Donβt let them bust your Windowsβ¦ services!
Here is the third episode of the Hunting Rituals blog series where our experienced threat hunters keep on testing hunting techniques and sharing them with you. By the way, the co-starring solution of this series is our weapon of proactive cyber defense β Group-IB MXDR.
Last time we started talking about the latest methods to capture the abuse of Windows services and even shared two hypotheses to test out. Did you have an occasion to appreciate it? If not, check it out here.
As a logical sequence of the previous two test ideas, focusing on service creation and teaching you to hunt for the events of service installation, this time we are going to share the next two hypotheses that concern service execution. In this blog post, we uncover attackers in disguise and cover hunting for process artifacts of files executed as services, both EXE and DLL ones.
Now we stop raining spoilers, just follow the link to read the blog.
#threathunting #mxdr #Window
Here is the third episode of the Hunting Rituals blog series where our experienced threat hunters keep on testing hunting techniques and sharing them with you. By the way, the co-starring solution of this series is our weapon of proactive cyber defense β Group-IB MXDR.
Last time we started talking about the latest methods to capture the abuse of Windows services and even shared two hypotheses to test out. Did you have an occasion to appreciate it? If not, check it out here.
As a logical sequence of the previous two test ideas, focusing on service creation and teaching you to hunt for the events of service installation, this time we are going to share the next two hypotheses that concern service execution. In this blog post, we uncover attackers in disguise and cover hunting for process artifacts of files executed as services, both EXE and DLL ones.
Now we stop raining spoilers, just follow the link to read the blog.
#threathunting #mxdr #Window
π7β€6
π€ Do you think that regular software updates are enough to keep your Apple devices safe? There are certain vulnerabilities, like checkm8, that can't be patched by just updating iOS. In our Medium post, we discuss Apple devices that are still at risk of this vulnerability. Check it out now.
#Apple #iOS #cybersecurity #vulnerability
#Apple #iOS #cybersecurity #vulnerability
Medium
Still using outdated Apple devices? Weβll tell you why itβs dangerous
An overview of the checkm8 vulnerability and how it affects old Apple products
π7β€2
Group-IB has been contracted by Fawry, a leading Egyptian e-payment company, following an alleged attack by the LockBit ransomware group. We are collaborating closely with Fawry to investigate and enhance system security. Further details in our press release.
#cybersecurity #LockBit #ransomware #DFIR
#cybersecurity #LockBit #ransomware #DFIR
π₯14β€4π4
This media is not supported in your browser
VIEW IN TELEGRAM
Our first Cybersecurity Day in Vietnam was epic!
Our top experts discussed the country's cybersecurity landscape, while teams battled it out in the CTF competition. Huge thanks to everyone who graced this event!
#cybersecurity #CTF #Vietnam #events
Our top experts discussed the country's cybersecurity landscape, while teams battled it out in the CTF competition. Huge thanks to everyone who graced this event!
#cybersecurity #CTF #Vietnam #events
π7β€6π5
π« Reflecting on the unforgettable days our MEA team spent in Antalya!
Our MEA team recently came together in sunny Antalya to celebrate Group-IB's 20th anniversary, and it was truly legendary! Not only did our employees enjoy brainstorming sessions, but they also had the chance to explore the ancient Aspendos and Side, solving riddles of the quest together and building stronger relationships along the way. Gathering in the colosseum added an extra layer to the epicness of the event. We'll cherish these moments for years to come!
#MEAteam #GroupIB20years #Antalya #teambuilding
Our MEA team recently came together in sunny Antalya to celebrate Group-IB's 20th anniversary, and it was truly legendary! Not only did our employees enjoy brainstorming sessions, but they also had the chance to explore the ancient Aspendos and Side, solving riddles of the quest together and building stronger relationships along the way. Gathering in the colosseum added an extra layer to the epicness of the event. We'll cherish these moments for years to come!
#MEAteam #GroupIB20years #Antalya #teambuilding
π₯18β€8π1
π΅οΈββοΈ Ever wondered what threat intelligence is, how it is collected, and who needs it? We've got you covered. In this Medium post, we'll introduce you to the fascinating world of cyber threat intelligence, breaking it down by answering a few seemingly simple questions.
#Cybersecurity #ThreatIntelligence
#Cybersecurity #ThreatIntelligence
Medium
Four simple questions and in-depth answers about Cyber Threat Intelligence
A detailed overview of what threat intelligence is and how a threat intelligence strategy can be built and implemented.
π₯7π2π€©1
π The festive vibe is still in full swing, and it's time for our Europe team to shine! As we celebrate our 20th anniversary, Europe GIB rockstars gathered in Amsterdam for a scenic boat ride down its iconic canals, leading to the stunning riverside concert hall that set the stage for an incredible experience. Despite the chilly weather outside, the room was filled with hugs and heartwarming conversations. Here's to more quality time together within our GIB family!
#GroupIB20years #EuropeTeam #GIBfamily #teambuilding #amsterdam
#GroupIB20years #EuropeTeam #GIBfamily #teambuilding #amsterdam
π₯13β€9π2