#GITEX #cybersecurity
Group-IB is at GITEX GLOBAL 2022, the Middle East’s largest technology exhibition! Make sure to meet our team at Spire Solutions stand, Hall 2 Stand H2-B1, to learn more about Group-IB’s full stack of threat hunting and intelligence solutions!
Group-IB also took part in the conference track of the event, as Principal Incident Response and Digital Forensics Analyst (MEA) Svetlana Ostrovskaya delivered a hugely insightful presentation detailing how Group-IB’s Compromise Assessment capabilities can help organizations discover the hidden threats in their network.
Group-IB is at GITEX GLOBAL 2022, the Middle East’s largest technology exhibition! Make sure to meet our team at Spire Solutions stand, Hall 2 Stand H2-B1, to learn more about Group-IB’s full stack of threat hunting and intelligence solutions!
Group-IB also took part in the conference track of the event, as Principal Incident Response and Digital Forensics Analyst (MEA) Svetlana Ostrovskaya delivered a hugely insightful presentation detailing how Group-IB’s Compromise Assessment capabilities can help organizations discover the hidden threats in their network.
👍7🔥6
#report #scam
As a founding partner of the Global Anti-Scam Alliance, Group-IB is committed to preventing scams and is continuously contributing to ScamAdviser.com reports in order to raise awareness and make the world a cyber safer place. In a new report titled The Global State of Scams - 2022, Group-IB's Head of Digital Risk Protection in Europe Dmitriy Tiunkin shares insights into scams and trends that are expected to emerge in the future.
Check out the full report👈
If you would like to learn more about Group-IB's approach to protecting against scams, check out our website👈
As a founding partner of the Global Anti-Scam Alliance, Group-IB is committed to preventing scams and is continuously contributing to ScamAdviser.com reports in order to raise awareness and make the world a cyber safer place. In a new report titled The Global State of Scams - 2022, Group-IB's Head of Digital Risk Protection in Europe Dmitriy Tiunkin shares insights into scams and trends that are expected to emerge in the future.
Check out the full report👈
If you would like to learn more about Group-IB's approach to protecting against scams, check out our website👈
🔥11👍1
#conference #fraud
Many organizations that are victims of fraud tend to consider it a cost of doing business. If the amount of fraud losses does not damage their bottomline or is covered by insurance, then they tend not to invest in fraud mitigation. What happens when they don’t investigate the instances of fraud and how does fraud contribute to other illegal activities?
Join Group-IB and FBI at MRC Singapore - Asia-Pacific Payments and Fraud Conference on November 1! In a joint presentation titled "Are you financing organized crime or terrorists while not fighting fraud?", Group-IB’s Fraud Protection Product Marketing Manager, Julien Laurent, Melissa McBee-Anderson, Management and Program Analyst, FBI, and Brett Chabot, Assistant Legal Attaché, FBI (U.S Embassy Singapore) will talk about fraud protection and the importance of investigating and sharing fraud attacks with the authorities.
More details about the event👈
Many organizations that are victims of fraud tend to consider it a cost of doing business. If the amount of fraud losses does not damage their bottomline or is covered by insurance, then they tend not to invest in fraud mitigation. What happens when they don’t investigate the instances of fraud and how does fraud contribute to other illegal activities?
Join Group-IB and FBI at MRC Singapore - Asia-Pacific Payments and Fraud Conference on November 1! In a joint presentation titled "Are you financing organized crime or terrorists while not fighting fraud?", Group-IB’s Fraud Protection Product Marketing Manager, Julien Laurent, Melissa McBee-Anderson, Management and Program Analyst, FBI, and Brett Chabot, Assistant Legal Attaché, FBI (U.S Embassy Singapore) will talk about fraud protection and the importance of investigating and sharing fraud attacks with the authorities.
More details about the event👈
🔥11👍2
#bugbounty
The winner of PDD Connecting Smartness Bug Bounty 2.0 Contest co-organized by Group-IB is announced. Our congratulations to Lim Keat Hui Justin, a third-year SIT student majoring in information security.
The contestants’ goal was to test a prototype of a living lab network that the JTC plans to build in a new SIT Campus in the Punggol Digital District that is under construction and due for completion in 2024. Industry partners will leverage SIT as a ‘living lab,’ using the institution’s open innovation ecosystem to pilot and test their prototypes in a real-life environment.
Although the contestants found no critical vulnerabilities and did not take control of the network, Lim Keat Hui Justin was able to bypass the authorization of a network router and expose some of its technical information. A panel of judges, which included CSA, JT Consultancy & Management, and Group-IB decided to award Justin a Certificate of Achievement and $500 worth of Vouchers.
The winner of PDD Connecting Smartness Bug Bounty 2.0 Contest co-organized by Group-IB is announced. Our congratulations to Lim Keat Hui Justin, a third-year SIT student majoring in information security.
The contestants’ goal was to test a prototype of a living lab network that the JTC plans to build in a new SIT Campus in the Punggol Digital District that is under construction and due for completion in 2024. Industry partners will leverage SIT as a ‘living lab,’ using the institution’s open innovation ecosystem to pilot and test their prototypes in a real-life environment.
Although the contestants found no critical vulnerabilities and did not take control of the network, Lim Keat Hui Justin was able to bypass the authorization of a network router and expose some of its technical information. A panel of judges, which included CSA, JT Consultancy & Management, and Group-IB decided to award Justin a Certificate of Achievement and $500 worth of Vouchers.
🔥9👍2
#hackathon
Hack them all!
Great news from our European HQ: Group-IB won the Police Hackathon 2022 organised by the Dutch police (Politie Eenheid Den Haag). As part of the team "Team Spirit", our guys from Incident Response, High-Tech Crime Investigation and Threat Intelligence departments solved the real cybercrime cases provided by the police. "Team Spirit" were runaway winners💪 Great job!
Group-IB's experts not only win hackathons, but share their knowledge with the community. Want to learn more about the most recent cybersecurity trends, technologies, and predictions? Check out Group-IB's reports 👈
Hack them all!
Great news from our European HQ: Group-IB won the Police Hackathon 2022 organised by the Dutch police (Politie Eenheid Den Haag). As part of the team "Team Spirit", our guys from Incident Response, High-Tech Crime Investigation and Threat Intelligence departments solved the real cybercrime cases provided by the police. "Team Spirit" were runaway winners💪 Great job!
Group-IB's experts not only win hackathons, but share their knowledge with the community. Want to learn more about the most recent cybersecurity trends, technologies, and predictions? Check out Group-IB's reports 👈
❤11👍5
#ransomware #DeadBolt
Everything you need to know about DeadBolt ransomware in one blog post.
The Group-IB Incident Response Team investigated an incident related to a DeadBolt attack and analyzed a DeadBolt ransomware sample. Their investigation was the first full-fledged analysis of DeadBolt and included reverse-engineering the code in full to reveal the ransomware sample’s functionalities and capabilities.
Deadbolt ransomware is famous for a notorious attack on NAS manufacturer QNAP through the exploitation of a 0-day vulnerability in its software. The threat actors demanded 0.05 BTC from individual users of NAS for decrypting their data. For a ransom of 10 BTC, Deadbolt operators promised QNAP that they would share all the technical details relating to the zero-day vulnerability that they manipulated and for 50 BTC they offered to include the master key to decrypt the files belonging to QNAP’s clients who had fallen victim to the campaign.
Check out our latest blog post to learn more👈
Everything you need to know about DeadBolt ransomware in one blog post.
The Group-IB Incident Response Team investigated an incident related to a DeadBolt attack and analyzed a DeadBolt ransomware sample. Their investigation was the first full-fledged analysis of DeadBolt and included reverse-engineering the code in full to reveal the ransomware sample’s functionalities and capabilities.
Deadbolt ransomware is famous for a notorious attack on NAS manufacturer QNAP through the exploitation of a 0-day vulnerability in its software. The threat actors demanded 0.05 BTC from individual users of NAS for decrypting their data. For a ransom of 10 BTC, Deadbolt operators promised QNAP that they would share all the technical details relating to the zero-day vulnerability that they manipulated and for 50 BTC they offered to include the master key to decrypt the files belonging to QNAP’s clients who had fallen victim to the campaign.
Check out our latest blog post to learn more👈
👍4🔥3
#report #ransomware #OldGremlin
👿Don't ever feed gremlins after midnight.
Group-IB released a first threat report detailing the operations of a Russian-speaking ransomware group OldGremlin: "OldGremlin Ransomware: Never ever feed them after the Locknight". In just two years and a half, the "Gremlins" carried out 16 malicious campaigns.
📍OldGremlin remains one of the very few ransomware gangs targeting Russian companies. However, their growing ambitions can push them to explore new geographies in the future.
📍For the second year in a row, OldGremlin demanded the highest ransom from Russian organizations: in 2021 their largest ransom demand amounted to $4.2 million, while in 2022 it soared to $16.9 million.
📍The group’s victim list includes banks, logistics and manufacturing companies, insurance firms, retailers, real estate developers, and software companies. In 2020, the group even targeted a Russian arms manufacturer.
Group-IB wants to help security professionals better track OldGremlin and eliminate the risks of incidents involving the gang. Download our report to get detailed information about the current tactics, techniques, and procedures (TTPs) used by the attackers, which are described using MITRE ATT&CK®.
👿Don't ever feed gremlins after midnight.
Group-IB released a first threat report detailing the operations of a Russian-speaking ransomware group OldGremlin: "OldGremlin Ransomware: Never ever feed them after the Locknight". In just two years and a half, the "Gremlins" carried out 16 malicious campaigns.
📍OldGremlin remains one of the very few ransomware gangs targeting Russian companies. However, their growing ambitions can push them to explore new geographies in the future.
📍For the second year in a row, OldGremlin demanded the highest ransom from Russian organizations: in 2021 their largest ransom demand amounted to $4.2 million, while in 2022 it soared to $16.9 million.
📍The group’s victim list includes banks, logistics and manufacturing companies, insurance firms, retailers, real estate developers, and software companies. In 2020, the group even targeted a Russian arms manufacturer.
Group-IB wants to help security professionals better track OldGremlin and eliminate the risks of incidents involving the gang. Download our report to get detailed information about the current tactics, techniques, and procedures (TTPs) used by the attackers, which are described using MITRE ATT&CK®.
🔥9👍2
#MajikPOS #blog
Point-of-sale (POS) malware is a type of malicious software designed to infect POS terminals for the purpose of stealing payment data stored on magnetic stripes on the back of bank cards. On April 19, 2022, the Group-IB Threat Intelligence identified a Command and Control (C2) server of the POS malware called MajikPOS.
Our experts analyzed the server and established that it also hosts a C2 administrative panel of another POS malware called Treasure Hunter, which is also used to collect compromised credit card data. After analyzing the malicious infrastructure, Group-IB researchers retrieved information about the infected devices and the credit cards compromised as a result of this campaign. Since at least February 2021, the operators have stolen more than 167,000 payment records (as of September 8, 2022), mainly from the US. According to Group-IB’s estimates, the operators could make as much as $3,340,000 if they simply decide to sell the compromised card dumps on underground forums.
Read our latest blog post to learn more about the analysis of the MajikPOS and Treasure Hunter samples 👈
Point-of-sale (POS) malware is a type of malicious software designed to infect POS terminals for the purpose of stealing payment data stored on magnetic stripes on the back of bank cards. On April 19, 2022, the Group-IB Threat Intelligence identified a Command and Control (C2) server of the POS malware called MajikPOS.
Our experts analyzed the server and established that it also hosts a C2 administrative panel of another POS malware called Treasure Hunter, which is also used to collect compromised credit card data. After analyzing the malicious infrastructure, Group-IB researchers retrieved information about the infected devices and the credit cards compromised as a result of this campaign. Since at least February 2021, the operators have stolen more than 167,000 payment records (as of September 8, 2022), mainly from the US. According to Group-IB’s estimates, the operators could make as much as $3,340,000 if they simply decide to sell the compromised card dumps on underground forums.
Read our latest blog post to learn more about the analysis of the MajikPOS and Treasure Hunter samples 👈
👍1
#cybersecuritytips #breaches
The consequences of data breaches might be devastating for companies. This #CybersecurityAwarenessMonth we want to share with you some recommendations on how to prevent data leakages. Check them out!
The consequences of data breaches might be devastating for companies. This #CybersecurityAwarenessMonth we want to share with you some recommendations on how to prevent data leakages. Check them out!
🔥8