-
Your daily source of cybersecurity news brought to you by one of the global industry leaders.
With fraud and cyber threats at an all time high, operating in silos is no longer a proper combative strategy for security leaders and teams.
A cybersecurity and fraud prevention fusion is essential to identify, dissect, and counter cyber threats before they escalate into fraud.
Learn more about the future-leaning cyber-fraud fusion and the necessary adjustments needed in your strategy in our blog
Discover how Group-IB is leading the change and remains one of only two vendors offering this capability through its proprietary Fraud Matrix.
#CyberSecurity #CyberThreats #SecurityLeaders #FraudPrevention #FraudMatrix #CyberFraud
As a trusted partner for businesses in managing cybersecurity, MSSPs and MDR providers must continually enhance their service portfolios to address the evolving threat landscape.
Specifically, with Cyber Threat Intelligence (CTI), where:
🔍Expectations - Continuous stream of critical, real-time, and actionable threat insights to counter emerging threats.
⁉️Reality - Focus on basic indicators and lack the resources or structured programs to interpret and act on advanced and tailored threat intelligence.
How can you bridge the gap as an MSSP provider? Enable these three CTI capabilities for your business clients to enhance threat detection and response.
Read all about it and more
#MSSP #MDR #CyberSecurity #ThreatIntelligence #InfoSec #BusinessSecurity #DataProtection
🚨 New Blog Alert🚨
In our latest blog post, we dive deep into the nefarious activities of the threat actor known as Boolka. From opportunistic SQL injection attacks to the creation of sophisticated malware like the BMANAGER modular trojan, discover how Boolka has been infecting websites and stealing data with malicious scripts. Read on to learn about Boolka's tactics, techniques, and the tools used to combat this cyber threat.
Read More
#CyberSecurity #Malware #ThreatIntelligence #Boolka #CyberAttack #DataSecurity #InfoSec
Our latest Hi-Tech Crime Trends 23/24 Report sparked immense interest across the cybersecurity industry, prompting thousands of downloads and numerous web mentions.
To ensure no one misses these critical cybersecurity insights, we're here with a slightly digestible version—the Hi-Tech Crime Trends 23/24 infographic!
45 hard-hitting facts and figures that will challenge businesses' preparedness against the rising tide of cyber threats and help them build unbeatable defenses.
Ready to do your part? Share it far and wide to help your network confront cyber risks head-on.
https://www.group-ib.com/landing/hi-tech-crime-trends-2023-2024-infographics/?utm_source=telegram&utm_campaign=Hi-Tech%20Crime%20Trends%20Report%202023-24&utm_medium=social
As a cybersecurity professional, the challenges we face are as dynamic as the threats we combat. From securing the hybrid workforce to navigating ever-evolving cyber ecosystems, the pressure is on. Ransomware lurks around every corner, threatening our business operations daily. But here's the thing: we're not alone in this battle.
Dmitry Volkov, CEO of Group-IB, underscores the importance of collaboration and workload distribution in supporting our cybersecurity experts. Automation tools are our allies, enhancing efficiency and empowering us to stay one step ahead of adversaries. But it's not just about the tools—it's about celebrating our victories, no matter how small, and recognizing the impact of our research.
In times of crisis, dependable support is non-negotiable. We need partners who stand by us before, during, and after challenging situations. Together, we foster a culture of resilience and success.
Read it now
#ThrowbackThursday Dmitry “Paunch” Fedotov was once the most infamous cybercriminal mastermind behind BlackHole and CoolKit exploit tools, responsible for $2.3 million in damages and 40% of worldwide infections in 2012.
Group-IB played a key role in assisting the police crack the case with end-to-end investigations. On October 4, 2013, our collective efforts led to his arrest.
Our very own CEO, Dmitry Volkov, came face-to-face with Paunch for over 10 hours during the trial, fighting for the cybercriminal's rightful arrest. Intrigued by how it all went down?
Get the inside scoop here. A hat-tip to the Redditors over at r/pics for this throwback!
#CyberCrime #InfoSec #GroupIB #CyberLaw #Hacker #FightAgainstCrime #CyberSecurity #BlackHole
Group-IB has signed an MoU with the University of Prince Mugrin (UPM) to enhance cybersecurity education and empower the next generation of cybersecurity professionals in Saudi Arabia, endorsed by Mohammad Flaifel, Group-IB's Business Development Manager, His Excellency Dr. Bandar bin Mohammed Hajjar, and Ahmed Shuwail, Dean of the College of Computer and Cyber Science.
This partnership, aligning with Saudi Vision 2030, provides UPM students access to Group-IB's advanced solutions and internships, equipping them to tackle real-world cybersecurity challenges. Read more or contact pr@group-ib.com.
The hype around AI, particularly GenAI, is warranted. There's no denying it - we're all curious. So much so that we’ve made AI our future, without fully understanding the downsides it can present.
Know the complete picture of GenAI—its pros and cons, whether it favors adversaries, and whether and how GenAI can help businesses truly enable next-gen cybersecurity.
Find out all the details here.
What does GDPR mean for consumers? Does it strengthen or weaken fraud protection? Both.
Our senior anti-fraud expert, Julien Laurent, shares his interesting alternative perspective.
Look at the current stance on GDPR, which is an effective way to reinstate consumer protection but has some blind spots that can favor adversaries. Julien provides a strong case in point by analyzing his own Data Processing Agreement (DPA) with a global bank.
Read the blog and tell us your thoughts!
Exciting news!
We've partnered with National Security Services Group in Oman to strengthen cybersecurity across government, finance, oil and gas, and telecom sectors.
NSSG will now offer our cutting-edge solutions like Threat Intelligence and Fraud Protection, alongside services such as Digital Forensics and Incident Response.
Together, we're not only protecting clients but also raising awareness about cyber threats.
Stay tuned for more updates!
Last month, we detailed how we assisted INTERPOL and Brazilian authorities to disrupt the Grandoreiro banking trojan operation. This collaboration led to the arrest of five administrators across the Brazilian states of São Paulo, Santa Catarina, Pará, Goiás, and Mato Grosso.
Our APAC Head of Hi-Tech Investigations Department Vesta Matveeva just represented us in a collaborative meeting at INTERPOL headquarters alongside Brazilian law enforcement and other private sector partners. This meeting focused on strategizing the next steps in the ongoing Grandoreiro operation.
This successful case exemplifies the power of public-private cooperation in combating cyber threats, and Group-IB's unwavering commitment to supporting INTERPOL and law enforcement in safeguarding businesses and protecting citizens around the world from digital harm.
#BankingMalware #Cybercrime #Cybersecurity #FightAgainstCybercrime #Grandoreiro #INTERPOL #Investigation #OpGrandoreiro
🔍Investigations are often considered one of the most mysterious and adventurous areas of cybersecurity.
Many operations are kept in secret, which makes the stories shared by our Investigations Team even more valuable and intriguing.
Dive into one of them on Medium to learn how our investigators identified scam operators with just bits and pieces of evidence.
#Cybersecurity #investigations #scams
We are thrilled to welcome Mauricio Guijarro as our new Head of Sales for Latin America!
We are confident that Mr. Guijarro, who has 20 years of experience in developing cybersecurity products in the LATAM market, will successfully drive Group-IB’s expansion in the region.
Mauricio will lead the sales team in our new office in Chile, set to open in August 2024. This move aligns with our strategic goal of establishing Digital Crime Resistance Centers in every region so that we can better support our clients in fighting cybercrime.
Check out our press release for more details.
#LATAM #Cybersecurity #NewAppointment #Chile #DCRC #NewOffice
Another edition, another pervasive cyber technique hunted by Group-IB’s Head of Malware Analysis and Threat Hunting Team, Roman Rezvukhin.
In Hunting Rituals #4, we dive deep into Windows Management Instrumentation (WMI) abuse. Cybercriminals frequently exploit WMI to execute commands slyly, move across compromised systems laterally, and establish persistence.
Read all insights on WMI abuse, methodologies for detection, and hunting strategies.
Don't forget to give it a thumbs up and share it within your network!
#ThreatHunting #WMIabuse #Windows #Cybersecurity #FightAgainstCybercrime
🤝 Partnership Announcement with HELP University!
We are thrilled to unveil a landmark collaboration with one of Malaysia's most distinguished private institutions of higher learning, HELP University. Our shared mission? To redefine cybersecurity education across Malaysia and groom the next generation of skilled talent and professionals for this critical field!
A Memorandum of Understanding (MOU) was signed between HELP University’s Vice Chancellor Prof. Dr. Andy Liew and Group-IB’s CEO Dmitry Volkov at our Global HQ in Singapore. This strategic alliance will see us co-create a curriculum rich in hands-on practical experience.
Read the full announcement here: https://www.group-ib.com/media-center/press-releases/group-ib-help-university-collaboration/?utm_source=telegram&utm_campaign=help_univercity&utm_medium=social
#cybersecurity #education #partnership #HELPUniversity #Malaysia
Discover how Eldorado Ransomware, with its advanced encryption techniques and global impact, marks the evolving landscape of cybercrime🕵️♂️.
Our latest blog post delves into the rise of Ransomware-as-a-Service (RaaS) on dark web forums, focusing on ElDorado—a new player recruiting affiliates and providing powerful tools for devastating attacks.
Explore the dramatic increase in ransomware incidents, the secretive forums like RAMP where cybercriminals convene, and the technical workings of ElDorado. Learn crucial strategies to safeguard your organization. Unravel the hidden empire of ElDorado Ransomware in our full analysis.
Read now
#Cybercrime #Ransomware #GroupIB #Cybersecurity #RansomwareAsAService #DarkWeb #InfoSec
App interfaces are built for convenient experiences 📱✨.
But as much as your customers prefer them, adversaries do too, using fake apps to perpetrate fraud, access sensitive information, and take control of devices.
Group-IB’s High-Tech Crime Investigations team analyzed a similar scam scheme involving illegitimate brand apps that were actually Remote Access Trojans (RATs) built using Craxs Rat🕵️♂️.
Developed by EVLF, Craxs Rat continues to be sold as malware-as-a-service and is evolving.
Dive into the complete details and latest developments on Craxs Rat, uncovered by Group-IB to defend yourself from becoming the next victim
#FakeAppScam #Malware #RAT #DarkWeb #CyberInvestigations #FightAgainstCybercrime
We are proud to have played a pivotal role in "Operation DISTANTHILL" alongside the Singapore Police Force, Hong Kong Police Force, and Royal Malaysia Police. Together, we successfully nabbed cyber fraud syndicates behind a notorious Android Remote Access Trojan (RAT) campaign that wreaked havoc in Singapore and Hong Kong in 2023.
After months of intensive data collection and analysis, Group-IB uncovered the vast network used by these cybercriminals, leading to their arrest. More than 4,000 victims were defrauded across Southeast Asia. Among them, the Singapore police recorded 1,899 related cases in 2023 with a total loss of more than US$25 million.
Learn more about how our collaboration with international law enforcement brought down this cybercrime syndicate
#CyberSecurity #CyberCrime #RATCampaign #DataSecurity #CyberFraud #FightAgainstCrime #Android
📢 Breaking News 📢
Group-IB proudly becomes the first Security Operations Center-Capability & Maturity Model (SOC-CMM) Silver Support Partner in the Asia-Pacific region! 🌏
As a Silver Support Partner, Group-IB will leverage its extensive expertise and Digital Crime Resistance Centers (DCRCs) located in the Middle East, Europe, Central Asia, and the Asia-Pacific to deliver SOC-CMM advisory services globally. This partnership aims to enhance global cybersecurity by providing comprehensive assessments, consulting services, and targeted training to Security Operations Centers (SOCs) worldwide.
Read more about our strategic collaboration and its impact on the cybersecurity landscape
#Cybersecurity #GroupIB #SOCCMM #CyberDefense #DigitalCrime #CyberSecurityExcellence
🚨 Apple devices are being used more and more in both business and personal settings, which makes them prime targets for cybercriminals. Threat actors have started adapting effective Android threats to Apple devices. As a symptom of this trend, Group-IB recently uncovered GoldPickaxe, the first face-stealing iOS Trojan that has evolved from the infamous Android malware GoldDigger.
Against this background, it is crucial to investigate Apple threats and raise awareness among users. While some iOS vulnerabilities (e.g., Checkm8) cannot be fixed with software updates and pose risks to users, cybersecurity experts can leverage them to analyze and counteract the malware.
🎓 Sergey Nikitin, Group-IB’s Chief Regional Officer and digital forensics expert, shares advice to help businesses and users detect and investigate malicious apps and other iOS threats.
🔗 Read and apply his insights today
#GoldPickaxe #Malware #iOS #Cybersecurity #Apps #iPhone #FightAgainstCybercrime #CyberThreats
Rock-solid incident readiness is key to ransomware resilience. But it’s not easy to decide what needs to be done immediately, what can be postponed, and what should be done day after day.
Group-IB’s Incident Response team has crafted a white paper that will guide you through the essential steps of incident readiness. You can use it to pinpoint potential security gaps in your practices, prioritize critical activities, and put them into action right away.
Read the white paper here
Share the guide within your network and make sure that this helpful resource reaches cybersecurity pros everywhere.
#ransomware #framework #cybersecurity #FightAgaisntCybercrime
Even small organizations can become an appealing target for ransomware operators. This happens when sensitive data is at stake, such as health information or personal details.
A special needs school that experienced a ransomware campaign stored both types of data, which endangered the school’s pupils, reputation, and finances.
To make matters worse, the school could not afford the necessary stack of defense solutions or a full-time team of cybersecurity professionals with expertise in addressing sophisticated attacks.
When ransomware strikes, the decision time makes a difference. Group-IB’s Incident Response team stepped in just in time and helped the school to stop the ongoing ransomware campaign and shore up its defenses.
Interested in finding out the details? Read the full case study here.
When combating adversaries, businesses often lack insight into who, when, and what they're up against. Therefore, the need for real-time and tailored threat intelligence is crucial
Sorint.SEC recognized this capability gap in their cybersecurity offering and reached out to Group-IB.
Discover how the global cybersecurity service provider leveraged Group-IB’s proprietary Threat Intelligence (TI) to enable proactive threat detection with unmatched speed and quality for them and their clients.
Read more in the case study.
The online gambling industry being prone to fraud isn’t exactly new information, but the tactics have changed and are a lot more intense.
Instead of simple tactics like creating fake accounts, malicious actors now use sophisticated techniques such as synthetic players, advanced bot attacks, deepfake customer support, and other GenAI-powered manipulations.
Learn more about these elaborate schemes from our experts in our latest blog. Read more here.
Today we joined forces in a global crackdown on LabHost, a major Canadian Phishing-as-a-Service provider.
As part of this operation, we also delved deep into LabHost’s history and infrastructure, dissecting their admin platform and the services they offer to criminals.
Join Group-IB at GISEC Global from 23rd to 25th April at the Dubai World Trade Center and experience the power of Cyber Fusion firsthand!
As we converge threat intelligence, digital forensics, and proactive defense strategies, we're shaping the future of cybersecurity.
Don't miss out on discovering groundbreaking solutions at #GISEC2024.
Book a meeting with our team now!
See you there!
#GroupIB #Cybersecurity #CyberFusion #GISECGlobal
🚨 ALERT: CERT-GIB uncovers Ramadan scam targeting mobile users globally!
Scammers registered 375 dormant domains from Aug '22 to Apr '24, promising 60GB of free mobile data at 5G speeds.
Beware! Protect your personal info from online predators. Stay safe this Ramadan.
#Cybersecurity #ScamAlert 🛡️🕵️♂️
The final chapter of our series on the history of scams is out now. In it, we discuss how scammers adapted their tactics to target users worldwide, overcoming challenges along the way. Give it a read and follow us on Medium for more cybersecurity-related stories:
The history of scams, part 3: The global spread
#scams #cybersecurity #investigations #evolution
Group-IB Awarded with 5-Star Rating in 2024 CRN® Partner Program Guide
Group-IB's MSSP & MDR Partner Program is officially recognized as an excellent one by the 2024 CRN® Partner Program Guide. The best success is the one repeated - we were also granted this award back in 2021. The 5-Star rating is awarded to the companies that have built their partner programs to go above and beyond in their commitment to nurturing strong, profitable, and successful channel partnerships.
Program Guide acknowledged Group-IB’s co-selling opportunities and diverse portfolio of cybersecurity solutions that can be easily integrated into existing or new managed services based on a “pay-as-you-grow” model. Group-IB’s efforts have paid off: we have customized our solution stack to help our partners be more successful while protecting their customers against notorious cyberattacks.
Standing ovation to the channel team!
Click here to learn more about this award or our partner program ->
🛡️Once again, Group-IB stepped to the fore in supporting INTERPOL with another crime-nabbing operation.
Curious about the details behind the Grandoreiro malware operation? Read our latest press release.
Group-IB Threat Intelligence and Cyber Investigation specialists excelled in assisting with malware investigations and analysis, which helped narrow down suspects linked to the organized crime group.
🎓"Disrupting the Grandoreiro malware operation reaffirms the ever-strong public-private dynamic in investigating and fighting cybercrime to protect local businesses and citizens.” - Group-IB's CEO, Dmitry Volkov.
Read his complete statement and discover more about the operation now!
#BankingMalware #Cybercrime #Investigation #INTERPOL #FightAgainstCybercrime