye-watering amounts of data exposed with 4.5 billion breached records in the first half of 2018. This was most recently demonstrated through the breach of 500 million Marriott records.

While some data is exposed through intrusions, a staggering amount of information is already inadvertently exposed through employees and third parties.  Our “Too Much Information” research discovered over 1.5 billion files from a host of services, including Amazon S3 buckets, Rsync, SMB, FTP, NAS drives, and misconfigured websites. Almost all countries are affected, but the United States experienced the most exposure with 239,607,590 files.

There’s plenty more to come in 2019, so watch this space.

Source: Digital Shadows