#DeepSec #PlugX #Vienna
Group-IB at DeepSec 2021
Artem Artemov and Rustam Mirkasymov from Group-IB Europe will present a deep overview of #PlugX – tool used by Chinese nation-state APTs. Based on a real-life Incident response case with a big industrial company, Group-IB experts analyzed the tools’ functionality, its past versions, and nowadays usage.
If you are at #DeepSec make sure to attend the talk on Nov 19, 2.50 pm, to learn why PlugX is hard to find, why it’s important for big industrial firms to detect it, and why all recent big attacks - first Sunburst and then Exchange exploits (proxylogon related to Hafnium) - are links of one chain.
More about the talk: https://bit.ly/3Csa6QE
Group-IB at DeepSec 2021
Artem Artemov and Rustam Mirkasymov from Group-IB Europe will present a deep overview of #PlugX – tool used by Chinese nation-state APTs. Based on a real-life Incident response case with a big industrial company, Group-IB experts analyzed the tools’ functionality, its past versions, and nowadays usage.
If you are at #DeepSec make sure to attend the talk on Nov 19, 2.50 pm, to learn why PlugX is hard to find, why it’s important for big industrial firms to detect it, and why all recent big attacks - first Sunburst and then Exchange exploits (proxylogon related to Hafnium) - are links of one chain.
More about the talk: https://bit.ly/3Csa6QE
#CyberCrimeCon21 #cybersecurity #conference
Meet Group-IB #CyberCrimeCon21 speakers!
On December 2, Cyber Threat Intelligence Manager at CyberSOC Africa Olakanmi Oluwole will introduce you to the African and Nigerian Threat Landscape and tell about the takedown of a bank #fraud syndicate group.
Register here -> https://bit.ly/3qkPozr
Meet Group-IB #CyberCrimeCon21 speakers!
On December 2, Cyber Threat Intelligence Manager at CyberSOC Africa Olakanmi Oluwole will introduce you to the African and Nigerian Threat Landscape and tell about the takedown of a bank #fraud syndicate group.
Register here -> https://bit.ly/3qkPozr
#CyberCrimeCon21 #cybersecurity #conference #ransomware
Meet Group-IB #CyberCrimeCon21 speakers!
What is a cybersecurity conference without a ransomware discussion? On Dec 2, Group-IB Digital Forensics and Malware Analysis Laboratory head Oleg Skulkin will give a broad overview of the ransomware market and touch upon its latest developments. Join Oleg’s presentation to learn:
🔺ransomware attack growth rate in 2021
🔺what is the average ransom payment
🔺how does rebranding on the ransomware market look like
🔺what are the most common initial access techniques and much more
Register here -> https://bit.ly/3qkPozr
Meet Group-IB #CyberCrimeCon21 speakers!
What is a cybersecurity conference without a ransomware discussion? On Dec 2, Group-IB Digital Forensics and Malware Analysis Laboratory head Oleg Skulkin will give a broad overview of the ransomware market and touch upon its latest developments. Join Oleg’s presentation to learn:
🔺ransomware attack growth rate in 2021
🔺what is the average ransom payment
🔺how does rebranding on the ransomware market look like
🔺what are the most common initial access techniques and much more
Register here -> https://bit.ly/3qkPozr
#RedCurl #ThreatIntelligence #Espionage
RedCurl: The awakening
After more than a half year break, #RedCurl returned to the corporate cyber #espionage arena. In its new report Group-IB uncovers latest attacks of the group and analyzes the evolution of their toolset.
Since the beginning of 2021, Group-IB Threat Intelligence team has identified four attacks. One of the victims was a Russian wholesale company, which RedCurl attacked twice. The location of the two other victims remains unknown.
The group added a new reconnaissance tool whose code shares many similarities with the FirstStageAgent module (Group-IB named the tool FSABIN), as well as a PowerShell downloader for the tool.
Download the report for more details: https://bit.ly/3DsP7yj
RedCurl: The awakening
After more than a half year break, #RedCurl returned to the corporate cyber #espionage arena. In its new report Group-IB uncovers latest attacks of the group and analyzes the evolution of their toolset.
Since the beginning of 2021, Group-IB Threat Intelligence team has identified four attacks. One of the victims was a Russian wholesale company, which RedCurl attacked twice. The location of the two other victims remains unknown.
The group added a new reconnaissance tool whose code shares many similarities with the FirstStageAgent module (Group-IB named the tool FSABIN), as well as a PowerShell downloader for the tool.
Download the report for more details: https://bit.ly/3DsP7yj
#RedCurl #Timeline #Killchain
If you haven’t already, you can read the report “RedCurl: The awakening” at ttps://bit.ly/3DsP7yj
If you haven’t already, you can read the report “RedCurl: The awakening” at ttps://bit.ly/3DsP7yj
www.group-ib.com
Report from Group-IB: «RedCurl: The awakening» | Group-IB
Group-IB’s most recent report details how RedCurl’s tactics and tools have changed and reveals the group’s new victims.
#CyberCrimeCon21 #cybersecurity #conference #APT
Meet Group-IB #CyberCrimeCon21 speakers!
Ladislav Baco, head of research department at IstroSec, will share his findings about #APT campaign targeting European, governments, diplomats, individuals and think-tanks. Join the talk to learn about the tools and infrastructure used in the attacks.
Register here -> https://bit.ly/3qkPozr
Meet Group-IB #CyberCrimeCon21 speakers!
Ladislav Baco, head of research department at IstroSec, will share his findings about #APT campaign targeting European, governments, diplomats, individuals and think-tanks. Join the talk to learn about the tools and infrastructure used in the attacks.
Register here -> https://bit.ly/3qkPozr
Forwarded from The Hacker News
RedCurl, a Russian-speaking cyberespionage hacker group, has returned after a seven-month hiatus with new attacks on four companies this year while improving its toolkit to thwart analysis.
Details: https://thehackernews.com/2021/11/redcurl-corporate-espionage-hackers.html
Details: https://thehackernews.com/2021/11/redcurl-corporate-espionage-hackers.html
#CyberCrimeCon21 #cybersecurity #conference
CyberCrimeCon 2021 presents the conference’s second track: Espionage and Vulnerabilities!
Cyber #espionage is a devastating trend that has lasting effects not only on businesses, but even entire governments. Meanwhile, critical vulnerabilities, like the one that resulted in the “Zoom bombing” phenomenon of the early pandemic days, continue to affect everyday users.
This year, CyberCrimeCon will present all that you need to know about cyber espionage by the most notorious APT groups and vulnerabilities. Leaders from Group-IB and the wider cybersecurity community will present exclusive insights and share their predictions for what 2022 may bring.
We’d like you to meet the Track 2 speakers! Group-IB APT Research Analyst Nikita Rostovcev will share his findings on the notorious #APT41 group and its recent “world tour,” during which cybercriminals targeted dozens of companies in Asia, Europe, and North America.
If you have zero tolerance for cybercrime, tune in to #CyberCrimeCon2021 on December 2.
Register here -> https://bit.ly/3CSq1YJ
CyberCrimeCon 2021 presents the conference’s second track: Espionage and Vulnerabilities!
Cyber #espionage is a devastating trend that has lasting effects not only on businesses, but even entire governments. Meanwhile, critical vulnerabilities, like the one that resulted in the “Zoom bombing” phenomenon of the early pandemic days, continue to affect everyday users.
This year, CyberCrimeCon will present all that you need to know about cyber espionage by the most notorious APT groups and vulnerabilities. Leaders from Group-IB and the wider cybersecurity community will present exclusive insights and share their predictions for what 2022 may bring.
We’d like you to meet the Track 2 speakers! Group-IB APT Research Analyst Nikita Rostovcev will share his findings on the notorious #APT41 group and its recent “world tour,” during which cybercriminals targeted dozens of companies in Asia, Europe, and North America.
If you have zero tolerance for cybercrime, tune in to #CyberCrimeCon2021 on December 2.
Register here -> https://bit.ly/3CSq1YJ
CyberCrimeCon 2021
Register now for Global Threat Hunting & Intelligence Conference
#CyberCrimeCon21 #cybersecurity #conference #APT
Meet Group-IB #CyberCrimeCon21 speakers!
What can be more exciting than a new APT group? Maybe an APT carrying out trusted relationship attacks while btw trying to mimic cybersecurity vendors?
On December 2, Denis Kuvshinov, the head of CTI Group at Positive Technologies, will share with you details on the newly discovered APT group ChamelGang that attacked numerous organizations worldwide.
Register here -> https://bit.ly/3CSq1YJ
Meet Group-IB #CyberCrimeCon21 speakers!
What can be more exciting than a new APT group? Maybe an APT carrying out trusted relationship attacks while btw trying to mimic cybersecurity vendors?
On December 2, Denis Kuvshinov, the head of CTI Group at Positive Technologies, will share with you details on the newly discovered APT group ChamelGang that attacked numerous organizations worldwide.
Register here -> https://bit.ly/3CSq1YJ
#CyberCrimeCon21
Meet Group-IB's CyberCrimeCon21 media partners!
Techzine targets IT/security professionals and decision makers, and has a relentless focus on quality and giving profound insights. Techzine understands the world of IT and security, how solutions work, or how they should work, and why customers should consider them or not.
https://www.techzine.eu
Meet Group-IB's CyberCrimeCon21 media partners!
Techzine targets IT/security professionals and decision makers, and has a relentless focus on quality and giving profound insights. Techzine understands the world of IT and security, how solutions work, or how they should work, and why customers should consider them or not.
https://www.techzine.eu
#CyberCrimeCon21 #cybersecurity #conference #APT
Meet Group-IB #CyberCrimeCon21 speakers!
Attention all state-sponsored APTs lovers! On December 2, Group-IB Senior Malware Analyst Dmitry Kupin will analyze espionage campaigns of Chinese state-sponsored APT groups in APAC.
Starting with the analysis of Webdav-O malware, Dmitry will examine its links with the toolset of the hacker group #TaskMasters and will even go further to link this group to another Chinese threat actor — APT #TA428.
Curious?
Register here -> https://bit.ly/3CSq1YJ
Meet Group-IB #CyberCrimeCon21 speakers!
Attention all state-sponsored APTs lovers! On December 2, Group-IB Senior Malware Analyst Dmitry Kupin will analyze espionage campaigns of Chinese state-sponsored APT groups in APAC.
Starting with the analysis of Webdav-O malware, Dmitry will examine its links with the toolset of the hacker group #TaskMasters and will even go further to link this group to another Chinese threat actor — APT #TA428.
Curious?
Register here -> https://bit.ly/3CSq1YJ
#CyberCrimeCon21 #MediaPartner
Introducing Group-IB's CyberCrimeCon21 media partners!
CPO Magazine provides news, insights and resources to help data privacy, protection and cyber security leaders make sense of the evolving landscape to better protect their organizations and customers.
https://www.cpomagazine.com
Introducing Group-IB's CyberCrimeCon21 media partners!
CPO Magazine provides news, insights and resources to help data privacy, protection and cyber security leaders make sense of the evolving landscape to better protect their organizations and customers.
https://www.cpomagazine.com
#CyberCrimeCon21 #cybersecurity #conference #vulnerability
Meet Group-IB #CyberCrimeCon21 speakers!
On December 2, Senior Security Researcher at VNPT Cyber Immunity Quynh Le will share her findings about attacks on #Java deserialization.
Register here -> https://bit.ly/3CSq1YJ
Meet Group-IB #CyberCrimeCon21 speakers!
On December 2, Senior Security Researcher at VNPT Cyber Immunity Quynh Le will share her findings about attacks on #Java deserialization.
Register here -> https://bit.ly/3CSq1YJ
#CyberCrimeCon21 #cybersecurity #conference
Introducing CyberCrimeCon21 media partners!
Cyber Defense Magazine is by ethical, honest, passionate information security professionals for IT Security professionals. #CDM's mission is to share cutting-edge knowledge, real-world stories on the best ideas, products, and services.
Tune in for updates from Group-IB's CyberCrimeCon: https://www.cyberdefensemagazine.com
Introducing CyberCrimeCon21 media partners!
Cyber Defense Magazine is by ethical, honest, passionate information security professionals for IT Security professionals. #CDM's mission is to share cutting-edge knowledge, real-world stories on the best ideas, products, and services.
Tune in for updates from Group-IB's CyberCrimeCon: https://www.cyberdefensemagazine.com
#cybersecurity #distributor #India
Group-IB is pleased to announce it has signed a distribution agreement with the Indian branch of Ingram Micro, the world’s leading wholesale distributor of technology products and services.
Ingram Micro will grant organizations in the country access to Group-IB’s proprietary technologies dedicated to deterring and probing into cyberattacks, and safeguarding against online fraud and intellectual property misuse.
"We are excited to work together with Ingram Micro to boost our presence on the competitive Indian market. Ingram Micro’s strong position on the market will help Group-IB scale up its presence in India and further grow its business. Group-IB has been actively branching out into new countries in the Asia-Pacific, and it’s been part of our growth strategy to engage reliable partners who share our philosophy," comments Nishant Ranjan, Group-IB Regional Sales Director ASEAN & India.
Learn more -> https://www.group-ib.com/media/gib-ingram-micro-india/
Group-IB is pleased to announce it has signed a distribution agreement with the Indian branch of Ingram Micro, the world’s leading wholesale distributor of technology products and services.
Ingram Micro will grant organizations in the country access to Group-IB’s proprietary technologies dedicated to deterring and probing into cyberattacks, and safeguarding against online fraud and intellectual property misuse.
"We are excited to work together with Ingram Micro to boost our presence on the competitive Indian market. Ingram Micro’s strong position on the market will help Group-IB scale up its presence in India and further grow its business. Group-IB has been actively branching out into new countries in the Asia-Pacific, and it’s been part of our growth strategy to engage reliable partners who share our philosophy," comments Nishant Ranjan, Group-IB Regional Sales Director ASEAN & India.
Learn more -> https://www.group-ib.com/media/gib-ingram-micro-india/
#CyberInvestigations #Italy #FakeCovidCertificates
⚡️⚡️⚡️Operation “NO-VAX FREE”!
Group-IB has assisted Guardia di Finanza (GdF), the Italian law enforcement agency responsible for dealing with financial crime, in the probe into the work of fraudsters who sold fake #GreenPass via #Telegram. The buyers were promised «authentic Green Passes with QR codes» — the proof of vaccination, a negative test or recovery from the COVID-19. The sellers claimed it was possible thanks to the complicity of health workers. In reality, they were nothing but fake.
Group-IB’s Amsterdam-based hi-tech crime investigation unit managed to confirm the existence of at least 35 Telegram channels offering for sale fake Green Passes, with their total audience amounting to about 100,000 users, and carried out a research to help reveal suspected perpetrators’ identities.
➡️ https://bit.ly/3ld6PyA
⚡️⚡️⚡️Operation “NO-VAX FREE”!
Group-IB has assisted Guardia di Finanza (GdF), the Italian law enforcement agency responsible for dealing with financial crime, in the probe into the work of fraudsters who sold fake #GreenPass via #Telegram. The buyers were promised «authentic Green Passes with QR codes» — the proof of vaccination, a negative test or recovery from the COVID-19. The sellers claimed it was possible thanks to the complicity of health workers. In reality, they were nothing but fake.
Group-IB’s Amsterdam-based hi-tech crime investigation unit managed to confirm the existence of at least 35 Telegram channels offering for sale fake Green Passes, with their total audience amounting to about 100,000 users, and carried out a research to help reveal suspected perpetrators’ identities.
➡️ https://bit.ly/3ld6PyA
To get a Green Pass, the potential customer is asked to create a secret chat on Telegram with the seller — by doing so, threat actors hoped to protect themselves against potential disclosure. The customer is then asked to reveal their personal info that is allegedly contained in the QR code. After receiving the personal information of the buyer and the payment, threat actors either delete the chat and disappear, or send back a fake QR code.
According to Group-IB Digital Risk Protection (DRP) analysts, the average price for fake Green Passes sits at €100 and depends on its form — either digital or printed. The fraudsters offer their customers various payment methods, including cryptocurrency payments (Bitcoin, Ethereum), PayPal money transfer or voucher payments, like Amazon gift cards.
According to Group-IB Digital Risk Protection (DRP) analysts, the average price for fake Green Passes sits at €100 and depends on its form — either digital or printed. The fraudsters offer their customers various payment methods, including cryptocurrency payments (Bitcoin, Ethereum), PayPal money transfer or voucher payments, like Amazon gift cards.
With the support of Group-IB, the GdF provided a complete report to the Milan Public Prosecutor’s Office, after which it embarked on a law enforcement action that led to several searches in Veneto, Liguria, Apulia, and Sicily. The suspects admitted the offence: https://www.youtube.com/watch?v=CBvqyfG-rEc
YouTube
“NO-VAX FREE”: joint operation of Group-IB’s hi-tech crime investigation unit and Guardia di Finanza
Group-IB has assisted Guardia di Finanza (GdF), the Italian law enforcement agency responsible for dealing with financial crime, in the probe into activities of the criminal organization which trafficked fake Green Passes — documents issued for vaccinated…