#attacksurfacemanagement #cybersecurity
Attack Surface Expansion was recently named by Gartner as the №1 cybersecurity trend for 2022. Let’s take a look at why this is the year’s top trend.
▪️What exactly is attack surface expansion?
Businesses are experiencing massive growth in their digital footprints, with a near-constant deployment of new domains, websites, IP addresses, and more. Each of these new Internet-facing IT assets is a part of the attack surface.
▪️Why is attack surface expansion the №1 trend this year?
Attack surface expansion is making it hard to maintain a complete & up-to-date inventory of all external assets. If some assets are not inventoried and managed, they present serious risks. Addressing this challenge is a top priority.
▪️How does Group-IB Attack Surface Management help?
Group-IB ASM continuously discovers all of your external assets to uncover shadow IT and other hidden risks, identifies potential vulnerabilities, assesses risk using Group-IB Threat Intelligence data, and prioritizes issues for remediation so you can proactively improve security posture.
Learn more about the solution here👈
Attack Surface Expansion was recently named by Gartner as the №1 cybersecurity trend for 2022. Let’s take a look at why this is the year’s top trend.
▪️What exactly is attack surface expansion?
Businesses are experiencing massive growth in their digital footprints, with a near-constant deployment of new domains, websites, IP addresses, and more. Each of these new Internet-facing IT assets is a part of the attack surface.
▪️Why is attack surface expansion the №1 trend this year?
Attack surface expansion is making it hard to maintain a complete & up-to-date inventory of all external assets. If some assets are not inventoried and managed, they present serious risks. Addressing this challenge is a top priority.
▪️How does Group-IB Attack Surface Management help?
Group-IB ASM continuously discovers all of your external assets to uncover shadow IT and other hidden risks, identifies potential vulnerabilities, assesses risk using Group-IB Threat Intelligence data, and prioritizes issues for remediation so you can proactively improve security posture.
Learn more about the solution here👈
Group-IB
External Attack Surface Management Solution | Group-IB Cybersecurity Products & Services
Attack Surface Management from Group-IB discovers all your external assets to uncover hidden risks like shadow IT and misconfigurations. Check it out!
👍2
#cybersecurity #advice
What scammers want is to steal your personal data or money. Let's not make it easy for them. We have prepared a set of recommendations to help you recognize scams and know what to do. Check them out!
What scammers want is to steal your personal data or money. Let's not make it easy for them. We have prepared a set of recommendations to help you recognize scams and know what to do. Check them out!
👍5
#ransomware #Hive
Here's a good example of cybersecurity researchers working together. Researcher named reecDeep has released the Hive ransomware V5 keystream decryption tool, with help from Andrey Zhdanov, Chief Malware Analyst and Threat Hunter at Group-IB.
Andrey has analyzed previous versions of Hive and published code and PoCs regarding their encryption mechanisms. He also helped identify the components involved in the encryption operations of Hive V5. You can check out the Hive V5 keystream decryptor here 👈
Hive affiliates have been busy as bees: the actual number of their victims is in the hundreds. Electronics retail giant MediaMarkt has suffered a Hive ransomware with an initial ransom demand of $240 million. Can you imagine the amount of money the new decryptor for Hive v5 can save? This money could be spent on new solutions to protect against ransomware attacks or on cybersecurity education.
Here's a good example of cybersecurity researchers working together. Researcher named reecDeep has released the Hive ransomware V5 keystream decryption tool, with help from Andrey Zhdanov, Chief Malware Analyst and Threat Hunter at Group-IB.
Andrey has analyzed previous versions of Hive and published code and PoCs regarding their encryption mechanisms. He also helped identify the components involved in the encryption operations of Hive V5. You can check out the Hive V5 keystream decryptor here 👈
Hive affiliates have been busy as bees: the actual number of their victims is in the hundreds. Electronics retail giant MediaMarkt has suffered a Hive ransomware with an initial ransom demand of $240 million. Can you imagine the amount of money the new decryptor for Hive v5 can save? This money could be spent on new solutions to protect against ransomware attacks or on cybersecurity education.
GitHub
GitHub - reecdeep/HiveV5_keystream_decryptor: bad stuffs by bad guys
bad stuffs by bad guys. Contribute to reecdeep/HiveV5_keystream_decryptor development by creating an account on GitHub.
🔥5🥰1
#Classiscam #phishing
The Classiscam scheme has been around for a long time and has significantly evolved since it first appeared. What do we know about it?
📍The scheme is currently popular in 64 countries in Europe, the CIS region, and the Middle East.
📍In total, more than 384 scam groups were found to be taking part in the scheme and using 169 brands including classifieds, delivery services, marketplaces, banks, and local businesses as part of their operations.
📍From April 2020 to February 2022, scammers who practiced this scheme made at least $29,500,000.
📍In total, investigators found about 2,000 topics on more than 60 specialized forums where threat actors were looking for workers to participate in phishing affiliate programs.
Want to learn more about this scheme? Check out our report "Demystifying Classiscam"👈
Don't forget that more than 70% of all cyberattacks start with the user. That's why it's vital to educate yourself in cybersecurity. Learn more⬅️
The Classiscam scheme has been around for a long time and has significantly evolved since it first appeared. What do we know about it?
📍The scheme is currently popular in 64 countries in Europe, the CIS region, and the Middle East.
📍In total, more than 384 scam groups were found to be taking part in the scheme and using 169 brands including classifieds, delivery services, marketplaces, banks, and local businesses as part of their operations.
📍From April 2020 to February 2022, scammers who practiced this scheme made at least $29,500,000.
📍In total, investigators found about 2,000 topics on more than 60 specialized forums where threat actors were looking for workers to participate in phishing affiliate programs.
Want to learn more about this scheme? Check out our report "Demystifying Classiscam"👈
Don't forget that more than 70% of all cyberattacks start with the user. That's why it's vital to educate yourself in cybersecurity. Learn more⬅️
❤1
#cybersecurity #INTERPOL
Group-IB took part in INTERPOL's 9th Africa Working Group Meeting on cybercrime in Kigali, Rwanda.
Kristina Ivanova, Deputy Head of APAC High Tech Crime Investigation Department, provided an overview of threats within the African Region and discussed how Group-IB tracks down cybercrime in collaboration with INTERPOL and other law enforcement agencies.
We were honoured to receive an award from INTERPOL: Group-IB does its best to make the world a cyber safer place.
Group-IB took part in INTERPOL's 9th Africa Working Group Meeting on cybercrime in Kigali, Rwanda.
Kristina Ivanova, Deputy Head of APAC High Tech Crime Investigation Department, provided an overview of threats within the African Region and discussed how Group-IB tracks down cybercrime in collaboration with INTERPOL and other law enforcement agencies.
We were honoured to receive an award from INTERPOL: Group-IB does its best to make the world a cyber safer place.
🔥10👍7❤3
#MXDR #XDR #FightAgainstCybercrime
Imagine that you are the head of the information security team and you want to build a multi-layered defense system against cyberattacks at all levels. You are starting to set up your arsenal, including antivirus software, antispam system, NGFW, IDS/IPS, sandbox… when suddenly you are faced with three belated observations:
📌 Solutions from different vendors conflict with each other, but they must somehow be made to work together cohesively.
📌 You install a SIEM system, which collects reports on the solutions across the entire corporate infrastructure in one place, but it does not help detect modern attacks, no matter what correlation rules are written for this purpose.
📌 You decide to install an EDR solution, which collects telemetry data from hosts and provide greater correlation and threat hunting capabilities. Yet, many cyber threats continue to fly under the radar.
What can you do? Deploy Group-IB Managed XDR!
Imagine that you are the head of the information security team and you want to build a multi-layered defense system against cyberattacks at all levels. You are starting to set up your arsenal, including antivirus software, antispam system, NGFW, IDS/IPS, sandbox… when suddenly you are faced with three belated observations:
📌 Solutions from different vendors conflict with each other, but they must somehow be made to work together cohesively.
📌 You install a SIEM system, which collects reports on the solutions across the entire corporate infrastructure in one place, but it does not help detect modern attacks, no matter what correlation rules are written for this purpose.
📌 You decide to install an EDR solution, which collects telemetry data from hosts and provide greater correlation and threat hunting capabilities. Yet, many cyber threats continue to fly under the radar.
What can you do? Deploy Group-IB Managed XDR!
👍2
Group-IB
#MXDR #XDR #FightAgainstCybercrime Imagine that you are the head of the information security team and you want to build a multi-layered defense system against cyberattacks at all levels. You are starting to set up your arsenal, including antivirus software…
#MXDR #XDR #FightAgainstCybercrime
The "elite niche" in the cybersecurity market is now occupied by XDR (Extended Detection and Response) systems. This is a new category of solutions designed for the advanced detection, response and prevention of threats. Managed XDR helps analyze adversary activity, learn how to hunt for threats, and combat cybercrime — a mission worthy of a superhero.
Managed XDR will help you to:
▪️ Collect, correlate, and analyze data across various sources, giving security experts a powerful tool that continuously monitors all events that occur within the network and on each device, as well as external events that can pose a threat;
▪️ Make incident response much faster, which minimizes damages and quickly stops adversaries;
▪️ Detect the widest possible range of threats, from phishing to sophisticated targeted attacks, in a fully automated manner;
▪️ Provide 360-degree visibility and manageability across all security solutions in order to get the most out of each of them;
▪️ Conduct in-depth investigations into incidents from patient zero (the first infected device on the network) to any further attack propagation, which helps control all potential infection vectors in the infrastructure.
The "elite niche" in the cybersecurity market is now occupied by XDR (Extended Detection and Response) systems. This is a new category of solutions designed for the advanced detection, response and prevention of threats. Managed XDR helps analyze adversary activity, learn how to hunt for threats, and combat cybercrime — a mission worthy of a superhero.
Managed XDR will help you to:
▪️ Collect, correlate, and analyze data across various sources, giving security experts a powerful tool that continuously monitors all events that occur within the network and on each device, as well as external events that can pose a threat;
▪️ Make incident response much faster, which minimizes damages and quickly stops adversaries;
▪️ Detect the widest possible range of threats, from phishing to sophisticated targeted attacks, in a fully automated manner;
▪️ Provide 360-degree visibility and manageability across all security solutions in order to get the most out of each of them;
▪️ Conduct in-depth investigations into incidents from patient zero (the first infected device on the network) to any further attack propagation, which helps control all potential infection vectors in the infrastructure.
Group-IB
Managed XDR: Managed Detection and Response | Cybersecurity Products & Services | Group-IB
Group-IB Managed XDR solution identifies threats in real time to enable immediate incident response actions
🔥2👍1
Group-IB
#MXDR #XDR #FightAgainstCybercrime The "elite niche" in the cybersecurity market is now occupied by XDR (Extended Detection and Response) systems. This is a new category of solutions designed for the advanced detection, response and prevention of threats.…
#MXDR #XDR #FightAgainstCybercrime
Want to learn more?
We have prepared this blog post to share with you — on behalf of Group-IB developers — what lies "under the hood" of Group-IB Managed XDR system, what technology it uses, and what approach our cutting-edge solution applies. Let's go!
Want to see Managed XDR in action?
Simply request a demo by completing this form👈
What if I still don’t understand, but want to?
If you struggle to understand cybersecurity terms and Group-IB’s solutions but you really want to, we are always happy to help. Check out our educational courses: click on the link!
Want to learn more?
We have prepared this blog post to share with you — on behalf of Group-IB developers — what lies "under the hood" of Group-IB Managed XDR system, what technology it uses, and what approach our cutting-edge solution applies. Let's go!
Want to see Managed XDR in action?
Simply request a demo by completing this form👈
What if I still don’t understand, but want to?
If you struggle to understand cybersecurity terms and Group-IB’s solutions but you really want to, we are always happy to help. Check out our educational courses: click on the link!
🔥1
#phishing #CERT
📦 Group-IB has identified a widescale phishing campaign targeting users in the Middle East by impersonating well-known postal services.
Since as early as 2020, the Group-IB Computer Emergency Response Team (CERT-GIB) analysts have detected over 270 domains making use of the regional delivery and postal service brands. All the domains were part of a single massive phishing infrastructure. Scammers have impersonated over 13 different delivery brands, postal operators, and public companies from at least eight different countries, including Bahrain, Egypt, Israel, Jordan, Kuwait, Qatar, Saudi Arabia, and the United Arab Emirates.
In line with its mission of fighting cybercrime, upon discovery, CERT-GIB has sent notifications to relevant regional Computer Emergency Response Teams so they could take actions when new resources appear.
📦 Group-IB has identified a widescale phishing campaign targeting users in the Middle East by impersonating well-known postal services.
Since as early as 2020, the Group-IB Computer Emergency Response Team (CERT-GIB) analysts have detected over 270 domains making use of the regional delivery and postal service brands. All the domains were part of a single massive phishing infrastructure. Scammers have impersonated over 13 different delivery brands, postal operators, and public companies from at least eight different countries, including Bahrain, Egypt, Israel, Jordan, Kuwait, Qatar, Saudi Arabia, and the United Arab Emirates.
In line with its mission of fighting cybercrime, upon discovery, CERT-GIB has sent notifications to relevant regional Computer Emergency Response Teams so they could take actions when new resources appear.
👍2
Group-IB
#phishing #CERT 📦 Group-IB has identified a widescale phishing campaign targeting users in the Middle East by impersonating well-known postal services. Since as early as 2020, the Group-IB Computer Emergency Response Team (CERT-GIB) analysts have detected…
#phishing #CERT
Using its patented Network Graph Analysis tool Group-IB researchers were able to unveil the links between infrastructures used for attacks in the Middle East. These domains are short-lived by design to complicate detection and instead, new websites are regularly created. According to Group-IB, the latest resource impersonating a Middle Eastern postal brand appeared on July 14, 2022.
How the scheme works:
▪️Customers awaiting an order may receive an email or an SMS from the national postal service requesting payment for a delivery or customs clearance fee.
▪️Following the link from the message, customers are redirected to a phishing page that requests their bank card details in order to process the payment.
▪️As soon as the customer submits the form, the sum of the "fee" is deducted from their bank account and transferred to cybercriminals, along with their bank card details.
Click here to learn more about the scheme and get recommendations on how to avoid being scammed 👈
Using its patented Network Graph Analysis tool Group-IB researchers were able to unveil the links between infrastructures used for attacks in the Middle East. These domains are short-lived by design to complicate detection and instead, new websites are regularly created. According to Group-IB, the latest resource impersonating a Middle Eastern postal brand appeared on July 14, 2022.
How the scheme works:
▪️Customers awaiting an order may receive an email or an SMS from the national postal service requesting payment for a delivery or customs clearance fee.
▪️Following the link from the message, customers are redirected to a phishing page that requests their bank card details in order to process the payment.
▪️As soon as the customer submits the form, the sum of the "fee" is deducted from their bank account and transferred to cybercriminals, along with their bank card details.
Click here to learn more about the scheme and get recommendations on how to avoid being scammed 👈
🔥3❤1
#CERT #scam #fakes
The Group-IB Computer Emergency Response Team (CERT-GIB) has been investigating several fake investment schemes which are targeting European citizens. In the course of the research, a gigantic network infrastructure was uncovered and analyzed, which contained over 10,000 rogue resources, including similar fraudulent ones aimed at the inhabitants of the entire Eurasian continent and North America.
The main goal of these schemes is to convince the victims to repeatedly transfer funds to the fake investment portal. The victims are usually promised huge returns on their investments and are shown "how I got rich" stories featuring celebrities.
In our latest blog post we take a deeper dive into the fake investments schemes, showcase a couple of them including a conversation with the scammers that we managed to record, and provide recommendations for the users. Check it out👈
The Group-IB Computer Emergency Response Team (CERT-GIB) has been investigating several fake investment schemes which are targeting European citizens. In the course of the research, a gigantic network infrastructure was uncovered and analyzed, which contained over 10,000 rogue resources, including similar fraudulent ones aimed at the inhabitants of the entire Eurasian continent and North America.
The main goal of these schemes is to convince the victims to repeatedly transfer funds to the fake investment portal. The victims are usually promised huge returns on their investments and are shown "how I got rich" stories featuring celebrities.
In our latest blog post we take a deeper dive into the fake investments schemes, showcase a couple of them including a conversation with the scammers that we managed to record, and provide recommendations for the users. Check it out👈
🔥4