Group-IB Trio Excelsπ
We are thrilled to announce that Anastasia Tikhonova, Head of Advanced Persistent Threats (APT) Research in Thailand, Jennifer Soh, Senior Cyber Investigation Specialist and Vesta Matveeva, APAC Head of Cyber Crime Investigation in Singapore have been named among the 30 finalists of the Top Women in Security ASEAN Region 2023 Awards! π
In addition to their inclusion in the prestigious Top 30 list, Anastasia, a first-time finalist, was also honored with a Security Researcher Award. Vesta accomplished a remarkable achievement by winning in four categories: Security Professional Ambassador, CyberSecurity Award, Top Woman in Security in the ASEAN Region, and the esteemed country award for Singapore.
The initiative aims to recognize the achievements of women who have made significant strides in enhancing the security industry across the ASEAN Region.
#FightAgainstCybercime #Cybersecurity #topwomeninsecurityASEAN
We are thrilled to announce that Anastasia Tikhonova, Head of Advanced Persistent Threats (APT) Research in Thailand, Jennifer Soh, Senior Cyber Investigation Specialist and Vesta Matveeva, APAC Head of Cyber Crime Investigation in Singapore have been named among the 30 finalists of the Top Women in Security ASEAN Region 2023 Awards! π
In addition to their inclusion in the prestigious Top 30 list, Anastasia, a first-time finalist, was also honored with a Security Researcher Award. Vesta accomplished a remarkable achievement by winning in four categories: Security Professional Ambassador, CyberSecurity Award, Top Woman in Security in the ASEAN Region, and the esteemed country award for Singapore.
The initiative aims to recognize the achievements of women who have made significant strides in enhancing the security industry across the ASEAN Region.
#FightAgainstCybercime #Cybersecurity #topwomeninsecurityASEAN
π₯25π4π3
What's even more terrifying than experiencing a cyber attack? Being unprepared with no action plan to fight it.
We canβt stress enough how important having an incident response strategy is, but our CEO, Dmitry Volkov can and did! Dmitry recently shared his valuable insights on how organizations can take their incident response to the next level to unlock opportunities for growth and resilience.
We discuss cyber threats, readiness-building, and examples of how Group-IBβs team of incident response experts assist businesses in navigating the challenges of cyber incidents.
Read all that Dmitry Volkov had to say here.
We canβt stress enough how important having an incident response strategy is, but our CEO, Dmitry Volkov can and did! Dmitry recently shared his valuable insights on how organizations can take their incident response to the next level to unlock opportunities for growth and resilience.
We discuss cyber threats, readiness-building, and examples of how Group-IBβs team of incident response experts assist businesses in navigating the challenges of cyber incidents.
Read all that Dmitry Volkov had to say here.
π₯10π4
Looking for quick reads about cybersecurity? Then look no further: our revamped Medium account packs our research, discoveries, and more into easy-to-read pieces for you to enjoy!
Check out our latest post about a threat actor called W3LL to see what can be behind a phishing email and glimpse into a clandestine marketplace for a closed community of hackers. Weβve recently published a very detailed report about that, but if you just have 4 minutes, our Medium is the perfect source to put you in the loop!
Check out our latest post about a threat actor called W3LL to see what can be behind a phishing email and glimpse into a clandestine marketplace for a closed community of hackers. Weβve recently published a very detailed report about that, but if you just have 4 minutes, our Medium is the perfect source to put you in the loop!
π7β€4
Strong network security hinges on staying informed about high-risk threats, potential adversaries, their attack tactics, and more.
This proved to be a critical gap for a leading global tier-1 bank that Group-IB helped address.
Want to know how? Read the compelling case study where our Threat Intelligence (TI) helped the bank transform its defenses.
Impressed by the effectiveness of TI, they wanted to take their cybersecurity to the next level with us. So, we introduced Digital Risk Protection (DRP).
Group-IB CERT, too, brought their exceptional monitoring and takedown capabilities into the mix.
Check out the case study and read all about it! ππ‘οΈπ
This proved to be a critical gap for a leading global tier-1 bank that Group-IB helped address.
Want to know how? Read the compelling case study where our Threat Intelligence (TI) helped the bank transform its defenses.
Impressed by the effectiveness of TI, they wanted to take their cybersecurity to the next level with us. So, we introduced Digital Risk Protection (DRP).
Group-IB CERT, too, brought their exceptional monitoring and takedown capabilities into the mix.
Check out the case study and read all about it! ππ‘οΈπ
π7π₯1
What a day to hunt for...cyber threats!
Group-IB presents a second edition of Hunting Rituals, a blog series that explores hunting techniques using one of the most effective solutions on the market β Group-IB MXDR. In this latest installment, we're taking a closer look at methods to spot the abuse of Windows Services.
Our new post focuses on hunting for process command line artifacts of service creation and hunting for registry artifacts of service creation, as they both go hand in hand. This time, we tested two hypotheses. One is obvious and allows us to avoid filtering massive data sets. The other creates more noise but enables us to unmistakably identify service creation events regardless of the tool or method used to create the service.
Follow our guide to see which approach brings more value and recreate the hunting process.
#ThreatHunting #MITREattackframework #WindowsService #huntorbehunted
Group-IB presents a second edition of Hunting Rituals, a blog series that explores hunting techniques using one of the most effective solutions on the market β Group-IB MXDR. In this latest installment, we're taking a closer look at methods to spot the abuse of Windows Services.
Our new post focuses on hunting for process command line artifacts of service creation and hunting for registry artifacts of service creation, as they both go hand in hand. This time, we tested two hypotheses. One is obvious and allows us to avoid filtering massive data sets. The other creates more noise but enables us to unmistakably identify service creation events regardless of the tool or method used to create the service.
Follow our guide to see which approach brings more value and recreate the hunting process.
#ThreatHunting #MITREattackframework #WindowsService #huntorbehunted
π5π₯4
π Knowledge is power!
Group-IB is delighted to announce the opening of an innovative education hub at our Dubai-based Digital Crime Resistance Center. At the Group-IB Training Center, our world-renowned experts will deliver a high-quality, analyst-led cybersecurity training and simulation experience that will upskill cybersecurity and IT professionals in the Middle East and Africa (MEA) region.
To find out more about our training programs in the UAE, check out our new post!
#Education #Knowledge #FightAgainstCybercrime #Cybersecurity
Group-IB is delighted to announce the opening of an innovative education hub at our Dubai-based Digital Crime Resistance Center. At the Group-IB Training Center, our world-renowned experts will deliver a high-quality, analyst-led cybersecurity training and simulation experience that will upskill cybersecurity and IT professionals in the Middle East and Africa (MEA) region.
To find out more about our training programs in the UAE, check out our new post!
#Education #Knowledge #FightAgainstCybercrime #Cybersecurity
π₯14β€2π1
Mining money must be funny. But not for cryptojacking victims.
Group-IB analysts discovered a hidden cryptojacking campaign on a popular website that receives over five million monthly visits. The threat actors had set up a script that installed malware on each visitor's computer, enabling them to download a cryptocurrency miner. While this software may seem relatively harmless, it can also be used to download and activate more destructive and dangerous programs.
Our latest blog post provides a detailed account of how we discovered and researched this cybercriminal campaign using Group-IB Managed XDR β an innovative solution designed for 24/7 threat monitoring, threat hunting, and countering attacks in real time.
Follow the link to get the details.
#Cybersecurity #FightAgainstCybercrime #cryptojacking #Infosecurity #crypto
Group-IB analysts discovered a hidden cryptojacking campaign on a popular website that receives over five million monthly visits. The threat actors had set up a script that installed malware on each visitor's computer, enabling them to download a cryptocurrency miner. While this software may seem relatively harmless, it can also be used to download and activate more destructive and dangerous programs.
Our latest blog post provides a detailed account of how we discovered and researched this cybercriminal campaign using Group-IB Managed XDR β an innovative solution designed for 24/7 threat monitoring, threat hunting, and countering attacks in real time.
Follow the link to get the details.
#Cybersecurity #FightAgainstCybercrime #cryptojacking #Infosecurity #crypto
π10
βNew global ransomware threat uncovered
ShadowSyndicate has been uncovered as a powerful Ransomware-as-a-Service (RaaS) affiliate through a joint investigation by Group-IB, Bridewell, and independent researcher Michael Koczwara. This research was conducted as part of Group-IB's new Cybercrime Fighters Club program, an innovative initiative that fosters collaborative knowledge exchange and joint cybersecurity research.
Key findings:
πΈ Active since July 2022, ShadowSyndicate has left its mark across 13 countries with SSH fingerprints on 85 servers.
πΈ ShadowSyndicate is strongly believed to have leveraged three ransomware families β Quantum, Nokoyawa, ALPHV, and researchers have identified potential links to four more.
πΈ Strong suspicions of employing IcedID and Matanbuchus malware for system infiltrations.
πΈ ShadowSyndicate frequently utilized off-the-shelf tools like Cobalt Strike and Sliver in their attacks.
π Learn more here
#ShadowSyndicate #Ransomware #CybercrimeFightersClub #NewReport
ShadowSyndicate has been uncovered as a powerful Ransomware-as-a-Service (RaaS) affiliate through a joint investigation by Group-IB, Bridewell, and independent researcher Michael Koczwara. This research was conducted as part of Group-IB's new Cybercrime Fighters Club program, an innovative initiative that fosters collaborative knowledge exchange and joint cybersecurity research.
Key findings:
πΈ Active since July 2022, ShadowSyndicate has left its mark across 13 countries with SSH fingerprints on 85 servers.
πΈ ShadowSyndicate is strongly believed to have leveraged three ransomware families β Quantum, Nokoyawa, ALPHV, and researchers have identified potential links to four more.
πΈ Strong suspicions of employing IcedID and Matanbuchus malware for system infiltrations.
πΈ ShadowSyndicate frequently utilized off-the-shelf tools like Cobalt Strike and Sliver in their attacks.
π Learn more here
#ShadowSyndicate #Ransomware #CybercrimeFightersClub #NewReport
π3π₯1
π Unlocking the secrets of Apple's Lockdown Mode
In the summer of 2022, Apple introduced a game-changing feature β Lockdown Modeπ±. Designed to fend off the most sophisticated digital threats, it's like a fortress for your device. But it comes with some nuancesβ¦
π Find out more in our latest Medium blog post!
Subscribe to our Medium blog for more insightful stories on cybersecurity. π‘
#LockdownMode #AppleSecurity #ProsAndCons
In the summer of 2022, Apple introduced a game-changing feature β Lockdown Modeπ±. Designed to fend off the most sophisticated digital threats, it's like a fortress for your device. But it comes with some nuancesβ¦
π Find out more in our latest Medium blog post!
Subscribe to our Medium blog for more insightful stories on cybersecurity. π‘
#LockdownMode #AppleSecurity #ProsAndCons
Medium
The pros and cons of Appleβs Lockdown Mode
A feature designed to guard against critical threats like Pegasus
π₯8π6
Security Lab is a European #MSSP provider and a go-to cyber defense advisor that applies a comprehensive approach to cybersecurity. The company boasts its own #SOC, which offers customers top-notch security services and incident response assistance.
To complement the expertise of its analysts, the Security Lab adopted the Group-IB Managed XDR solution for managed detection and response services. Learn more about the partnership and its business outcomes in our booklet.
#MXDR #Cybersecurity #Infosecurity #FightAgainstCybercrime
To complement the expertise of its analysts, the Security Lab adopted the Group-IB Managed XDR solution for managed detection and response services. Learn more about the partnership and its business outcomes in our booklet.
#MXDR #Cybersecurity #Infosecurity #FightAgainstCybercrime
Group-IB
Group-IB x Security Lab: success story | Group-IB
Learn how innovative solutions and joint expertise helped a MSSP provider enhance customer protection.
π₯13π2
New trojan alert!
Group-IB has discovered GoldDigger, a new Android Trojan targeting 50+ Vietnamese banking apps, e-wallets, and crypto wallets. Its goal? Swiping your funds.
What to know:
π Active since at least June 2023.
π Codenamed by Group-IB after βGoldActivity,β a specific Android activity found within the APK file.
π Pretends to be a Vietnamese tax portal and an energy company, with over 10 fake websites.
π The number of infected devices and the amount stolen remains unknown.
βGoldDigger's advanced protection hinders malware analysis and detection, making it tough to trigger malicious activity in sandboxes or emulators. The most effective way to combat this is with client-side fraud protection solutions.
Get the full story here. For technical details, check out our blog.
#Cybersecurity #GoldDigger #Trojan #Android
Group-IB has discovered GoldDigger, a new Android Trojan targeting 50+ Vietnamese banking apps, e-wallets, and crypto wallets. Its goal? Swiping your funds.
What to know:
π Active since at least June 2023.
π Codenamed by Group-IB after βGoldActivity,β a specific Android activity found within the APK file.
π Pretends to be a Vietnamese tax portal and an energy company, with over 10 fake websites.
π The number of infected devices and the amount stolen remains unknown.
βGoldDigger's advanced protection hinders malware analysis and detection, making it tough to trigger malicious activity in sandboxes or emulators. The most effective way to combat this is with client-side fraud protection solutions.
Get the full story here. For technical details, check out our blog.
#Cybersecurity #GoldDigger #Trojan #Android
π₯11π5
π We're thrilled to announce that Group-IB has won the prestigious 2023 Benelux Outstanding Security Performance Award (OSPA) for Outstanding Police/Law Enforcement Initiative!
Our dedicated High-Tech Crime Investigations team in Europe has been recognized for their relentless efforts in combating cybercrime, particularly in cracking down on compromised credit card data on the dark web.
The award was presented to Dmitry Tunkin, Group-IBβs Chief Regional Officer, Europe, during a ceremony held in the Dutch city of Breda last week.
We also celebrate Martijn van den Berk, our Cyber Threat Intelligence Analyst, who has been nominated as a finalist for the Outstanding Young Security Professional honor.
Congratulations to Dmitry and Martijn for their outstanding contributions to this achievement! π
Learn more here.
#Cybersecurity #OSPA #LawEnforcement #CybercrimeFighters
Our dedicated High-Tech Crime Investigations team in Europe has been recognized for their relentless efforts in combating cybercrime, particularly in cracking down on compromised credit card data on the dark web.
The award was presented to Dmitry Tunkin, Group-IBβs Chief Regional Officer, Europe, during a ceremony held in the Dutch city of Breda last week.
We also celebrate Martijn van den Berk, our Cyber Threat Intelligence Analyst, who has been nominated as a finalist for the Outstanding Young Security Professional honor.
Congratulations to Dmitry and Martijn for their outstanding contributions to this achievement! π
Learn more here.
#Cybersecurity #OSPA #LawEnforcement #CybercrimeFighters
π₯14π3π1
π±QR codes are everywhere nowadays, offering convenience at your fingertips, from restaurant menus to parking payments. But sometimes we underestimate the hidden dangers. Take a look at five key risks that scanning random QR codes can pose.
Share this with your friends and, as always, #StayCybersafe! For a deeper dive and recommendations on how to protect yourself, check out our Medium post.
#cybersecurity #phishing #QRcodes #malware #fraud
Share this with your friends and, as always, #StayCybersafe! For a deeper dive and recommendations on how to protect yourself, check out our Medium post.
#cybersecurity #phishing #QRcodes #malware #fraud
π6β€3
π We're excited to be part of GITEX Global 2023, the Middle East's premier tech expo from Oct 16-20. Partnered with Tech First Gulf, a leading value-added distributor in the MEA region, you can find us at Hall 2, H2-B10.
Discover our cutting-edge cybersecurity solutions, including #ManagedXDR, #ThreatIntelligence, and more.
For details, check out our press release.
Don't miss it! See you at #GITEXGlobal2023.
#Cybersecurity #Events #Dubai #TechFirstGulf
Discover our cutting-edge cybersecurity solutions, including #ManagedXDR, #ThreatIntelligence, and more.
For details, check out our press release.
Don't miss it! See you at #GITEXGlobal2023.
#Cybersecurity #Events #Dubai #TechFirstGulf
π₯8π2β€1