#REvil #JBS
REvil strikes again! A cyberattack on JBS SA, the largest meat producer globally, forced the shutdown of all its U.S. beef plants.
🔹According to Bloomberg, the shutdown wiped out the output from facilities that supply almost a quarter of American supplies. All of the company’s fed-beef and regional beef plants were forced to shutter, and all other JBS meatpacking facilities in the country experienced some level of disruption to operations. Slaughter operations across Australia seemed to also be down.
🔹It’s unclear exactly how many plants globally have been affected by the ransomware attack as Sao Paulo-based JBS has yet to release those details. However, an anonymous CNBC source reported that a well-known hacker group REvil is behind the cyberattack.
💬 “REvil is distributed through ransomware-as-a-service model, which was semi-public until recent events” - says Oleg Skulkin, Lead Digital Forensics Specialist at Group-IB. “Just like many others, their affiliates are of various skill levels, so they can attack a wide range of targets, from small companies to giants like Acer, and now - JBS. The program accepts only Russian-speaking affiliates, at the same time, there isn't strong evidence they are located in Russia or even CIS countries. REvil started to be even more active as, according to their public persona, many Darkside affiliates and those, who worked with other programs, which closed recently, switched to them.”
🔹Earlier this year we published Ransomware Uncovered 2020 / 2021, a complete guide to the latest tactics, techniques, and procedures of ransomware operators, giving readers an intimate look at each step threat actors take, from initial access to exfiltration. This free report is now relevant as never before. We highly encourage going through our findings and conclusions if you haven’t done so already.
REvil strikes again! A cyberattack on JBS SA, the largest meat producer globally, forced the shutdown of all its U.S. beef plants.
🔹According to Bloomberg, the shutdown wiped out the output from facilities that supply almost a quarter of American supplies. All of the company’s fed-beef and regional beef plants were forced to shutter, and all other JBS meatpacking facilities in the country experienced some level of disruption to operations. Slaughter operations across Australia seemed to also be down.
🔹It’s unclear exactly how many plants globally have been affected by the ransomware attack as Sao Paulo-based JBS has yet to release those details. However, an anonymous CNBC source reported that a well-known hacker group REvil is behind the cyberattack.
💬 “REvil is distributed through ransomware-as-a-service model, which was semi-public until recent events” - says Oleg Skulkin, Lead Digital Forensics Specialist at Group-IB. “Just like many others, their affiliates are of various skill levels, so they can attack a wide range of targets, from small companies to giants like Acer, and now - JBS. The program accepts only Russian-speaking affiliates, at the same time, there isn't strong evidence they are located in Russia or even CIS countries. REvil started to be even more active as, according to their public persona, many Darkside affiliates and those, who worked with other programs, which closed recently, switched to them.”
🔹Earlier this year we published Ransomware Uncovered 2020 / 2021, a complete guide to the latest tactics, techniques, and procedures of ransomware operators, giving readers an intimate look at each step threat actors take, from initial access to exfiltration. This free report is now relevant as never before. We highly encourage going through our findings and conclusions if you haven’t done so already.
Bloomberg.com
All of JBS’s U.S. Beef Plants Were Forced Shut by Cyberattack
A cyberattack on JBS SA, the largest meat producer globally, forced the shutdown of all its U.S. beef plants, wiping out output from facilities that supply almost a quarter of American supplies.
#Attribution #FontPack
You’ve just noticed a suspicious pop-up asking for a browser or a flash player update? Be careful! There’s a chance your personal data is about to be stolen.
🔹Curious to see how attribution works? Our new blog post explores behind-the-scene practices of Group-IB Threat Intelligence & Attribution team.
🔹Attribution becomes harder every year. The number of unique malicious programs is decreasing while affiliate programs (collaborations between threat actors) are on the rise, with the number and quality of attacks both going up. Nikita Rostovtsev, an analyst at Group-IB Threat Intelligence, will demonstrate the attribution in practice by examining a malicious landing page that Group-IB specialists are tracking as FontPack. You will see what this page distributes and how it manages to do so, as well as learn other interesting points that Group-IB has uncovered.
Check out the new blog now!
You’ve just noticed a suspicious pop-up asking for a browser or a flash player update? Be careful! There’s a chance your personal data is about to be stolen.
🔹Curious to see how attribution works? Our new blog post explores behind-the-scene practices of Group-IB Threat Intelligence & Attribution team.
🔹Attribution becomes harder every year. The number of unique malicious programs is decreasing while affiliate programs (collaborations between threat actors) are on the rise, with the number and quality of attacks both going up. Nikita Rostovtsev, an analyst at Group-IB Threat Intelligence, will demonstrate the attribution in practice by examining a malicious landing page that Group-IB specialists are tracking as FontPack. You will see what this page distributes and how it manages to do so, as well as learn other interesting points that Group-IB has uncovered.
Check out the new blog now!
#cybersecurity #bestpractises #education
Next week we are hosting a Digital Risk summit with some really exciting speakers taking part!
This event is a perfect opportunity to enhance your skills and get exclusive cybersecurity insights from industry experts.
The agenda highlights include:
🔹Digital Risk Global Trends 2021
🔹Scam as the main growing trend
🔹Group-IB Digital Risk Protection.
🔹Next-gen solution sharing session
🔹Industry-specific case studies
🔹How to manage the human risk in cybersecurity
🔹Scam Intelligence
🔹Q&A session
Register for our summit now to join cybersecurity practitioners, dive deep into new technologies, get insights from practical use cases and learn all about our next-level Digital Risk Protection solution 🛡
Next week we are hosting a Digital Risk summit with some really exciting speakers taking part!
This event is a perfect opportunity to enhance your skills and get exclusive cybersecurity insights from industry experts.
The agenda highlights include:
🔹Digital Risk Global Trends 2021
🔹Scam as the main growing trend
🔹Group-IB Digital Risk Protection.
🔹Next-gen solution sharing session
🔹Industry-specific case studies
🔹How to manage the human risk in cybersecurity
🔹Scam Intelligence
🔹Q&A session
Register for our summit now to join cybersecurity practitioners, dive deep into new technologies, get insights from practical use cases and learn all about our next-level Digital Risk Protection solution 🛡
#instagramlive #digitalrisks
We’re doing an Instagram Live Stream tomorrow at 6PM Amsterdam time!
🔹 Scammers often impersonate famous brands online for their own gain. In 2021 companies, celebrities and non-profit organizations are all under high risk.
🔹 What are the key points to know about online scams in 2021? What should you do if you are a business owner and are you in danger if you are just a regular person with no brand behind your shoulders?
🔹 Tomorrow Camill Cebulla, our Sales Director in Europe, will be joined by Dmitry Tyunkin, Head of Group-IB Digital Risk Protection in the region to discuss the scam threat as well as answer all your questions!
Tune in tomorrow at 4PM GMT / 6 PM Amsterdam time via our Instagram account @GroupIBHQ
Get your questions ready and see you tomorrow!
We’re doing an Instagram Live Stream tomorrow at 6PM Amsterdam time!
🔹 Scammers often impersonate famous brands online for their own gain. In 2021 companies, celebrities and non-profit organizations are all under high risk.
🔹 What are the key points to know about online scams in 2021? What should you do if you are a business owner and are you in danger if you are just a regular person with no brand behind your shoulders?
🔹 Tomorrow Camill Cebulla, our Sales Director in Europe, will be joined by Dmitry Tyunkin, Head of Group-IB Digital Risk Protection in the region to discuss the scam threat as well as answer all your questions!
Tune in tomorrow at 4PM GMT / 6 PM Amsterdam time via our Instagram account @GroupIBHQ
Get your questions ready and see you tomorrow!
Media is too big
VIEW IN TELEGRAM
#digitalrisk #cybersecurityawareness
First ever Digital Risk Summit. Live from Amsterdam. 2 days to go.
🎙The Digital Risk summit is almost here. Join us to find out more about:
👉 The growing scam threat, how it came about and what trends can we expect in the future
👉 What other companies and worldwide organizations have done so far to secure their brand online
👉 Steps you should take to safeguard your brand if you have one
👉 How to stay vigilant if you are a regular person looking to avoid scams
🛡 Finally, we’ll discuss how Group-IB is able to help organizations, business owners and celebrities to safeguard their brands.
We’re looking forward to seeing you this Thursday.
➡️ Register now!
First ever Digital Risk Summit. Live from Amsterdam. 2 days to go.
🎙The Digital Risk summit is almost here. Join us to find out more about:
👉 The growing scam threat, how it came about and what trends can we expect in the future
👉 What other companies and worldwide organizations have done so far to secure their brand online
👉 Steps you should take to safeguard your brand if you have one
👉 How to stay vigilant if you are a regular person looking to avoid scams
🛡 Finally, we’ll discuss how Group-IB is able to help organizations, business owners and celebrities to safeguard their brands.
We’re looking forward to seeing you this Thursday.
➡️ Register now!
#DigitalRisks #Summit #Cybersecurity
The Digital Risk Summit is just one day away!
🔹Pascal Hetzscholdt is a Senior Director (Content Protection) at Wiley Publishing Company. His impressive background includes the Dutch National Police, Hollywood movie studios and Motion Picture Association!
🔹We are incredibly honored to have Mr. Hetzscholdt join us for the Digital Risk Summit, bringing a fantastic report about the IP and content protection.
🔹The summit participants will be introduced to current challenges, the state of cybercrime landscape and important must-have tools and practices everyone should use to fight back the cybercriminals.
We’ve only just scratched the surface of what Pascal has in store for the summit. Make sure to join us tomorrow for a truly exciting presentation. Register now!
The Digital Risk Summit is just one day away!
🔹Pascal Hetzscholdt is a Senior Director (Content Protection) at Wiley Publishing Company. His impressive background includes the Dutch National Police, Hollywood movie studios and Motion Picture Association!
🔹We are incredibly honored to have Mr. Hetzscholdt join us for the Digital Risk Summit, bringing a fantastic report about the IP and content protection.
🔹The summit participants will be introduced to current challenges, the state of cybercrime landscape and important must-have tools and practices everyone should use to fight back the cybercriminals.
We’ve only just scratched the surface of what Pascal has in store for the summit. Make sure to join us tomorrow for a truly exciting presentation. Register now!
#digitalrisks #summit
The virtual doors of the Digital Risk Summit are now wide open!
Independent analysts, cybersecurity experts, companies from various industries and some of the best Group-IB specialists are coming together for this exciting event!
⭐️ Get ready to hear some exciting reports and dive into practical cases showcasing how different organizations protect their brands online.
💪 On top of that we will present the ultimate Group-IB solution for fighting scammers.
📺 Curious to hear more? Be sure to join the live stream!
The virtual doors of the Digital Risk Summit are now wide open!
Independent analysts, cybersecurity experts, companies from various industries and some of the best Group-IB specialists are coming together for this exciting event!
⭐️ Get ready to hear some exciting reports and dive into practical cases showcasing how different organizations protect their brands online.
💪 On top of that we will present the ultimate Group-IB solution for fighting scammers.
📺 Curious to hear more? Be sure to join the live stream!
What a day! The Digital Risk Summit has officially concluded with lots of online participants having joined us!
📈 During the summit we presented the findings of our research into various fraudulent schemes, obtained with the help of neural networks and ML-based scorings of Group-IB Digital Risk Protection system, which was developed based on the expertise gathered by Group-IB in over a thousand of successfully solved investigations worldwide. Group-IB DRP analysts researched into a multitude of fraud schemes and the damage they cause to industries worldwide.
👨💼Conference participants included the United Nations International Computing Centre (UNICC), the global market research and advisory company Forrester, and Scamadviser, an independent project.
Read our overview of the event here.
📈 During the summit we presented the findings of our research into various fraudulent schemes, obtained with the help of neural networks and ML-based scorings of Group-IB Digital Risk Protection system, which was developed based on the expertise gathered by Group-IB in over a thousand of successfully solved investigations worldwide. Group-IB DRP analysts researched into a multitude of fraud schemes and the damage they cause to industries worldwide.
👨💼Conference participants included the United Nations International Computing Centre (UNICC), the global market research and advisory company Forrester, and Scamadviser, an independent project.
Read our overview of the event here.
Media is too big
VIEW IN TELEGRAM
#cybersecurity #digitalrisks
The Digital Risk Protection platform 👇
🔹Identifies illegitimate use of digital assets
🔹Classifies and scores the detected violations
🔹Prioritizes and initiates appropriate takedown tactics
The solution uses advanced technologies to detect any illegitimate use of your logos, trademarks, content, and design layouts across the digital surface.
Curious to know more? Head over to our website 😉
The Digital Risk Protection platform 👇
🔹Identifies illegitimate use of digital assets
🔹Classifies and scores the detected violations
🔹Prioritizes and initiates appropriate takedown tactics
The solution uses advanced technologies to detect any illegitimate use of your logos, trademarks, content, and design layouts across the digital surface.
Curious to know more? Head over to our website 😉
#GISEC2021 #MEA
GISEC 2021 was a blast!
👨💻 Thank you so much to everyone who visited our stand, talked to our team, watched us on stage or simply followed our live updates on social media.
🌍 Group-IB made a noticeable contribution to this year’s edition of the largest cybersecurity showcase in the region, and with the new Dubai HQ now up and running, we feel strong to bring our presence and services in the Middle East on to the next level!
We hope you like our video recap and see you again soon!
GISEC 2021 was a blast!
👨💻 Thank you so much to everyone who visited our stand, talked to our team, watched us on stage or simply followed our live updates on social media.
🌍 Group-IB made a noticeable contribution to this year’s edition of the largest cybersecurity showcase in the region, and with the new Dubai HQ now up and running, we feel strong to bring our presence and services in the Middle East on to the next level!
We hope you like our video recap and see you again soon!
YouTube
Group-IB x GISEC 2021
GISEC 2021 was a blast!
Thank you so much to everyone who visited our stand, talked to our team, watched us on stage or simply followed our live updates on social media.
Group-IB made a noticeable contribution to this year’s edition of the largest cybersecurity…
Thank you so much to everyone who visited our stand, talked to our team, watched us on stage or simply followed our live updates on social media.
Group-IB made a noticeable contribution to this year’s edition of the largest cybersecurity…
#books #cybersecurity
One of the most popular questions we’re getting has to be about books
💡 Many of our followers are keen to get into digital forensics, incident response, or malware analysis, but not sure on the best guide to get started. Others, while already being professionals, are eager to take their skills on to the next level.
📚 So do we have the right recommendation for everyone passionate about cybersecurity?
Most definitely! In fact, a while ago we posted a blog going through 11 books useful for both beginners and high level professionals.
We have also added a detailed denoscription for each one of our recommendations, so make sure to have a look ☝️
Of course this is by no means a complete list, however it’s a great start for everyone striving to expand his knowledge and skills ✨
Don’t have enough time to go through the blog? No worries - we’ve listed all 11 books below:
1. File System Forensic Analysis by Brian Carrier
2. Incident Response & Computer Forensics, Third Edition by Jason T. Luttgens, Matthew Pepe, Kevin Mandia
3. Investigating Windows Systems by Harlan Carvey
4. Digital Forensics and Incident Response, Second Edition by Gerard Johansen
5. Windows Forensics Cookbook by Oleg Skulkin and Scar de Courcier
6. The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory by Michael Hale Ligh
7. Network Forensics by Ric Messier
8. Practical Mobile Forensics: Forensically investigate and analyze iOS, Android, and Windows 10 devices, Fourth Edition by Rohit Tamma, Oleg Skulkin, Heather Mahalik, Satish Bommisetty
9. Learning Android Forensics: Analyze Android devices with the latest forensic tools and techniques, Second Edition by Oleg Skulkin, Donnie Tindall, Rohit Tamma
10. Learning Malware Analysis: Explore the concepts, tools, and techniques to analyze and investigate Windows malware by Monnappa K. A.
11. Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
by Alex Matrosov, Eugene Rodionov, Sergey Bratus
Enjoy reading 🙂
One of the most popular questions we’re getting has to be about books
💡 Many of our followers are keen to get into digital forensics, incident response, or malware analysis, but not sure on the best guide to get started. Others, while already being professionals, are eager to take their skills on to the next level.
📚 So do we have the right recommendation for everyone passionate about cybersecurity?
Most definitely! In fact, a while ago we posted a blog going through 11 books useful for both beginners and high level professionals.
We have also added a detailed denoscription for each one of our recommendations, so make sure to have a look ☝️
Of course this is by no means a complete list, however it’s a great start for everyone striving to expand his knowledge and skills ✨
Don’t have enough time to go through the blog? No worries - we’ve listed all 11 books below:
1. File System Forensic Analysis by Brian Carrier
2. Incident Response & Computer Forensics, Third Edition by Jason T. Luttgens, Matthew Pepe, Kevin Mandia
3. Investigating Windows Systems by Harlan Carvey
4. Digital Forensics and Incident Response, Second Edition by Gerard Johansen
5. Windows Forensics Cookbook by Oleg Skulkin and Scar de Courcier
6. The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory by Michael Hale Ligh
7. Network Forensics by Ric Messier
8. Practical Mobile Forensics: Forensically investigate and analyze iOS, Android, and Windows 10 devices, Fourth Edition by Rohit Tamma, Oleg Skulkin, Heather Mahalik, Satish Bommisetty
9. Learning Android Forensics: Analyze Android devices with the latest forensic tools and techniques, Second Edition by Oleg Skulkin, Donnie Tindall, Rohit Tamma
10. Learning Malware Analysis: Explore the concepts, tools, and techniques to analyze and investigate Windows malware by Monnappa K. A.
11. Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
by Alex Matrosov, Eugene Rodionov, Sergey Bratus
Enjoy reading 🙂
Group-IB
Digital forensics specialist's bookshelf
#digitalriskprotection #scams
Scam cases are on the rise
🕵️♀️ According to the Singapore Police Force's Annual Crime Brief 2020, there were 14,236 cases last year, including Internet love scams, impersonation scams and loan scams, with losses totalling of $201.2 million. In 2019, there were 8,397 cases, with total losses at $121.8 million.
👨💻Mr Ilia Rozhnov, head of cyber-security company Group-IB's Digital Risk Protection department in the Asia-Pacific, explained that the Covid-19 pandemic has been a catalyst for the spike in the number of scams.
💬"There is the phenomenon of Scamdemic - an influx of online scams as more around the world dived online last year, when people were forced to go digital and make payments online, and use e-services," he said.
"According to Group-IB's data, last year, scams dominated the online cyber-criminal scene, totalling over 70 per cent of all online crimes."
➡️ Click here to read the full story.
Scam cases are on the rise
🕵️♀️ According to the Singapore Police Force's Annual Crime Brief 2020, there were 14,236 cases last year, including Internet love scams, impersonation scams and loan scams, with losses totalling of $201.2 million. In 2019, there were 8,397 cases, with total losses at $121.8 million.
👨💻Mr Ilia Rozhnov, head of cyber-security company Group-IB's Digital Risk Protection department in the Asia-Pacific, explained that the Covid-19 pandemic has been a catalyst for the spike in the number of scams.
💬"There is the phenomenon of Scamdemic - an influx of online scams as more around the world dived online last year, when people were forced to go digital and make payments online, and use e-services," he said.
"According to Group-IB's data, last year, scams dominated the online cyber-criminal scene, totalling over 70 per cent of all online crimes."
➡️ Click here to read the full story.
Group-IB
Global Scamdemic: Scams Become Number One Online Crime
Group-IB, a global threat hunting and adversary-centric cyber intelligence company that specializes in investigating and preventing hi-tech cybercrimes, has released a comprehensive analysis of fraud schemes on a global scale. In total, fraud accounts for…
#blog #ransomware
REvil Twins: Deep Dive into Prolific RaaS Affiliates' TTPs
🔹Ransomware continues to dominate the cybercriminal scene in 2021. The number of attacks as well as the ransom demands seem to be growing quickly. According to the Ransomware Uncovered 2020-2021 report, Ransomware-as-a-Service model, which involves the developers selling/leasing malware to the program affiliates for further network compromise and ransomware deployment, became one of the major driving forces behind phenomenal growth of the ransomware market.
🔹Group-IB DFIR team observed that 64% of all ransomware attacks it analyzed in 2020 came from operators using the RaaS model.
🔹In our new blog post by Oleg Skulkin, Senior Digital Forensics analyst at Group-IB, we focus on one of the most active ransomware collectives, REvil, and their RaaS program, which attracts more and more affiliates due to the shutdown of other RaaS.
🔹Our experts took a deep dive into the modus operandi of REvil affiliates and shared some information on various affiliates' tactics, techniques and procedures observed, so defenders can tune their detection capabilities accordingly.
🔹Make sure to save the detection tips and REvil affiliates’ TTPs mapped in accordance with MITRE ATT&CK by Group-IB DFIR team.
➡️ Click here to read the blog now.
REvil Twins: Deep Dive into Prolific RaaS Affiliates' TTPs
🔹Ransomware continues to dominate the cybercriminal scene in 2021. The number of attacks as well as the ransom demands seem to be growing quickly. According to the Ransomware Uncovered 2020-2021 report, Ransomware-as-a-Service model, which involves the developers selling/leasing malware to the program affiliates for further network compromise and ransomware deployment, became one of the major driving forces behind phenomenal growth of the ransomware market.
🔹Group-IB DFIR team observed that 64% of all ransomware attacks it analyzed in 2020 came from operators using the RaaS model.
🔹In our new blog post by Oleg Skulkin, Senior Digital Forensics analyst at Group-IB, we focus on one of the most active ransomware collectives, REvil, and their RaaS program, which attracts more and more affiliates due to the shutdown of other RaaS.
🔹Our experts took a deep dive into the modus operandi of REvil affiliates and shared some information on various affiliates' tactics, techniques and procedures observed, so defenders can tune their detection capabilities accordingly.
🔹Make sure to save the detection tips and REvil affiliates’ TTPs mapped in accordance with MITRE ATT&CK by Group-IB DFIR team.
➡️ Click here to read the blog now.
Group-IB
Ransomware Uncovered 2020/2021 | Group-IB Research
The complete guide to the latest tactics, techniques, and procedures of ransomware operators based on MITRE ATT&CK®