Threat Hunting in Action: Shadowfall

While investigating a popular class of exploits, RSA Research detected a common thread running through multiple campaigns. Continued research led to the identification of a massive domain-shadowing operation underpinning numerous campaigns and a significant cross-section of criminal infrastructure. Join the RSA Research team as they discuss what they discovered and how they discovered it.

Title: Threat Hunting in Action: Shadowfall
Type: On-Demand
Date: 28 Jun 2017
Duration: 1 hr


Kevin Stear

Threat Analysis Lead


Ray Carney

Technical Analysis Lead


In June 2017, RSA Research embarked on a cross-organizational effort against RIG Exploit Kit (RIG EK or just plain RIG), which led to insight into the operational infrastructure (and possibly the entire ecosystem), as well as significant discoveries related to domain shadowing.

Read the Blog Now