๐ฆ What happens when you combine ransomware with information stealers, remote access Trojans, and other malware in one easy-to-download package?
Dubai-based researchers from Group-IBโs Digital Forensics and Incident Response (DFIR) team found that malicious actors, instead of simply infecting a computer with ransomware, have taken to packaging a whole host of malicious files into what we call malware bundles.
Malware bundles have been around for a while, but their recent usage by cybercriminals reveals some interesting trends. First, it highlights how threat actors, with their ever-growing appetite for cash, create new approaches for monetization. Secondly, their usage can reveal insights into the interactions between low-skilled threat actors and their more sophisticated counterparts. An entry-level cybercriminal can leverage a malware bundle to gain access to a single computer, but they are also able to sell this access to a more-skilled threat actor who is able to move laterally from a single device to an entire corporate network.
Check out our latest blog post to get the insights from our investigations into affected companies in Egypt, South Africa, Saudi Arabia, Turkey, Morocco, UAE, Kenya, Israel, Pakistan, India, and Germany. We discuss channels of delivery, malware attribution, tactics, techniques and procedures (TTPs), and bundled parts and roles, all in reference to the MITRE ATT&CKยฎ (Adversarial Tactics, Techniques & Common Knowledge) framework, in order to detail how the cybercriminals gained initial access and secured persistence. Read now๐
#ransomware
Dubai-based researchers from Group-IBโs Digital Forensics and Incident Response (DFIR) team found that malicious actors, instead of simply infecting a computer with ransomware, have taken to packaging a whole host of malicious files into what we call malware bundles.
Malware bundles have been around for a while, but their recent usage by cybercriminals reveals some interesting trends. First, it highlights how threat actors, with their ever-growing appetite for cash, create new approaches for monetization. Secondly, their usage can reveal insights into the interactions between low-skilled threat actors and their more sophisticated counterparts. An entry-level cybercriminal can leverage a malware bundle to gain access to a single computer, but they are also able to sell this access to a more-skilled threat actor who is able to move laterally from a single device to an entire corporate network.
Check out our latest blog post to get the insights from our investigations into affected companies in Egypt, South Africa, Saudi Arabia, Turkey, Morocco, UAE, Kenya, Israel, Pakistan, India, and Germany. We discuss channels of delivery, malware attribution, tactics, techniques and procedures (TTPs), and bundled parts and roles, all in reference to the MITRE ATT&CKยฎ (Adversarial Tactics, Techniques & Common Knowledge) framework, in order to detail how the cybercriminals gained initial access and secured persistence. Read now
#ransomware
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ7๐3
๐ค Group-IB is pleased to announce that it has signed a partnership agreement with Pacific Tech, a value-added distributor of cybersecurity solutions. This marks the first distributorship for Group-IB in Singapore, with Pacific Tech to be responsible for providing Group-IB's entire suite of products and services for preventing and investigating cybercrime within the Southeast Asian region, specifically in Singapore, Malaysia, Indonesia, Brunei, Cambodia, Thailand, and Myanmar.
To help local companies better manage the growing risk of cyber-attacks more efficiently, Group-IB partners up with Pacific Tech, built on the back of an experienced and proven product management and distribution workforce. Pacific Tech team will distribute Group-IBโs Unified Risk Platform โ an ecosystem of solutions that understands each organizationโs threat profile and tailors defenses against them in real-time from a single interface.
More details๐
#partnership
To help local companies better manage the growing risk of cyber-attacks more efficiently, Group-IB partners up with Pacific Tech, built on the back of an experienced and proven product management and distribution workforce. Pacific Tech team will distribute Group-IBโs Unified Risk Platform โ an ecosystem of solutions that understands each organizationโs threat profile and tailors defenses against them in real-time from a single interface.
More details๐
#partnership
๐ฅ8๐6โค1๐1
Want to learn how to monitor for IS incidents, detect threats, eliminate false positives, and perform initial incident response? Register for the "Blue Team Analyst" training course by Group-IB!
In three days, youโll know how to:
โช๏ธMonitor all solutions to ensure that the organization is secure;
โช๏ธQuickly assess security incidents and determine the main features of a cyberattack;
โช๏ธSupport threat intelligence and threat hunting processes.
It's time to enhance your skills! Register now๐
#education
In three days, youโll know how to:
โช๏ธMonitor all solutions to ensure that the organization is secure;
โช๏ธQuickly assess security incidents and determine the main features of a cyberattack;
โช๏ธSupport threat intelligence and threat hunting processes.
It's time to enhance your skills! Register now
#education
Please open Telegram to view this post
VIEW IN TELEGRAM
โค7๐2๐ฅ2
Today we have big news! Group-IB has announced its plans to open a Digital Crime Resistance Center in Thailand. Moreover, at a press conference held in Bangkok, the company signed a strategic partnership agreement with nForce (SECURE), Thailand's top cybersecurity-focused value-added distributor๐ค
โWe are excited to partner with nForce, which has a great reputation in the Thai market and will help us expand our footprint in the region. Group-IBโs Digital Crime Resistance Center and this partnership are significant steps forward in extending our global mission of fighting cybercrime to Thai shores. We believe that together with nForce we will build an incident response team of passionate professionals committed to creating safer cyberspaceโ, Dmitry Volkov, CEO of Group-IB, said.
Check out our website for more details๐
#partnership
โWe are excited to partner with nForce, which has a great reputation in the Thai market and will help us expand our footprint in the region. Group-IBโs Digital Crime Resistance Center and this partnership are significant steps forward in extending our global mission of fighting cybercrime to Thai shores. We believe that together with nForce we will build an incident response team of passionate professionals committed to creating safer cyberspaceโ, Dmitry Volkov, CEO of Group-IB, said.
Check out our website for more details
#partnership
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ12โค3๐3๐3
GISEC Global 2023 was ๐ฅ
Group-IB was excited to be part of the Middle Eastโs largest and most impactful cybersecurity event, which brought together the leading cybersecurity brands and experts!
With cyber threats evolving, it's vital to share knowledge, develop best practices, boost cyber resilience and contribute to the global fight against cybercrime. The Group-IB team was happy to share our fresh insights and show how our products can help you stay ahead of cybercriminals.
#GISECGlobal #FightAgainstCybercrime
Group-IB was excited to be part of the Middle Eastโs largest and most impactful cybersecurity event, which brought together the leading cybersecurity brands and experts!
With cyber threats evolving, it's vital to share knowledge, develop best practices, boost cyber resilience and contribute to the global fight against cybercrime. The Group-IB team was happy to share our fresh insights and show how our products can help you stay ahead of cybercriminals.
#GISECGlobal #FightAgainstCybercrime
๐ฅ24๐2๐1
We are happy to announce that Group-IB has been awarded a Cybersecurity Service Provider License. The license issued by the Cybersecurity Services Regulation Office of Singapore (CSRO) enables Group-IB to provide Penetration Testing and Managed Security Operations Centre (SOC) Monitoring Services.
To obtain a license, Group-IB went through a rigorous 6-month evaluation process that involved demonstrating its high level of experience and technological capabilities in providing pentesting and managed Security Operations Centre monitoring services. The licensing process also evaluated the company servicesโ compliance with Singaporeโs Cybersecurity Act which limits the provision of such services to licensed entities.
Check out our website for more details๐
#FightAgainstCybercrime
To obtain a license, Group-IB went through a rigorous 6-month evaluation process that involved demonstrating its high level of experience and technological capabilities in providing pentesting and managed Security Operations Centre monitoring services. The licensing process also evaluated the company servicesโ compliance with Singaporeโs Cybersecurity Act which limits the provision of such services to licensed entities.
Check out our website for more details
#FightAgainstCybercrime
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ9๐3โค1๐1
๐จโ๐ปThe job hunt can be an extremely trying experience at the best of times, and a fake job scam campaign doesn't make it easier.
Fake job vacancies are one type of scam that is growing in visibility in the Middle East and Africa region. Group-IBโs Digital Risk Protection uncovered more than 2,400 scam pages on Facebook advertising fake jobs for Arabic speakers. On these pages, scammers spoofed more than 40 of the MEA regionโs largest enterprises and published vacancies offering salaries that are too good to be true; a social engineering ploy that aims to get the victims to interact with the post. The eventual goal of the threat actors is the theft of the userโs social network account credentials.
Check out our fresh blog post to get more details on this scam scheme as well as recommendations for users and companies. Read๐
#scam
Fake job vacancies are one type of scam that is growing in visibility in the Middle East and Africa region. Group-IBโs Digital Risk Protection uncovered more than 2,400 scam pages on Facebook advertising fake jobs for Arabic speakers. On these pages, scammers spoofed more than 40 of the MEA regionโs largest enterprises and published vacancies offering salaries that are too good to be true; a social engineering ploy that aims to get the victims to interact with the post. The eventual goal of the threat actors is the theft of the userโs social network account credentials.
Check out our fresh blog post to get more details on this scam scheme as well as recommendations for users and companies. Read๐
#scam
๐7โค3๐ฅ2
๐We continue to share the great news! Group-IB has joined the Asia Pacific Computer Emergency Response Team (APCERT), the largest consortium of Computer Emergency Response Teams in the Asia-Pacific region.
Group-IBโs Computer Emergency Response Team (CERT-GIB) became the first Corporate Partner and only the second organization from Singapore, after SingCERT, to be accepted into the APCERT community. That's huge! By joining APCERT, Group-IB will be better equipped to identify and respond to cybersecurity threats and mitigate their impact on its customers and business operations.
Check out our website for more details๐
#FightAgainstCybercrime #partnership
Group-IBโs Computer Emergency Response Team (CERT-GIB) became the first Corporate Partner and only the second organization from Singapore, after SingCERT, to be accepted into the APCERT community. That's huge! By joining APCERT, Group-IB will be better equipped to identify and respond to cybersecurity threats and mitigate their impact on its customers and business operations.
Check out our website for more details
#FightAgainstCybercrime #partnership
Please open Telegram to view this post
VIEW IN TELEGRAM
โค5๐5๐ฅ3
๐ Group-IB is proud to announce that its Fraud Protection platform has been recognized as the most complete anti-fraud solution on the market by Frost & Sullivan!
Out of nine vendors and products surveyed by Frost & Sullivan in its Global Fraud Detection & Prevention (FDP) Market Study, Group-IBโs Fraud Protection differentiated itself from other offerings by being the only anti-fraud solution to contain all seven key functionalities listed by Frost & Sullivan, including bot detection, behavioral biometrics, explainable AI, and API security.
Learn more about the solution๐
#FraudProtection
Out of nine vendors and products surveyed by Frost & Sullivan in its Global Fraud Detection & Prevention (FDP) Market Study, Group-IBโs Fraud Protection differentiated itself from other offerings by being the only anti-fraud solution to contain all seven key functionalities listed by Frost & Sullivan, including bot detection, behavioral biometrics, explainable AI, and API security.
Learn more about the solution๐
#FraudProtection
๐ฅ19โค6๐2๐1
Group-IB uncovered a new scam campaign targeting both Instagram and banking users in Indonesia, which aims to gain access to their bank accounts. Our team identified more than 600 hijacked Instagram accounts used to spread phishing links to fake websites disguised as login pages of mobile banking applications for one of Indonesiaโs leading financial institutions.
Want to learn how the scheme works and how to avoid falling victim to it? Visit our website to read the full story
#DigitalRiskProtection #scam #phishing
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ11โค4