News & Insights

What does complete failure smell like at Shadowserver?

August 15, 2015
In any corporation there is a fine line between success and failure.  Part of that is how each one is dealt with.  We at Shadowserver are as proud of our successes as we are of our failures.  We try to be upfront when something breaks and explains what occurred.  We failed completely at that this time as well.

The Italian Connection: An analysis of exploit supply chains and digital quartermasters

August 10, 2015
On July 5, 2015 an unknown hacker publicly announced on Twitter that he had breached the internal network of Hacking Team - an Italian pentesting company known to purchase 0-day exploits and produce their own trojans. The hacker proceeded to leak archives of internal Hacking Team tools and communications.

How do you dispose of a Petabyte of disks?

July 9, 2015
With the advent of massive inexpensive storage also comes the issue of the disposal of that storage when it inevitably fails on you, usually taking something valuable with each failure. Even the best of disks will fail eventually and at the end of the week you have a large steaming pile of disks that are no longer useful but cannot just be tossed into the rubbish bin.

Of Privacy, Security, and the Art of Scanning

June 23, 2015
With all the recent news and attention on world events the concept and concern around privacy has increased over the last several years.  There seems to be a lot of confusion around the concepts of privacy and security.  It has been developing that many people and organization attempting to promote privacy are considering them synonymous.  In reality, they are two separate issues that can work together or may be mutually exclusive.

You have Mail!

December 19, 2014
Whelp, there it happens again.  It seems that our filters blew up again and everyone is receiving a much larger set of data than normal.

In the Service of National CERT's

December 11, 2014
Our goal as always has been to get data about infected, compromised or abuse-able hosts to the network owners as efficiently as possible.  The most consistent and effective vehicle for that is using National CERT's.  In many ways they are the gateway to the rest of the networks of a country.

Of Scannings and Statistics

August 22, 2014
We have been engaged in scanning of the internet for its better health for over a year (we started with a few, then grew to a dozen).  The decreases in abusable systems has dropped significantly in several areas.  We have also had an inadvertent effect of identifying networking misconfiguration on many networks which has helped improve the stability and security of those organizations.

Gameover Zeus & Cryptolocker

June 8, 2014
On Monday June 2nd 2014, the US Department of Justice announced an ongoing operation to take down the infamous Gameover Zeus and CryptoLocker cybercrimal botnet infrastructures. "Operation Tovar" is a joint effort between international law enforcement agencies, such as the FBI, UK NCA and Europol/EC3, plus multiple private partners.

A bit too much DNS Data in Open Resolver Report from 2014-05-22

May 23, 2014
While this has been communicated via e-mail to most of our report recipients, we wanted to make a quick note on our blog regarding the Open Resolver report that recently went out dated 2014-05-22. Please disregard the DNS openresolver data from this data. It lists all DNS servers, not only the ones that are open resolvers.

Houston, we have a problem

March 29, 2014
Reporting has been fixed and all data going out in the reports again.