2009
Your daily source of cybersecurity news brought to you by Group-IB, one of the global industry leaders.
Here's a great time to announce the prizes for the Hunting season: Group-IB 20th anniversary CTF challenge! We've got some thrilling news:
🌟 Top 20 Winners: Each of you will receive an exclusively designed Memorable Coin as a testament to your skills and dedication.
But that's not all! We're raising the stakes with additional rewards:
🥇 1st to 5th Places: Prepare to stand out with our 20th-anniversary exclusive hoodie – a perfect blend of style and pride for your remarkable achievement.
🥈 6th to 10th Places: Along with the memorable coin, you'll be rocking a t-shirt to celebrate your success.
These prizes are not just rewards: they are symbols of your expertise in the challenging world of cybersecurity.
Ready to play? Click here to join.
#capturetheflag #cybersecurity #prizes #challenge #CTF #ThreatHunting
🏆 Thrilled to receive the Anti-fraud Project of the Year at the highly competitive 6th Regulation Asia Awards for Excellence 2023 in Singapore! The awards recognize exceptional projects that have significantly contributed to the fight against fraud and the protection of financial institutions.
Group-IB was acknowledged for its Cyber Fraud Intelligence Center Project, built upon our Fraud Protection Platform. This solution analyzes varied data sets, providing insights into fraud threats, streamlining detection, and disrupting money laundering schemes.
Judges on the awards panel credited the project as "a model for other jurisdictions and institutions globally”.
Thanks to Regulation Asia for this recognition, and kudos to our Fraud Protection team for this achievement! 🎉
Click here to learn more.
#Cybersecurity #FraudProtection #Innovation #Antifraud #Awards
👤 There's a shady character prowling the digital underworld... Our cybersecurity sleuths managed to coax some revealing details about a threat actor known as farnetwork, which was disclosed in our blog this week. If you missed it, check out our post on Medium that summarizes the story in less than five minutes.
#cybersecurity #ransomware
As part of their cyber intelligence gathering, Group-IB researchers attempted to infiltrate a private Ransomware-as-a-Service (RaaS) program based on the Nokoyawa ransomware. This endeavor led to a 'job interview' with a threat actor, revealing not only the mechanics of the RaaS but also the threat actor's involvement in not one, but five interconnected RaaS programs. Discover revenue distribution models in various RaaS and previously undisclosed details about the threat actor's eventful career dating back to 2019.
Meet farnetwork, also known as farnetworkl, jingo, jsworm, razvrat, piparkuka, farnetworkit, in our latest blog post.
#cybersecurity #blog #RaaS #threatintelligence #ransomware
🎓 Have you ever dreamed of delving into the realm of threat actor activities, gaining real-life incident management experience, and assisting companies while you're still a student? We are excited to offer this opportunity by launching a joint Threat Intelligence and Defence Centre (TIDC) with Ngee Ann Polytechnic (NP)!
Housed at @ngeeannpoly, the first-ever TIDC in Singapore powered by Group-IB’s industry-leading cybersecurity solutions will prepare the students of the School of InfoComm Technology (ICT) to fight and proactively manage cyber threats.
NP is the only institute of higher learning in Singapore to receive Group-IB’s royalty-free academic license valued at $360,000.
Over the next 3 years, more than 200 students in NP’s Cybersecurity & Digital Forensics (CSF) course will be trained in intelligence collection and analysis, incident response, threat hunting, vulnerability assessment, and security monitoring.
Under the partnership, the TIDC will also help start-up partners at AGILE and Pollinate – NP’s on-campus and off-campus incubators – enhance their cyber resilience. The TIDC will be managed by final-year CSF students, who will take on the role of the start-ups’ security analysts.
Click here to learn more!
#Cybersecurity #ngeeannpoly #FutureDefenders #ThreatIntelligence
We’re all set to invite threat hunters to the battlefield!
Get ready for the "Hunting season: Group-IB 20th-anniversary CTF," where cybersecurity professionals will be challenged on 16 complex tasks that evaluate their ability to tackle modern cyber threats.
Developed by security experts, these CTF challenges will cover the entire response chain, from threat hunting to incident investigation.
Some serious skills will be put to the test and we’re excited to see candidates navigate these tasks and emerge victorious.🏆
You can access the registration link here; feel free to share it widely.
Let the hunt begin!💯
🙌 It's #CybersecurityAwarenessMonth, a perfect opportunity to brush up on ways to stay safe online. Take a look at our recommendations on how to minimize your cyber risks. Share it with your friends and colleagues, and #StayCybersafe!
#recommendations #CyberHygiene
It looks like a job for the Responsemen!
When cybersecurity incidents occur, companies often assume they know the exact cause. However, the obvious answer is not always the correct one.
While 66% of businesses believe they may come under an insider attack, insider threats impact over 34% of companies in fact. In a recent incident response case handled by Group-IB, the affected company thought they were a victim of an insider attack. Our Responsemen had to investigate further to uncover the real cause of the incident. What is it?
Read the full story in our blog to follow a more detailed incident response process and mitigation recommendations.
#cybersecurity #FightAgainstCyberCrime #IncidentResponse
Group-IB is proud to announce the signing of a memorandum of understanding with the UAE Cyber Security Council.
The agreement, signed by H.E. Mohammed Hamad Al Kuwaiti, the Head of the UAE Cyber Security Council, and Ashraf Koheil, Group-IB Regional Sales Director MEA, at #GITEXGlobal2023, sets out a pathway for both parties to cooperate closely on the development of technologies and knowledge sharing.
Learn more here.
#events #memorandum #UAE
🕵️♂️ Curious about the world of Incident Response?
Our new blog dives into untold stories of thwarting cyber threats, quick thinking, and high-tech solutions. Discover the secrets of threat intelligence! Check it out here.
#cyberseciruty #ThreatIntelligence #blog #CyberThreats
📱QR codes are everywhere nowadays, offering convenience at your fingertips, from restaurant menus to parking payments. But sometimes we underestimate the hidden dangers. Take a look at five key risks that scanning random QR codes can pose.
Share this with your friends and, as always, #StayCybersafe! For a deeper dive and recommendations on how to protect yourself, check out our Medium group-ib/why-is-everyone-talking-about-dangerous-qr-codes-lets-dot-the-i-s-and-cross-the-t-s-0c8c1a8394fe">post.
#cybersecurity #phishing #QRcodes #malware #fraud
New trojan alert!
Group-IB has discovered GoldDigger, a new Android Trojan targeting 50+ Vietnamese banking apps, e-wallets, and crypto wallets. Its goal? Swiping your funds.
What to know:
📌 Active since at least June 2023.
📌 Codenamed by Group-IB after “GoldActivity,” a specific Android activity found within the APK file.
📌 Pretends to be a Vietnamese tax portal and an energy company, with over 10 fake websites.
📌 The number of infected devices and the amount stolen remains unknown.
❗GoldDigger's advanced protection hinders malware analysis and detection, making it tough to trigger malicious activity in sandboxes or emulators. The most effective way to combat this is with client-side fraud protection solutions.
Get the full story here. For technical details, check out our blog.
#Cybersecurity #GoldDigger #Trojan #Android
🔒 Unlocking the secrets of Apple's Lockdown Mode
In the summer of 2022, Apple introduced a game-changing feature — Lockdown Mode📱. Designed to fend off the most sophisticated digital threats, it's like a fortress for your device. But it comes with some nuances…
🔗 Find out more in our latest Medium blog post!
Subscribe to our Medium blog for more insightful stories on cybersecurity. 🛡
#LockdownMode #AppleSecurity #ProsAndCons
Mining money must be funny. But not for cryptojacking victims.
Group-IB analysts discovered a hidden cryptojacking campaign on a popular website that receives over five million monthly visits. The threat actors had set up a script that installed malware on each visitor's computer, enabling them to download a cryptocurrency miner. While this software may seem relatively harmless, it can also be used to download and activate more destructive and dangerous programs.
Our latest blog post provides a detailed account of how we discovered and researched this cybercriminal campaign using Group-IB Managed XDR — an innovative solution designed for 24/7 threat monitoring, threat hunting, and countering attacks in real time.
Follow the link to get the details.
#Cybersecurity #FightAgainstCybercrime #cryptojacking #Infosecurity #crypto
What a day to hunt for...cyber threats!
Group-IB presents a second edition of Hunting Rituals, a blog series that explores hunting techniques using one of the most effective solutions on the market — Group-IB MXDR. In this latest installment, we're taking a closer look at methods to spot the abuse of Windows Services.
Our new post focuses on hunting for process command line artifacts of service creation and hunting for registry artifacts of service creation, as they both go hand in hand. This time, we tested two hypotheses. One is obvious and allows us to avoid filtering massive data sets. The other creates more noise but enables us to unmistakably identify service creation events regardless of the tool or method used to create the service.
Follow our guide to see which approach brings more value and recreate the hunting process.
#ThreatHunting #MITREattackframework #WindowsService #huntorbehunted
📊Online trading is a high-stake activity, which demands nothing short of the most resilient cybersecurity measures to protect transactions.
Libertex Group, an international online trading platform with a daily user base of 3 million, encountered the challenge of proactively identifying and addressing vulnerabilities in its infrastructure. The challenge arose due to the limited scope of their security audits. Maintaining compliance with regulatory requirements was a pressing concern as well.
Group-IB stepped up to the fore and assisted Libertex Group’s security team in tackling the issues through a range of intrusive/non-intrusive range of risk assessments, audit services, and high-impact recommendations.
Curious to know how? Read the full case study here.
#OnlineTrading #FinancialTrading #Cybersecurity
✨ Our experience at GovWare this year was truly incredible!
We were thrilled to connect with an incredible group of policymakers, tech innovators, and end-users from across Asia and beyond. Our team had the privilege of showcasing, through live demonstrations, how our Unified Risk Platform can enrich both an organization's security posture and the cybersecurity ecosystem as a whole.
We want to express our sincere gratitude to everyone who stopped by to say hi and show their support for our participation.
If you missed the chance to connect with us at the event, or if you'd like to learn more about the solutions we presented, please don't hesitate to reach out to us at this link.
We look forward to continuing the conversation!
#UnifiedRiskPlatform #cybersecurity #events #GovWare2023
📚 Let's talk cybersecurity training!
Group-IB and CORVIT have partnered to deliver high-quality cybersecurity training in the UAE and nearby areas. CORVIT will showcase Group-IB's top-notch cybersecurity training modules, conducted by certified experts, which aim to upskill professionals as part of their continued development.
Our first joint webinar, which delves into current cyber threats in the Middle East, is set to be delivered by Anatoly Tykushin, Group-IB’s Director of Services, META, on November 22, 2023.
For more details check our press release.
To find out more about the core Group-IB training modules now available via CORVIT, click here.
#cybersecurity #education #partnership #webinars #cyberthreats
Dive into the latest Talking Points episode, featuring our Fraud Protection Solution Engineer, Tan Hwei Qiang, as he discusses how a cybersecurity company combats banking sector fraud.
📌Watch here (our team appears from 11:20)
#CNATalkingPoint #Singapore #MoneyLaundering #BankFraud
🎉 Celebrating 20 years of fighting cybercrime! 🎉
In 2003, we started off as a Digital Forensics and Incident Response (DFIR) and cyber investigations company aspiring to become a formidable force against digital crime.
We’ve transformed this aspiration into reality. Unique insights into attackers enabled us to create a product and service ecosystem reliant on battle-tested human expertise and two decades of investigative and incident response experience. Throughout these years, one thing has remained unchanged: our core mission of fighting against cybercrime.
We’ve established a global network of Digital Crime Resistance Centers (DCRC) that spreads across the Middle East & Africa, APAC, and Europe. Built upon the foundation of 1,400+ successful investigations in 60 countries and 70,000+ hours dedicated to countering threats, DCRCs help us strengthen our contribution to global cybercrime prevention, defend businesses, communities, and support operations against cybercrime.
We take pride in the tangible real-life impact of our work, driving us forward to innovate and continue our mission with excellence. As we mark our 20th anniversary, we celebrate the defining values. We stand resolute in our commitment to battling against digital crime.
None of this would have been possible without our amazing team and the trust of our clients and partners. A heartfelt thanks to you all for being part of our journey. Here's to many more years of innovation and success ahead! 🚀
#GroupIB20Years #Cybersecurity #Anniversary
🙌 Honored to receive recognition from the Singapore Police Force (SPF) for the second year in a row!
Scams are on the rise in Singapore. In 2021, they accounted for over 50% of reported crimes, and the numbers continued to rise in 2022, resulting in losses totalling to SGD 660.7 million, according to SPF.
Our partnership has been instrumental in addressing this growing threat. We've actively shared knowledge, provided training, and engaged in investigative cooperation.
We're committed to building a trusted and secure cyber environment in Singapore, and our collaboration with SPF is a testament to our dedication to this cause. Together, we can make the digital world a safer place! 💪
Check our press release for more details.
#Cybersecurity #SingaporePoliceForce #Partnership #CybercrimeFight
Group-IB's Threat Intelligence team continues to monitor the cyberthreat landscape amidst the Middle East conflict. Check out what Week 2 (October 16-22) reveals:
🔹 Group-IB researchers identified 649 DDoS and website defacement attacks, confirming with moderate confidence.
🔹 A 3.3% decrease in the number of DDoS and defacement attacks compared to Oct. 9 – Oct. 15.
🔹 DDoS attacks decreased by 8.3%, while defacement attacks saw a slight 0.25% increase.
🔹 On Tuesday, October 17, hacktivist attacks peaked with 155 registered.
Find more details in our blog.
#CTI_ISRPAL #Cybersecurity #MiddleEastConflict #ThreatIntelligence
Group-IB is delighted to announce the signing of a memorandum of understanding with CPX, a leading provider of digital-first cybersecurity solutions and services, at GITEX Global 2023. This partnership will bolster cybersecurity benchmarks by strengthening the services offering available for organizations in the UAE. Together, we will make the cyber world a safer place! 🙌
#partnership #events #memorandum #GITEXGlobal2023 #UAE
🔍 Exploring cyber activity in the Middle East conflict
In times of turmoil, hacktivism surges. The ongoing Middle East conflict is no exception.
Group-IB's Threat Intelligence team has been vigilantly tracking the activities of cyber threat actors in this tense climate. Here's what Week 1 unveiled:
▪️ Hacktivists take center stage and coordinate their attacks through Telegram.
▪️ Over 740 DDoS & Website Defacement attacks identified between Oct 7-15, adding to the digital turmoil.
▪️ Key Targets: government sites, IT companies, financial institutions, telecoms, media, and retail are in the crosshairs.
Dig deeper into the story on our blog.
#CyberSecurity #CTI_ISRPAL #overview #ThreatIntelligence
🙌 We're excited to be part of GITEX Global 2023, the Middle East's premier tech expo from Oct 16-20. Partnered with Tech First Gulf, a leading value-added distributor in the MEA region, you can find us at Hall 2, H2-B10.
Discover our cutting-edge cybersecurity solutions, including #ManagedXDR, #ThreatIntelligence, and more.
For details, check out our press release.
Don't miss it! See you at #GITEXGlobal2023.
#Cybersecurity #Events #Dubai #TechFirstGulf
🏆 We're thrilled to announce that Group-IB has won the prestigious 2023 Benelux Outstanding Security Performance Award (OSPA) for Outstanding Police/Law Enforcement Initiative!
Our dedicated High-Tech Crime Investigations team in Europe has been recognized for their relentless efforts in combating cybercrime, particularly in cracking down on compromised credit card data on the dark web.
The award was presented to Dmitry Tunkin, Group-IB’s Chief Regional Officer, Europe, during a ceremony held in the Dutch city of Breda last week.
We also celebrate Martijn van den Berk, our Cyber Threat Intelligence Analyst, who has been nominated as a finalist for the Outstanding Young Security Professional honor.
Congratulations to Dmitry and Martijn for their outstanding contributions to this achievement! 👏
Learn more here.
#Cybersecurity #OSPA #LawEnforcement #CybercrimeFighters
Security Lab is a European #NetworkSecurity provider and a go-to cyber defense advisor that applies a comprehensive approach to cybersecurity. The company boasts its own #SOC, which offers customers top-notch security services and incident response assistance.
To complement the expertise of its analysts, the Security Lab adopted the Group-IB Managed XDR solution for managed detection and response services. Learn more about the partnership and its business outcomes in our booklet.
#ManagedXDR #Cybersecurity #Infosecurity #FightAgainstCybercrime
❕New global ransomware threat uncovered
ShadowSyndicate, has been uncovered as a powerful Ransomware-as-a-Service (RaaS) affiliate through a joint investigation by Group-IB, Bridewell and independent researcher Michael Koczwara. This research was conducted as part of Group-IB's new Cybercrime Fighters Club program, an innovative initiative that fosters collaborative knowledge exchange and joint cybersecurity research.
Key findings:
🔸 Active since July 2022, ShadowSyndicate has left its mark across 13 countries with SSH fingerprints on 85 servers.
🔸 ShadowSyndicate is strongly believed to have leveraged three ransomware families — Quantum, Nokoyawa, ALPHV, and researchers have identified potential links to four more.
🔸 Strong suspicions of employing IcedID and Matanbuchus malware for system infiltrations.
🔸 ShadowSyndicate frequently utilized off-the-shelf tools like Cobalt Strike and Sliver in their attacks.
👉 Learn more here
#ShadowSyndicate #Ransomware #CybercrimeFightersClub #NewReport
📖 Knowledge is power!
Group-IB is delighted to announce the opening of an innovative education hub at our Dubai-based Digital Crime Resistance Center. At the Group-IB Training Center, our world-renowned experts will deliver a high-quality, analyst-led cybersecurity training and simulation experience that will upskill cybersecurity and IT professionals in the Middle East and Africa (MEA) region.
To find out more about our training programs in the UAE, check out our new post!
#Education #Knowledge #FightAgainstCybercrime #Cybersecurity
Strong network security hinges on staying informed about high-risk threats, potential adversaries, their attack tactics, and more.
This proved to be a critical gap for a leading global tier-1 bank that Group-IB helped address.
Want to know how? Read the compelling case study where our Threat Intelligence (TI) helped the bank transform its defenses.
Impressed by the effectiveness of TI, they wanted to take their cybersecurity to the next level with us. So, we introduced Digital Risk Protection (DRP) and Attack Surface Management (ASM).
Group-IB CERT, too, brought their exceptional monitoring and takedown capabilities into the mix.
Check out the case study and read all about it! 🌐🛡️🚀