#cybersecurity #INTERPOL
Group-IB took part in INTERPOL's 9th Africa Working Group Meeting on cybercrime in Kigali, Rwanda.
Kristina Ivanova, Deputy Head of APAC High Tech Crime Investigation Department, provided an overview of threats within the African Region and discussed how Group-IB tracks down cybercrime in collaboration with INTERPOL and other law enforcement agencies.
We were honoured to receive an award from INTERPOL: Group-IB does its best to make the world a cyber safer place.
Group-IB took part in INTERPOL's 9th Africa Working Group Meeting on cybercrime in Kigali, Rwanda.
Kristina Ivanova, Deputy Head of APAC High Tech Crime Investigation Department, provided an overview of threats within the African Region and discussed how Group-IB tracks down cybercrime in collaboration with INTERPOL and other law enforcement agencies.
We were honoured to receive an award from INTERPOL: Group-IB does its best to make the world a cyber safer place.
🔥10👍7❤3
#MXDR #XDR #FightAgainstCybercrime
Imagine that you are the head of the information security team and you want to build a multi-layered defense system against cyberattacks at all levels. You are starting to set up your arsenal, including antivirus software, antispam system, NGFW, IDS/IPS, sandbox… when suddenly you are faced with three belated observations:
📌 Solutions from different vendors conflict with each other, but they must somehow be made to work together cohesively.
📌 You install a SIEM system, which collects reports on the solutions across the entire corporate infrastructure in one place, but it does not help detect modern attacks, no matter what correlation rules are written for this purpose.
📌 You decide to install an EDR solution, which collects telemetry data from hosts and provide greater correlation and threat hunting capabilities. Yet, many cyber threats continue to fly under the radar.
What can you do? Deploy Group-IB Managed XDR!
Imagine that you are the head of the information security team and you want to build a multi-layered defense system against cyberattacks at all levels. You are starting to set up your arsenal, including antivirus software, antispam system, NGFW, IDS/IPS, sandbox… when suddenly you are faced with three belated observations:
📌 Solutions from different vendors conflict with each other, but they must somehow be made to work together cohesively.
📌 You install a SIEM system, which collects reports on the solutions across the entire corporate infrastructure in one place, but it does not help detect modern attacks, no matter what correlation rules are written for this purpose.
📌 You decide to install an EDR solution, which collects telemetry data from hosts and provide greater correlation and threat hunting capabilities. Yet, many cyber threats continue to fly under the radar.
What can you do? Deploy Group-IB Managed XDR!
👍2
Group-IB
#MXDR #XDR #FightAgainstCybercrime Imagine that you are the head of the information security team and you want to build a multi-layered defense system against cyberattacks at all levels. You are starting to set up your arsenal, including antivirus software…
#MXDR #XDR #FightAgainstCybercrime
The "elite niche" in the cybersecurity market is now occupied by XDR (Extended Detection and Response) systems. This is a new category of solutions designed for the advanced detection, response and prevention of threats. Managed XDR helps analyze adversary activity, learn how to hunt for threats, and combat cybercrime — a mission worthy of a superhero.
Managed XDR will help you to:
▪️ Collect, correlate, and analyze data across various sources, giving security experts a powerful tool that continuously monitors all events that occur within the network and on each device, as well as external events that can pose a threat;
▪️ Make incident response much faster, which minimizes damages and quickly stops adversaries;
▪️ Detect the widest possible range of threats, from phishing to sophisticated targeted attacks, in a fully automated manner;
▪️ Provide 360-degree visibility and manageability across all security solutions in order to get the most out of each of them;
▪️ Conduct in-depth investigations into incidents from patient zero (the first infected device on the network) to any further attack propagation, which helps control all potential infection vectors in the infrastructure.
The "elite niche" in the cybersecurity market is now occupied by XDR (Extended Detection and Response) systems. This is a new category of solutions designed for the advanced detection, response and prevention of threats. Managed XDR helps analyze adversary activity, learn how to hunt for threats, and combat cybercrime — a mission worthy of a superhero.
Managed XDR will help you to:
▪️ Collect, correlate, and analyze data across various sources, giving security experts a powerful tool that continuously monitors all events that occur within the network and on each device, as well as external events that can pose a threat;
▪️ Make incident response much faster, which minimizes damages and quickly stops adversaries;
▪️ Detect the widest possible range of threats, from phishing to sophisticated targeted attacks, in a fully automated manner;
▪️ Provide 360-degree visibility and manageability across all security solutions in order to get the most out of each of them;
▪️ Conduct in-depth investigations into incidents from patient zero (the first infected device on the network) to any further attack propagation, which helps control all potential infection vectors in the infrastructure.
Group-IB
Managed XDR: Managed Detection and Response | Cybersecurity Products & Services | Group-IB
Group-IB Managed XDR solution identifies threats in real time to enable immediate incident response actions
🔥2👍1
Group-IB
#MXDR #XDR #FightAgainstCybercrime The "elite niche" in the cybersecurity market is now occupied by XDR (Extended Detection and Response) systems. This is a new category of solutions designed for the advanced detection, response and prevention of threats.…
#MXDR #XDR #FightAgainstCybercrime
Want to learn more?
We have prepared this blog post to share with you — on behalf of Group-IB developers — what lies "under the hood" of Group-IB Managed XDR system, what technology it uses, and what approach our cutting-edge solution applies. Let's go!
Want to see Managed XDR in action?
Simply request a demo by completing this form👈
What if I still don’t understand, but want to?
If you struggle to understand cybersecurity terms and Group-IB’s solutions but you really want to, we are always happy to help. Check out our educational courses: click on the link!
Want to learn more?
We have prepared this blog post to share with you — on behalf of Group-IB developers — what lies "under the hood" of Group-IB Managed XDR system, what technology it uses, and what approach our cutting-edge solution applies. Let's go!
Want to see Managed XDR in action?
Simply request a demo by completing this form👈
What if I still don’t understand, but want to?
If you struggle to understand cybersecurity terms and Group-IB’s solutions but you really want to, we are always happy to help. Check out our educational courses: click on the link!
🔥1
#phishing #CERT
📦 Group-IB has identified a widescale phishing campaign targeting users in the Middle East by impersonating well-known postal services.
Since as early as 2020, the Group-IB Computer Emergency Response Team (CERT-GIB) analysts have detected over 270 domains making use of the regional delivery and postal service brands. All the domains were part of a single massive phishing infrastructure. Scammers have impersonated over 13 different delivery brands, postal operators, and public companies from at least eight different countries, including Bahrain, Egypt, Israel, Jordan, Kuwait, Qatar, Saudi Arabia, and the United Arab Emirates.
In line with its mission of fighting cybercrime, upon discovery, CERT-GIB has sent notifications to relevant regional Computer Emergency Response Teams so they could take actions when new resources appear.
📦 Group-IB has identified a widescale phishing campaign targeting users in the Middle East by impersonating well-known postal services.
Since as early as 2020, the Group-IB Computer Emergency Response Team (CERT-GIB) analysts have detected over 270 domains making use of the regional delivery and postal service brands. All the domains were part of a single massive phishing infrastructure. Scammers have impersonated over 13 different delivery brands, postal operators, and public companies from at least eight different countries, including Bahrain, Egypt, Israel, Jordan, Kuwait, Qatar, Saudi Arabia, and the United Arab Emirates.
In line with its mission of fighting cybercrime, upon discovery, CERT-GIB has sent notifications to relevant regional Computer Emergency Response Teams so they could take actions when new resources appear.
👍2
Group-IB
#phishing #CERT 📦 Group-IB has identified a widescale phishing campaign targeting users in the Middle East by impersonating well-known postal services. Since as early as 2020, the Group-IB Computer Emergency Response Team (CERT-GIB) analysts have detected…
#phishing #CERT
Using its patented Network Graph Analysis tool Group-IB researchers were able to unveil the links between infrastructures used for attacks in the Middle East. These domains are short-lived by design to complicate detection and instead, new websites are regularly created. According to Group-IB, the latest resource impersonating a Middle Eastern postal brand appeared on July 14, 2022.
How the scheme works:
▪️Customers awaiting an order may receive an email or an SMS from the national postal service requesting payment for a delivery or customs clearance fee.
▪️Following the link from the message, customers are redirected to a phishing page that requests their bank card details in order to process the payment.
▪️As soon as the customer submits the form, the sum of the "fee" is deducted from their bank account and transferred to cybercriminals, along with their bank card details.
Click here to learn more about the scheme and get recommendations on how to avoid being scammed 👈
Using its patented Network Graph Analysis tool Group-IB researchers were able to unveil the links between infrastructures used for attacks in the Middle East. These domains are short-lived by design to complicate detection and instead, new websites are regularly created. According to Group-IB, the latest resource impersonating a Middle Eastern postal brand appeared on July 14, 2022.
How the scheme works:
▪️Customers awaiting an order may receive an email or an SMS from the national postal service requesting payment for a delivery or customs clearance fee.
▪️Following the link from the message, customers are redirected to a phishing page that requests their bank card details in order to process the payment.
▪️As soon as the customer submits the form, the sum of the "fee" is deducted from their bank account and transferred to cybercriminals, along with their bank card details.
Click here to learn more about the scheme and get recommendations on how to avoid being scammed 👈
🔥3❤1
#CERT #scam #fakes
The Group-IB Computer Emergency Response Team (CERT-GIB) has been investigating several fake investment schemes which are targeting European citizens. In the course of the research, a gigantic network infrastructure was uncovered and analyzed, which contained over 10,000 rogue resources, including similar fraudulent ones aimed at the inhabitants of the entire Eurasian continent and North America.
The main goal of these schemes is to convince the victims to repeatedly transfer funds to the fake investment portal. The victims are usually promised huge returns on their investments and are shown "how I got rich" stories featuring celebrities.
In our latest blog post we take a deeper dive into the fake investments schemes, showcase a couple of them including a conversation with the scammers that we managed to record, and provide recommendations for the users. Check it out👈
The Group-IB Computer Emergency Response Team (CERT-GIB) has been investigating several fake investment schemes which are targeting European citizens. In the course of the research, a gigantic network infrastructure was uncovered and analyzed, which contained over 10,000 rogue resources, including similar fraudulent ones aimed at the inhabitants of the entire Eurasian continent and North America.
The main goal of these schemes is to convince the victims to repeatedly transfer funds to the fake investment portal. The victims are usually promised huge returns on their investments and are shown "how I got rich" stories featuring celebrities.
In our latest blog post we take a deeper dive into the fake investments schemes, showcase a couple of them including a conversation with the scammers that we managed to record, and provide recommendations for the users. Check it out👈
🔥4
Group-IB
#CERT #scam #fakes The Group-IB Computer Emergency Response Team (CERT-GIB) has been investigating several fake investment schemes which are targeting European citizens. In the course of the research, a gigantic network infrastructure was uncovered and analyzed…
#FightAgainstCybercrime
The aim of this research is to raise awareness about the fake investment scheme and ultimately reduce the number of victims. We encourage cybersecurity researchers and the general public to join the fight against cybercrime and share fraudulent domains with us via "Report an Incident" form at https://www.group-ib.com for further evaluation and takedown.
If you are at the beginning of your journey in cybersecurity and want to become a specialist, check out our educational programs. All our courses and workshops are practice-oriented and include real cases and lab sessions. More details👈
The aim of this research is to raise awareness about the fake investment scheme and ultimately reduce the number of victims. We encourage cybersecurity researchers and the general public to join the fight against cybercrime and share fraudulent domains with us via "Report an Incident" form at https://www.group-ib.com for further evaluation and takedown.
If you are at the beginning of your journey in cybersecurity and want to become a specialist, check out our educational programs. All our courses and workshops are practice-oriented and include real cases and lab sessions. More details👈
👍5
#Classiscam
Group-IB has uncovered that Classiscam — a sophisticated scam-as-a-service operation — has expanded to Singapore in March 2022. Classiscam fraudsters target users of one of the leading classified platforms in Singapore. Scammers posing as legitimate buyers approach sellers with the request to purchase goods from their listings and the ultimate aim of stealing payment data.
Using its extensive scam intelligence on the Classiscam operation and its patented Graph Network Analysis tool, the Group-IB Digital Risk Protection team revealed that the scammers designed a phishing tool that generates fake websites that mimic the official platform of a local classified website used for selling and buying goods. These fake links are generated using web panels or Telegram bots.
In line with its mission of fighting against cybercrime, Group-IB immediately shared its findings about Classiscam with the members of the Singapore Police Force’s Alliance of Public-Private Cybercrime Stakeholders (APPACT) and the local classified website in question.
Learn more about the scheme 👈
Group-IB has uncovered that Classiscam — a sophisticated scam-as-a-service operation — has expanded to Singapore in March 2022. Classiscam fraudsters target users of one of the leading classified platforms in Singapore. Scammers posing as legitimate buyers approach sellers with the request to purchase goods from their listings and the ultimate aim of stealing payment data.
Using its extensive scam intelligence on the Classiscam operation and its patented Graph Network Analysis tool, the Group-IB Digital Risk Protection team revealed that the scammers designed a phishing tool that generates fake websites that mimic the official platform of a local classified website used for selling and buying goods. These fake links are generated using web panels or Telegram bots.
In line with its mission of fighting against cybercrime, Group-IB immediately shared its findings about Classiscam with the members of the Singapore Police Force’s Alliance of Public-Private Cybercrime Stakeholders (APPACT) and the local classified website in question.
Learn more about the scheme 👈
Group-IB
Global scam operation "Classiscam" expanded to Singapore
Group-IB has uncovered that Classiscam a sophisticated scam-as-a-service operation has expanded to Singapore in March 2022.
👍3
Group-IB
#Classiscam Group-IB has uncovered that Classiscam — a sophisticated scam-as-a-service operation — has expanded to Singapore in March 2022. Classiscam fraudsters target users of one of the leading classified platforms in Singapore. Scammers posing as legitimate…
#Classiscam
Using its patented Graph Network Analysis tool, Group-IB experts were able to reveal the group of interconnected websites operated by this group of Classiscammers. The whole group’s network included more than 200 domains, 18 of which were created to deceive the users of a Singaporean classified website, including 2 active as of July 19th, 2022.
Other websites in the network impersonate Singaporean moving companies, European, Asian, and Middle Eastern classified websites, banks, marketplaces, food and crypto brands, and delivery companies, which proves Classiscam’s global operations.
❗️Users should always check the domain of the URL to verify if it’s the official website before sharing any personal and payment details. Another recommendation is when communicating with the other party for sale of goods or services, to engage with online chat designed by official websites. Finally, like with conventional scams, do not trust too-good-to-be-true offers.
More details👈
Using its patented Graph Network Analysis tool, Group-IB experts were able to reveal the group of interconnected websites operated by this group of Classiscammers. The whole group’s network included more than 200 domains, 18 of which were created to deceive the users of a Singaporean classified website, including 2 active as of July 19th, 2022.
Other websites in the network impersonate Singaporean moving companies, European, Asian, and Middle Eastern classified websites, banks, marketplaces, food and crypto brands, and delivery companies, which proves Classiscam’s global operations.
❗️Users should always check the domain of the URL to verify if it’s the official website before sharing any personal and payment details. Another recommendation is when communicating with the other party for sale of goods or services, to engage with online chat designed by official websites. Finally, like with conventional scams, do not trust too-good-to-be-true offers.
More details👈
🔥5
Forwarded from The Hacker News
A sophisticated scam-as-a-service scheme known as "Classiscam" is now targeting Singapore.
Read details: https://t.co/OIhdnnMgTh
Read details: https://t.co/OIhdnnMgTh
#cybersecurity #tips
It is important to follow the cyber safety rules and stay vigilant. However, it is also important to know what to do if you are a victim of cybercrime. Here's a set of recommendations on what steps to take if you've been scammed.
It is important to follow the cyber safety rules and stay vigilant. However, it is also important to know what to do if you are a victim of cybercrime. Here's a set of recommendations on what steps to take if you've been scammed.
🔥4
#MaliBot #trojan
👑 Flubot is dead, and the new evil is detected and crowned, the first of his name – MaliBot. MaliBot malware, usually disguised as a cryptocurrency mining application, targets Android devices and uses overlay attacks to outfox MFA/2FA, capture messages and SMS, and steal banking and crypto credentials.
MaliBot operators harness a variety of distribution campaigns: they promote cryptocurrency applications in the form of APKs that victims are supposed to download and install manually; they clone real projects like TheCryptoApp (1M+ downloads on Google Play Store); operators also use smishing (SMS phishing) and other methods to multiply their chances to succeed.
There are at least two major countermeasures to leverage against such fraud attacks. Check out our new blog post to learn more👈
And also take a look at this live demonstration of how Group-IB Fraud Protection stops MaliBot or other similar threats.
👑 Flubot is dead, and the new evil is detected and crowned, the first of his name – MaliBot. MaliBot malware, usually disguised as a cryptocurrency mining application, targets Android devices and uses overlay attacks to outfox MFA/2FA, capture messages and SMS, and steal banking and crypto credentials.
MaliBot operators harness a variety of distribution campaigns: they promote cryptocurrency applications in the form of APKs that victims are supposed to download and install manually; they clone real projects like TheCryptoApp (1M+ downloads on Google Play Store); operators also use smishing (SMS phishing) and other methods to multiply their chances to succeed.
There are at least two major countermeasures to leverage against such fraud attacks. Check out our new blog post to learn more👈
And also take a look at this live demonstration of how Group-IB Fraud Protection stops MaliBot or other similar threats.
👍5🔥5👏1
#award #cybersecurity
🎉We are proud to announce that Jennifer Soh, Senior Cyber Investigation Specialist, and Kristina Ivanova, Deputy Head of the Group-IB’s Cyber Investigations team in Singapore, have been featured in the list of Top 30 Women in Security ASEAN Region!
Both Kristina and Jennifer are passionate about Group-IB’s mission of fighting against cybercrime which they do on a daily basis. In their roles, they are tasked with identifying and tracking down the most advanced cybercriminals syndicates and helping national police forces in the Asia-Pacific, as well as the international law enforcement organizations, bring threat actors to justice. For instance, Kristina and Jennifer assisted in the most recent INTERPOL-led operations codenamed Falcon I, Falcon II, and Delilah.
More details 👈
🎉We are proud to announce that Jennifer Soh, Senior Cyber Investigation Specialist, and Kristina Ivanova, Deputy Head of the Group-IB’s Cyber Investigations team in Singapore, have been featured in the list of Top 30 Women in Security ASEAN Region!
Both Kristina and Jennifer are passionate about Group-IB’s mission of fighting against cybercrime which they do on a daily basis. In their roles, they are tasked with identifying and tracking down the most advanced cybercriminals syndicates and helping national police forces in the Asia-Pacific, as well as the international law enforcement organizations, bring threat actors to justice. For instance, Kristina and Jennifer assisted in the most recent INTERPOL-led operations codenamed Falcon I, Falcon II, and Delilah.
More details 👈
🔥15❤3👍1👏1