Businesses tend to rely on various cloud-based services such as CRM systems, email services, corporate messengers, or wiki platforms. While these services offer operational efficiency, they can also introduce potential vectors through which threat actors can exploit vulnerabilities in a company's infrastructure. To prevent this from happening, organizations need to defend their network from unwarranted intrusion by attackers.
So how can companies protect their data while using SaaS solutions? In our new blog post, we shed light on the common mistakes users and management make when configuring their public cloud environments. Read now👈
#cloud #cybersecurity
So how can companies protect their data while using SaaS solutions? In our new blog post, we shed light on the common mistakes users and management make when configuring their public cloud environments. Read now👈
#cloud #cybersecurity
👍6
▪️Group-IB detected a 304% increase in the number of scam resources that utilized the name and likeness of legitimate brands in 2022 compared to the preceding year.
▪️ The number of scam pages created to impersonate a single brand across all verticals and regions rose, on average, by 162% year-on-year.
▪️ The number of phishing websites increased by 62% in 2022 compared to the previous year.
▪️ Globally, scammers’ interest in the financial sector skyrocketed dramatically, as the average number of scam resources created per financial brand increased year-on-year by 186% in 2022.
Download the Digital Risk Trends 2023 report to learn about the threat landscape, get full statistics on phishing and scam across different regions and industries and learn how to mitigate the risks for your brand.
#report #DigitalRiskTrends2023
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥13👍5
Group-IB has been named a Representative Vendor in the Gartner 2023 Market Guide for Security Threat Intelligence Products and Services.
Group-IB’s Threat Intelligence is at the core of all of the company’s products and services consolidated under the Unified Risk Platform – an ecosystem of solutions that understands each organization’s threat profile and tailors defenses against them in real-time from a single interface. To have the most comprehensive understanding of cyber risks, Group-IB collects the industry’s broadest range of intelligence, with 60 types of sources across 15 categories. In 2022 alone, Group-IB Threat Intelligence detected over 260,000,000 compromised accounts, 65M+ stolen payment cards on sale in the dark web, more than 1,700 leaked databases, and analyzed over 54,000,000 messages from underground forums.
Group-IB has now been recognized in the Gartner Market Guide for Security Threat Intelligence Products and Services for the seventh time. Way to go!⚫️
#Gartner #cybersecurity
Group-IB’s Threat Intelligence is at the core of all of the company’s products and services consolidated under the Unified Risk Platform – an ecosystem of solutions that understands each organization’s threat profile and tailors defenses against them in real-time from a single interface. To have the most comprehensive understanding of cyber risks, Group-IB collects the industry’s broadest range of intelligence, with 60 types of sources across 15 categories. In 2022 alone, Group-IB Threat Intelligence detected over 260,000,000 compromised accounts, 65M+ stolen payment cards on sale in the dark web, more than 1,700 leaked databases, and analyzed over 54,000,000 messages from underground forums.
Group-IB has now been recognized in the Gartner Market Guide for Security Threat Intelligence Products and Services for the seventh time. Way to go!
#Gartner #cybersecurity
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥12
Group-IB has today learned of the sentence issued to its co-founder Ilya Sachkov following the conclusion of his rushed, closed-door trial in Moscow.
Ilya pleaded not guilty. Since day one, we have had full confidence in Ilya’s innocence. The entire Group-IB team is dismayed and disheartened by this brutal and unfair punishment. Cutting Ilya off from the outside world only serves to undermine the strength and stability of the global cybersecurity ecosystem.
Group-IB may have exited the Russian market in April, 2023 but Ilya will always be an integral and inseparable part of the Group-IB family. His core mission of fighting against cybercrime – which has been at the heart of Group-IB’s operations since the company’s creation in 2003 – will continue to guide us as we move forward.
Read Group-IB’s full statement: https://bit.ly/3KfziQR
#FightAgainstCybercrime
Ilya pleaded not guilty. Since day one, we have had full confidence in Ilya’s innocence. The entire Group-IB team is dismayed and disheartened by this brutal and unfair punishment. Cutting Ilya off from the outside world only serves to undermine the strength and stability of the global cybersecurity ecosystem.
Group-IB may have exited the Russian market in April, 2023 but Ilya will always be an integral and inseparable part of the Group-IB family. His core mission of fighting against cybercrime – which has been at the heart of Group-IB’s operations since the company’s creation in 2003 – will continue to guide us as we move forward.
Read Group-IB’s full statement: https://bit.ly/3KfziQR
#FightAgainstCybercrime
😢29🙏4🤡2👍1🤯1
⚡️Demystifying Mysterious Team Bangladesh: Hacktivists with attitude
Global geopolitical conflicts frequently serve as catalysts for hacktivist activities, and a relatively new player in the game is Mysterious Team Bangladesh, a highly active threat group that frequently changes targets to launch rapid-fire DDoS attacks and website defacements.
But what do we know about Mysterious Team Bangladesh?
📌 They have carried out more than 750 DDoS attacks and 78 website defacements since June 2022.
📌 They have most frequently targeted India and Israel, although they have recently set their sights on Sweden
📌 Core targets include organizations in the logistics, governmental, and financial sectors.
📌 They rely on open-source utilities for conducting DDoS and defacement attacks.
Curious to learn more about Mysterious Team Bangladesh? Check out our new blog post!
#Hacktivists #MysteriousTeamBangladesh #FightAgainstCybercrime
Global geopolitical conflicts frequently serve as catalysts for hacktivist activities, and a relatively new player in the game is Mysterious Team Bangladesh, a highly active threat group that frequently changes targets to launch rapid-fire DDoS attacks and website defacements.
But what do we know about Mysterious Team Bangladesh?
📌 They have carried out more than 750 DDoS attacks and 78 website defacements since June 2022.
📌 They have most frequently targeted India and Israel, although they have recently set their sights on Sweden
📌 Core targets include organizations in the logistics, governmental, and financial sectors.
📌 They rely on open-source utilities for conducting DDoS and defacement attacks.
Curious to learn more about Mysterious Team Bangladesh? Check out our new blog post!
#Hacktivists #MysteriousTeamBangladesh #FightAgainstCybercrime
🔥8👍2
The global fight against cybercrime needs a collaborative effort. This is why we created the Cybercrime Fighters Club, a forward-thinking project that creates a pathway for Group-IB to partner with industry peers to enhance knowledge sharing and jointly research emerging cyber threats.
We invite cybersecurity experts from any background or specialization to investigate adversaries together with the Group-IB team. Head over to our website to learn the details.
Join the #CybercrimeFightersClub!
#FightAgainstCybercrime #cybersecurity
We invite cybersecurity experts from any background or specialization to investigate adversaries together with the Group-IB team. Head over to our website to learn the details.
Join the #CybercrimeFightersClub!
#FightAgainstCybercrime #cybersecurity
👍8🔥6❤1
🔎 Bringing down 16shop: Group-IB assists INTERPOL-led international operation
Group-IB has assisted in an INTERPOL-led operation aimed at disrupting the activities of 16shop, a notorious phishing-as-a-service platform on which phishing kits were sold. The successful operation led to the shutdown of 16shop and the arrest of the site’s operator and two facilitators.
Group-IB’s Cyber Investigations team in the APAC region supported the operation by analyzing the infrastructure used by the suspect and collecting their digital traces to ultimately establish their identity. Group-IB’s experts also helped to identify some victims in Indonesia.
Data collected by Group-IB indicates that more than 150,000 phishing domains were created using the phishing kits in question. The phishing kits sold on 16shop were utilized to target users in Germany, Japan, France, the USA, the UK, Thailand and other countries.
Want to find out more? Head over to the Group-IB website.
#Cybersecurity #INTERPOL #FightAgainstCybercrime
Group-IB has assisted in an INTERPOL-led operation aimed at disrupting the activities of 16shop, a notorious phishing-as-a-service platform on which phishing kits were sold. The successful operation led to the shutdown of 16shop and the arrest of the site’s operator and two facilitators.
Group-IB’s Cyber Investigations team in the APAC region supported the operation by analyzing the infrastructure used by the suspect and collecting their digital traces to ultimately establish their identity. Group-IB’s experts also helped to identify some victims in Indonesia.
Data collected by Group-IB indicates that more than 150,000 phishing domains were created using the phishing kits in question. The phishing kits sold on 16shop were utilized to target users in Germany, Japan, France, the USA, the UK, Thailand and other countries.
Want to find out more? Head over to the Group-IB website.
#Cybersecurity #INTERPOL #FightAgainstCybercrime
👍5🔥4
Do you like success stories? So here you go! Cyber attackers are increasingly targeting the #cryptocurrency and #blockchain industry, causing a surge in security incidents. Even the most reputable blockchain services are vulnerable to hacking attacks, leading to the loss of users' funds.
To safeguard its customers' assets, fintech company Oris Lab conducted a penetration test on its flagship software products to uncover any hidden vulnerabilities. Discover the results of the cybersecurity audit and how it improved the company's security posture
#FightAgainstCybercrime #cybersecurity #crypto
To safeguard its customers' assets, fintech company Oris Lab conducted a penetration test on its flagship software products to uncover any hidden vulnerabilities. Discover the results of the cybersecurity audit and how it improved the company's security posture
#FightAgainstCybercrime #cybersecurity #crypto
👍8
What started as a casual investigation of a malware sample at the request of our financial client in the Asia-Pacific region later unfolded into a complete uncovering of the Gigabud trojan.
Between 2022 and 2023, our team of cybersecurity researchers identified and analyzed 400+ Gigabud.RAT samples and 20+ Gigabud.Loan samples. 🚀💻
But that's not all – a deeper analysis into Gigabud’s fraudulent techniques, using the Group-IB Fraud Matrix revealed the trojan’s operations, its previously unknown variants, and the potential risks to organizations.
Curious to know more? Read about the full investigation in our new blogpost!
#RAT #fraud_protection
Between 2022 and 2023, our team of cybersecurity researchers identified and analyzed 400+ Gigabud.RAT samples and 20+ Gigabud.Loan samples. 🚀💻
But that's not all – a deeper analysis into Gigabud’s fraudulent techniques, using the Group-IB Fraud Matrix revealed the trojan’s operations, its previously unknown variants, and the potential risks to organizations.
Curious to know more? Read about the full investigation in our new blogpost!
#RAT #fraud_protection
🔥6👍5
Infosecurity professionals need to master threat hunting. Why?
Proactive threat hunting enables the detection of attacks that go unnoticed by traditional security solutions.
To help you learn the ropes of this process, we've launched a new blog series, Hunting Rituals, which explores hunting techniques using one of the most effective solutions on the market — Group-IB MXDR. In the first article, we detailed the basic techniques for detecting DLL sideloading, a сunning method used to evade traditional security measures.
To begin the hunting process, we’ve framed a plausible hypothesis. By applying it to the EDR telemetry, we found several suspicious events. After carefully investigating them using the EDR module of Group-IB MXDR, we discovered the GUID of a process and, thereafter, other data that could help with further remediation or even with identification of a payload injected into legitimate processes.
To learn the details of the threat hunting for DLL sideloading, follow our step-by-step guide
#ThreatHunting #MITREattackframework #T1574002 #DLLhijacking #DLLsideloading
Proactive threat hunting enables the detection of attacks that go unnoticed by traditional security solutions.
To help you learn the ropes of this process, we've launched a new blog series, Hunting Rituals, which explores hunting techniques using one of the most effective solutions on the market — Group-IB MXDR. In the first article, we detailed the basic techniques for detecting DLL sideloading, a сunning method used to evade traditional security measures.
To begin the hunting process, we’ve framed a plausible hypothesis. By applying it to the EDR telemetry, we found several suspicious events. After carefully investigating them using the EDR module of Group-IB MXDR, we discovered the GUID of a process and, thereafter, other data that could help with further remediation or even with identification of a payload injected into legitimate processes.
To learn the details of the threat hunting for DLL sideloading, follow our step-by-step guide
#ThreatHunting #MITREattackframework #T1574002 #DLLhijacking #DLLsideloading
🔥7👍6❤2
🌍Africa Cyber Surge II operation: Group-IB assists in crime-fighting initiative that leads to arrest of 14 suspected cybercriminals
Group-IB has played a key role in the INTERPOL-led Africa Cyber Surge II operation, a multinational collaborative initiative tasked with preventing, mitigating, and disrupting threat actors on the African continent.
Here’s the rundown of this successful crime-fighting program:
📌 Africa Cyber Surge II began in April 2023, bringing together INTERPOL, AFRIPOL, Group-IB, and other private sector companies to pool actionable intelligence on cyber extortion, phishing, business email compromise, and online scams.
📌 The Africa Cyber Surge II operation spanned 25 African countries, leading to the arrests of 14 suspected cybercriminals and the identification of more than 20,000 suspicious cyber networks linked to financial losses in excess of $40m
📌 Group-IB, a long-standing private sector partner of INTERPOL, collected and shared more than 1,000 indicators related to malicious infrastructure across Africa.
📌 INTERPOL member states in Africa leveraged Group-IB’s intelligence in several takedown operations.
Want to learn more? Head over to the Group-IB website.
#INTERPOL #FightAgainstCybercrime
Group-IB has played a key role in the INTERPOL-led Africa Cyber Surge II operation, a multinational collaborative initiative tasked with preventing, mitigating, and disrupting threat actors on the African continent.
Here’s the rundown of this successful crime-fighting program:
📌 Africa Cyber Surge II began in April 2023, bringing together INTERPOL, AFRIPOL, Group-IB, and other private sector companies to pool actionable intelligence on cyber extortion, phishing, business email compromise, and online scams.
📌 The Africa Cyber Surge II operation spanned 25 African countries, leading to the arrests of 14 suspected cybercriminals and the identification of more than 20,000 suspicious cyber networks linked to financial losses in excess of $40m
📌 Group-IB, a long-standing private sector partner of INTERPOL, collected and shared more than 1,000 indicators related to malicious infrastructure across Africa.
📌 INTERPOL member states in Africa leveraged Group-IB’s intelligence in several takedown operations.
Want to learn more? Head over to the Group-IB website.
#INTERPOL #FightAgainstCybercrime
🔥9👍5👏2🤔2
🔴 Group-IB discovers CVE in WinRAR that allows cybercriminals target traders
In July, while researching the spread of DarkMe malware the Group-IB Threat Intelligence unit came across an unknown vulnerability in the processing of the ZIP file format by WinRAR.
By exploiting CVE-2023-38831, threat actors were able to craft ZIP archives that serve as carriers for various malware families. The vulnerability allows them to spoof file extensions and hide the launch of malicious script within an archive masquerading as a '.jpg', '.txt', or any other file format. Weaponized ZIP archives were distributed on at least 8 of the most popular trading forums. After infection, the cybercriminals attempt to withdraw money from broker accounts.
This CVE has been exploited since April 2023. At the time of writing, the devices of 130 traders are still infected.
Make sure you are using the latest version of WinRAR and check out our latest blog post to understand how CVE-2023-38831 works.
#CVE #WinRAR #FightAgainstCybercrime
In July, while researching the spread of DarkMe malware the Group-IB Threat Intelligence unit came across an unknown vulnerability in the processing of the ZIP file format by WinRAR.
By exploiting CVE-2023-38831, threat actors were able to craft ZIP archives that serve as carriers for various malware families. The vulnerability allows them to spoof file extensions and hide the launch of malicious script within an archive masquerading as a '.jpg', '.txt', or any other file format. Weaponized ZIP archives were distributed on at least 8 of the most popular trading forums. After infection, the cybercriminals attempt to withdraw money from broker accounts.
This CVE has been exploited since April 2023. At the time of writing, the devices of 130 traders are still infected.
Make sure you are using the latest version of WinRAR and check out our latest blog post to understand how CVE-2023-38831 works.
#CVE #WinRAR #FightAgainstCybercrime
🔥21
As organizations continually build digital assets, the risk of overlooked security gaps in web applications grows. The result? Increased threat to the clients, enterprise, and its confidential information.
While OWASP Top 10 (2021) is a great resource for identifying and mitigating new web vulnerabilities. But here's the catch – vulnerabilities can still slip through.
What do Group-IB’s audit and consulting experts recommend? A combination of periodic manual testing and a proactive vulnerability detection solution such as Group-IB Attack Surface Management (ASM).
Learn more in our latest e-booklet which is packed with insights to help organizations detect and defend against the most critical web app vulnerabilities in 2023 and beyond.
While OWASP Top 10 (2021) is a great resource for identifying and mitigating new web vulnerabilities. But here's the catch – vulnerabilities can still slip through.
What do Group-IB’s audit and consulting experts recommend? A combination of periodic manual testing and a proactive vulnerability detection solution such as Group-IB Attack Surface Management (ASM).
Learn more in our latest e-booklet which is packed with insights to help organizations detect and defend against the most critical web app vulnerabilities in 2023 and beyond.
👍5🔥5❤1
🏆Group-IB’s Managed XDR wins prestigious Red Dot design award
That winning feeling! Group-IB is delighted to announce that its Managed XDR solution has won a prestigious Red Dot Design Award in the category of Interface & User Experience Design. This honor recognizes user-friendly and innovative design of this highly advanced product that empowers companies to see and respond to all the threats targeting their infrastructure.
Managed XDR is one of Group-IB’s flagship products, created to give companies full control over their cybersecurity by identifying threats in real time and facilitating immediate response by centralizing, correlating, and analyzing all endpoints.
To find out more about the award-winning design of Managed XDR, check out the Group-IB website!
#MXDR #Cybersecurity #RedDot #FightAgainstCybercrime
That winning feeling! Group-IB is delighted to announce that its Managed XDR solution has won a prestigious Red Dot Design Award in the category of Interface & User Experience Design. This honor recognizes user-friendly and innovative design of this highly advanced product that empowers companies to see and respond to all the threats targeting their infrastructure.
Managed XDR is one of Group-IB’s flagship products, created to give companies full control over their cybersecurity by identifying threats in real time and facilitating immediate response by centralizing, correlating, and analyzing all endpoints.
To find out more about the award-winning design of Managed XDR, check out the Group-IB website!
#MXDR #Cybersecurity #RedDot #FightAgainstCybercrime
❤10🔥5👏2🏆2
⚡️New hierarchy, heightened threat: Classiscam’s sustained global campaign
Uncovered by Group-IB, Classiscam is ascam-as-a-service operation active since 2019. This highly effective scheme designed to steal money, payment data, and bank login credentials from unsuspecting users has truly gone global. Now, Classiscam has spread to 79 countries, and financial losses are estimated to exceed USD $64.5 million.
📌 Group-IB analyzed information pertaining to 393 Classiscam groups that combined had more than 38,000 members.
📌 251 unique brands have been impersonated on Classiscam phishing pages
📌 Core targets for impersonation include logistics companies, classified sites and bank transfer services
📌 The average amount lost by Classiscam victims worldwide was $353
📌 Classiscam will likely remain one of the major global scams throughout 2023 due to its full automation and low technical barrier of entry
Want to learn more about Classiscam? Check out our new blog!
#Classiscam #FightAgainstCybercrime #Scam
Uncovered by Group-IB, Classiscam is ascam-as-a-service operation active since 2019. This highly effective scheme designed to steal money, payment data, and bank login credentials from unsuspecting users has truly gone global. Now, Classiscam has spread to 79 countries, and financial losses are estimated to exceed USD $64.5 million.
📌 Group-IB analyzed information pertaining to 393 Classiscam groups that combined had more than 38,000 members.
📌 251 unique brands have been impersonated on Classiscam phishing pages
📌 Core targets for impersonation include logistics companies, classified sites and bank transfer services
📌 The average amount lost by Classiscam victims worldwide was $353
📌 Classiscam will likely remain one of the major global scams throughout 2023 due to its full automation and low technical barrier of entry
Want to learn more about Classiscam? Check out our new blog!
#Classiscam #FightAgainstCybercrime #Scam
❤13