#CactusCon #LockBit #Ransomware
Group-IB at CactusCon ๐ต
Want to learn more about the latest operations of LockBit ransomware? Join Track 3 of the CactusCon, the largest annual hacker and security conference in Arizona, on Feb. 5. Group-IBโs head of DFIR team, Oleg Skulkin, will talk about LockBitโs TTPs and custom tools.
Save your spot now: https://www.eventbrite.com/e/cactuscon-10-tickets-161667538961
Group-IB at CactusCon ๐ต
Want to learn more about the latest operations of LockBit ransomware? Join Track 3 of the CactusCon, the largest annual hacker and security conference in Arizona, on Feb. 5. Group-IBโs head of DFIR team, Oleg Skulkin, will talk about LockBitโs TTPs and custom tools.
Save your spot now: https://www.eventbrite.com/e/cactuscon-10-tickets-161667538961
#cloud #email #phishing #cybersecurity
Cleaning the atmosphere: Weak points in modern-day corporate email security
In 26% of incidents investigated by Group-IBโs Digital Forensics Lab, company infrastructure was infected with ransomware through phishing links. According to Verizon, most malware is still delivered by email, with 46% of companies having been attacked almost exclusively via email in 2020, while social engineering was conducted via email 96% of the time. With so many companies and organizations having sped up adopting remote work practices recently, the situation is bound to worsen.
In a new blog post by Ilya Pomerantsev, a product analyst at Group-IBโs Network Security Department, we examine three real-life attacks attempted via corporate email, all of which were detected and stopped by Group-IBโs cloud email protection system Atmosphere.
Weโll take a look at how cybercriminals bypass:
๐นsender verification
๐นemail security solutions by using an attachment in a non-standard file format
๐นa sandbox using an office document
Check it out -> https://bit.ly/3HxfZ2j
Cleaning the atmosphere: Weak points in modern-day corporate email security
In 26% of incidents investigated by Group-IBโs Digital Forensics Lab, company infrastructure was infected with ransomware through phishing links. According to Verizon, most malware is still delivered by email, with 46% of companies having been attacked almost exclusively via email in 2020, while social engineering was conducted via email 96% of the time. With so many companies and organizations having sped up adopting remote work practices recently, the situation is bound to worsen.
In a new blog post by Ilya Pomerantsev, a product analyst at Group-IBโs Network Security Department, we examine three real-life attacks attempted via corporate email, all of which were detected and stopped by Group-IBโs cloud email protection system Atmosphere.
Weโll take a look at how cybercriminals bypass:
๐นsender verification
๐นemail security solutions by using an attachment in a non-standard file format
๐นa sandbox using an office document
Check it out -> https://bit.ly/3HxfZ2j
#email #security #test
Test your email security with 40+ attack simulations based on real incidents observed by Group-IB. See how you can improve your email protection with our automated security assessment tool โ Group-IB Trebuchet.
โ Itโs free. Absolutely free.
โ Itโs safe. All malware samples were modified to prevent access for attackers.
โ Itโs confidential. We do not harvest your data.
โ Itโs easy to use. All you need is a separate mailbox within your corporate domain, where Trebuchet will send 40+ emails representing real-life attack scenarios.
โ Itโs actionable. You will see the gaps in your existing email security straight away.
Test your email defenses now -> https://bit.ly/3uvVwqJ
Test your email security with 40+ attack simulations based on real incidents observed by Group-IB. See how you can improve your email protection with our automated security assessment tool โ Group-IB Trebuchet.
โ Itโs free. Absolutely free.
โ Itโs safe. All malware samples were modified to prevent access for attackers.
โ Itโs confidential. We do not harvest your data.
โ Itโs easy to use. All you need is a separate mailbox within your corporate domain, where Trebuchet will send 40+ emails representing real-life attack scenarios.
โ Itโs actionable. You will see the gaps in your existing email security straight away.
Test your email defenses now -> https://bit.ly/3uvVwqJ
#cybersecurity #antifraud #FHP
Group-IB teams up with Ingenuous
Group-IB has partnered with Ingenuous, a Melbourne-based financial crime prevention company. Group-IBโs flagship product for financial organizations, eCommerce, and government portals, Fraud Hunting Platform (FHP) now becomes available through Intuition by Ingenuous. Group-IB FHP guards more than 250 mln users of both web resources and mobile apps around the world against bot activity, account takeover, fake merchant, malware attacks and other types of fraud.
Ingenuousโs management team has more than 25 years of experience and a proven track record in developing, implementing, and supporting financial crime prevention solutions for the financial sector, insurance, eCommerce, telecom, and government companies across the region. A new partnership between Ingenuous and Group-IB delivers local companies a new level of real-time, enterprise fraud hunting across web and mobile channels.
More details here: https://bit.ly/3rDNuKQ
Group-IB teams up with Ingenuous
Group-IB has partnered with Ingenuous, a Melbourne-based financial crime prevention company. Group-IBโs flagship product for financial organizations, eCommerce, and government portals, Fraud Hunting Platform (FHP) now becomes available through Intuition by Ingenuous. Group-IB FHP guards more than 250 mln users of both web resources and mobile apps around the world against bot activity, account takeover, fake merchant, malware attacks and other types of fraud.
Ingenuousโs management team has more than 25 years of experience and a proven track record in developing, implementing, and supporting financial crime prevention solutions for the financial sector, insurance, eCommerce, telecom, and government companies across the region. A new partnership between Ingenuous and Group-IB delivers local companies a new level of real-time, enterprise fraud hunting across web and mobile channels.
More details here: https://bit.ly/3rDNuKQ
#Ransomware #DFIR #threathunting
Group-IB Threat Hunting Day APAC
Want make your threat hunting operations more efficient?
Tune in to the Threat Hunting Day on March 17 for:
๐A deep dive into ransomware threat landscape
๐A complete breakdown of modern TTPs used by threat actors based on real-world attack scenarios
๐Live demonstration of how to use actionable intelligence to respond to a human-operated ransomware attack in the first stages of its lifecycle
Register here โก๏ธ https://bit.ly/3gMOhTj
Group-IB Threat Hunting Day APAC
Want make your threat hunting operations more efficient?
Tune in to the Threat Hunting Day on March 17 for:
๐A deep dive into ransomware threat landscape
๐A complete breakdown of modern TTPs used by threat actors based on real-world attack scenarios
๐Live demonstration of how to use actionable intelligence to respond to a human-operated ransomware attack in the first stages of its lifecycle
Register here โก๏ธ https://bit.ly/3gMOhTj
#Ransomware
Top 5 recommendations for preventing ransomware
With ransomware attacks on the rise, companies need to take a proactive approach to security. Group-IB has put together a list of actionable tips to help you protect your organization from the ransomware threats in 2022.
Check this out: https://bit.ly/34LeUWu
Top 5 recommendations for preventing ransomware
With ransomware attacks on the rise, companies need to take a proactive approach to security. Group-IB has put together a list of actionable tips to help you protect your organization from the ransomware threats in 2022.
Check this out: https://bit.ly/34LeUWu
#CyberPeaceBuilders #Cybersecurity #Volunteers
Group-IB joins the CyberPeace Institute CyberPeaceBuilders' community!
The CyberPeace Builders program members are all volunteers recruited from international companies. The program provides industry-grade expertise to NGOs to understand cyberthreats, to strengthen internal capabilities and up-skill staff to increase their resilience to cyberthreats.
Nick Palmer, head of global business at Group-IB: โThe CyberPeace Builders program is something that aligns closely with Group-IBโs mission of investigating and researching cybercrime while helping those they pray on. This initiative will allow Group-IB experts to devote their time as the see fit to help in this mission.โ
What does volunteering to be a CyberPeace Builder involve?
๐นBuilders are asked to volunteer approx 40 hrs p/year
๐นBuilders activities are broken down into small tasks of a few hours maximum.
๐นBuilders select the units of work they can do depending on their availability and skills.
๐นBuilders use available resources such as online tools and pre-existing materials that can be applied to different cybersecurity needs and to deliver services.
More about the CyberPeaceBuilders community: https://cyberpeaceinstitute.org/cyberpeacebuilders/
Group-IB joins the CyberPeace Institute CyberPeaceBuilders' community!
The CyberPeace Builders program members are all volunteers recruited from international companies. The program provides industry-grade expertise to NGOs to understand cyberthreats, to strengthen internal capabilities and up-skill staff to increase their resilience to cyberthreats.
Nick Palmer, head of global business at Group-IB: โThe CyberPeace Builders program is something that aligns closely with Group-IBโs mission of investigating and researching cybercrime while helping those they pray on. This initiative will allow Group-IB experts to devote their time as the see fit to help in this mission.โ
What does volunteering to be a CyberPeace Builder involve?
๐นBuilders are asked to volunteer approx 40 hrs p/year
๐นBuilders activities are broken down into small tasks of a few hours maximum.
๐นBuilders select the units of work they can do depending on their availability and skills.
๐นBuilders use available resources such as online tools and pre-existing materials that can be applied to different cybersecurity needs and to deliver services.
More about the CyberPeaceBuilders community: https://cyberpeaceinstitute.org/cyberpeacebuilders/
#Award #Cybersecurity
Group-IB wins 8 Gold Cybersecurity Excellence Awards 2022
๐ฅGroup-IB has been named a Gold winner by the Cybersecurity Excellence Award 2022 in the category "Best Cybersecurity Company" in Asia! Additionally, Group-IBโs products and services received Gold across 7 categories.
More details here: https://bit.ly/3gZFAoL
Group-IB wins 8 Gold Cybersecurity Excellence Awards 2022
๐ฅGroup-IB has been named a Gold winner by the Cybersecurity Excellence Award 2022 in the category "Best Cybersecurity Company" in Asia! Additionally, Group-IBโs products and services received Gold across 7 categories.
More details here: https://bit.ly/3gZFAoL
#Vietnam #Webinar #Ransomware #DFIR
Hi-Tech Crime Trends in Vietnam in 2022
Want to learn more about the current financial and ransomware threat landscape in Vietnam? Join Group-IB's webinar on March 24 where our local DFIR expert, Nam Le Phuong, will give an insight into the latest cybersecurity risks in Vietnam and ways to mitigate them.
Register here: https://bit.ly/3IHSW5t
Hi-Tech Crime Trends in Vietnam in 2022
Want to learn more about the current financial and ransomware threat landscape in Vietnam? Join Group-IB's webinar on March 24 where our local DFIR expert, Nam Le Phuong, will give an insight into the latest cybersecurity risks in Vietnam and ways to mitigate them.
Register here: https://bit.ly/3IHSW5t
#ransomware #threatintelligence #webinar #APAC
Group-IB Threat Hunting Day in APAC
Join us as we explore the latest ransomware threat landscape. Our threat hunting expert, Oleg Skulkin, will share a live demonstration of using actionable threat intelligence to respond to a human-operated ransomware attack in the first stages of its lifecycle.
Register now: https://bit.ly/3I2ESCs
Group-IB Threat Hunting Day in APAC
Join us as we explore the latest ransomware threat landscape. Our threat hunting expert, Oleg Skulkin, will share a live demonstration of using actionable threat intelligence to respond to a human-operated ransomware attack in the first stages of its lifecycle.
Register now: https://bit.ly/3I2ESCs
#AssetZero #EASM
Meet Group-IB AssetZero!
We are proud to present our new product AssetZero, an intelligence-driven attack surface management (EASM) solution. Never before has AssetZero been in greater need.
๐ปAs digital footprints and the complexity of IT infrastructures continue to grow, maintaining a complete and up-to-date asset inventory is becoming relevant as never before. In 2021, over 50% of Group-IBโs DFIR cases stemmed from a preventable, perimeter-based security error.
๐ปUnmanaged assets that create security risks include forgotten cloud instances running vulnerable software, open ports, misconfigured databases exposed to the open web, or web servers that were deployed without being added to official asset inventories. Such assets open doors for cybercriminals.
To help companies manage these critical but avoidable flaws, we created AssetZero. It is a fully cloud-based SaaS solution designed to discover, assess, and help manage your internet-facing assets in real time via all-in-one interface.
AssetZero leverages the full breadth and depth of Group-IBโs threat hunting and intelligence gathering ecosystem by:
โ continuously discovering all external-facing IT assets
โ identifying potential vulnerabilities
โ assessing risk using Group-IB Threat Intelligence & Attribution insights
โ prioritizing issues for remediation
โ enabling measurable improvements to security posture.
Watch the video for more insights!
Meet Group-IB AssetZero!
We are proud to present our new product AssetZero, an intelligence-driven attack surface management (EASM) solution. Never before has AssetZero been in greater need.
๐ปAs digital footprints and the complexity of IT infrastructures continue to grow, maintaining a complete and up-to-date asset inventory is becoming relevant as never before. In 2021, over 50% of Group-IBโs DFIR cases stemmed from a preventable, perimeter-based security error.
๐ปUnmanaged assets that create security risks include forgotten cloud instances running vulnerable software, open ports, misconfigured databases exposed to the open web, or web servers that were deployed without being added to official asset inventories. Such assets open doors for cybercriminals.
To help companies manage these critical but avoidable flaws, we created AssetZero. It is a fully cloud-based SaaS solution designed to discover, assess, and help manage your internet-facing assets in real time via all-in-one interface.
AssetZero leverages the full breadth and depth of Group-IBโs threat hunting and intelligence gathering ecosystem by:
โ continuously discovering all external-facing IT assets
โ identifying potential vulnerabilities
โ assessing risk using Group-IB Threat Intelligence & Attribution insights
โ prioritizing issues for remediation
โ enabling measurable improvements to security posture.
Watch the video for more insights!
Group-IB
External Attack Surface Management Solution | Group-IB Cybersecurity Products & Services
Attack Surface Management from Group-IB discovers all your external assets to uncover hidden risks like shadow IT and misconfigurations. Check it out!
๐1
Lost & Found: Discover Your External Attack Surface with AssetZero
๐From the IPv4 space and beyond to the deep and dark web, AssetZero maps out the Internet in its entirety. In yet another key differentiator, AssetZero's findings are augmented with Group-IB cyber threat intelligence data, including malware analysis, deep & dark web activity, credential dumps, and botnet logs.
๐All of the identified assets are displayed in a graphing analysis that shows how these services and resources are interconnected, making it easy to see which assets are linked and how.
๐After all external IT assets are discovered and inventoried, AssetZero identifies those that may be potential attack vectors, assigns a risk score to each issue, and prioritizes remediation tasks with threat intelligence insights.
All the data is available via an easy-to-use portal and dashboards that help to manage issues and prioritize risks.
๐Check out our latest blog post to learn more about the superior capabilities of Group-IB AssetZero!
๐From the IPv4 space and beyond to the deep and dark web, AssetZero maps out the Internet in its entirety. In yet another key differentiator, AssetZero's findings are augmented with Group-IB cyber threat intelligence data, including malware analysis, deep & dark web activity, credential dumps, and botnet logs.
๐All of the identified assets are displayed in a graphing analysis that shows how these services and resources are interconnected, making it easy to see which assets are linked and how.
๐After all external IT assets are discovered and inventoried, AssetZero identifies those that may be potential attack vectors, assigns a risk score to each issue, and prioritizes remediation tasks with threat intelligence insights.
All the data is available via an easy-to-use portal and dashboards that help to manage issues and prioritize risks.
๐Check out our latest blog post to learn more about the superior capabilities of Group-IB AssetZero!
๐ฅ3๐2
#CERTfin #Italy #ABIlab #threatintelligence #cybersecurity
Group-IB to support CERTFin in guarding Italian financial sector
Group-IB has become a technological partner and cybersecurity advisor to ABI Lab, the Italian research and innovation centre for the banking sector comprising of 120 Banks and 70 ICT companies, promoting the innovation and digitalisation of the whole Italian financial and insurance backbone.
Due to its battle-tested competence and experience in disrupting cybercrime in more than 60 countries, Group-IB was also selected as a provider of cyber threat intelligence for CERTFin. Led by the Bank of Italy, ABI (Italian Banking Association) and run by ABI Lab, CERTFin acts as a central hub for the exchange of operational and strategic information about cyber threats for Italyโs entire financial sector.
Leveraging its trademark Threat Intelligence & Attribution system, used by Europeโs leading banks, Group-IB will be entrusted with providing CERTFin with insights into:
๐phishing and scam campaigns carried out by cybercriminals
๐attempts to sell data stolen from local financial institutions,
๐sudden interest in purchasing accesses to potentially compromised networks
๐insight on current threats and dark web trends which could jeopardise the operations of the entities supported by CERTFin
For more details โก๏ธ https://bit.ly/3D4i8RH
Group-IB to support CERTFin in guarding Italian financial sector
Group-IB has become a technological partner and cybersecurity advisor to ABI Lab, the Italian research and innovation centre for the banking sector comprising of 120 Banks and 70 ICT companies, promoting the innovation and digitalisation of the whole Italian financial and insurance backbone.
Due to its battle-tested competence and experience in disrupting cybercrime in more than 60 countries, Group-IB was also selected as a provider of cyber threat intelligence for CERTFin. Led by the Bank of Italy, ABI (Italian Banking Association) and run by ABI Lab, CERTFin acts as a central hub for the exchange of operational and strategic information about cyber threats for Italyโs entire financial sector.
Leveraging its trademark Threat Intelligence & Attribution system, used by Europeโs leading banks, Group-IB will be entrusted with providing CERTFin with insights into:
๐phishing and scam campaigns carried out by cybercriminals
๐attempts to sell data stolen from local financial institutions,
๐sudden interest in purchasing accesses to potentially compromised networks
๐insight on current threats and dark web trends which could jeopardise the operations of the entities supported by CERTFin
For more details โก๏ธ https://bit.ly/3D4i8RH
Group-IB
Group-IB to support CERTFin to guard Italian financial sector
Group-IB, one of the global cybersecurity leaders headquartered in Singapore, has recently become a technological partner and cybersecurity advisor to ABI Lab, the Italian research and innovation centre for the banking sector comprising of 120 Banks and 70 ICTโฆ
๐ฅ7๐2โค1
#Scam #Singapore #DRP
Group-IB unveils three groups of fraudsters behind delivery scams in Singapore
Delivery scams in Singapore are on the rise. Since August 2021, more than 93 victims had fallen prey to such scams, with losses amounting to at least $140,000, according to the Singapore Police Force.
In 2021, Group-IB Digital Risk Protection team identified close to 150 domains mimicking postal brands from Singapore. Further research revealed three groups of scam actors utilising distinct scripts, distribution channels, and infrastructure for their fraudulent operations:
๐Group 1 demonstrated a scam alert that said "Phishing websites impersonating SingPost are using fake said notices and text messages to extract personal data"
๐Group 2 delivered a Trojan through their scam websites
๐Group 3 figured out a way to bypass OTP verification
Check out our fresh blog post to learn more โก๏ธ https://bit.ly/3JOFf53
Group-IB unveils three groups of fraudsters behind delivery scams in Singapore
Delivery scams in Singapore are on the rise. Since August 2021, more than 93 victims had fallen prey to such scams, with losses amounting to at least $140,000, according to the Singapore Police Force.
In 2021, Group-IB Digital Risk Protection team identified close to 150 domains mimicking postal brands from Singapore. Further research revealed three groups of scam actors utilising distinct scripts, distribution channels, and infrastructure for their fraudulent operations:
๐Group 1 demonstrated a scam alert that said "Phishing websites impersonating SingPost are using fake said notices and text messages to extract personal data"
๐Group 2 delivered a Trojan through their scam websites
๐Group 3 figured out a way to bypass OTP verification
Check out our fresh blog post to learn more โก๏ธ https://bit.ly/3JOFf53
๐1