Group-IB Threat Intelligence @GroupIB_TI
Official account of the @GroupIB Threat Intelligence Unit. Latest research, analytics, IOCs and threat alerts. group-ib.com/products/threa… Joined January 2023-
Tweets223
-
Followers8K
-
Following189
-
Likes47
As 2024 continues to unfold, the urgency to prepare for cyber attacks grows. Dmitry Shestakov, Head of Group-IB’s Threat Intelligence Unit, shares key cybersecurity trends and forecasts from our report Hi-Tech Crime Trends 23/24. Read and stay ahead of the game:…
Once again, Group-IB stepped to the fore in supporting INTERPOL with another crime-nabbing operation! Get the details behind the Grandoreiro malware operation in our latest press release: bit.ly/3vjzfzi #BankingMalware #Cybercrime #Investigation #INTERPOL…
Our #cybersecurity report on #NorthAmerica, part of the #HiTechCrimeTrends series, is here! Delve into the region-tailored insights by visiting our website: bit.ly/3TgSimQ
The latest region-centered #cybersecurity #report from #HiTechCrimeTrends is out, this time spotlighting #LatinAmerica! Grab your copy now and dive into the most dangerous #cyberthreats in the region: bit.ly/3UTDf3N
Dive into #Europe's cyber landscape with our latest report. Discover why #phishing remains prevalent among European #threatactors, delve into the evolution of #emailattacks, and gain valuable insights into #cybersecurity trends in the region: bit.ly/42SXPn3
Curious about the surge in impersonation #scams, espionage threats to C-level executives, and the rise of #ransomware and #hacktivism in the Middle East? If yes, download our latest report on the MEA region, part of our #HiTechCrimeTrends series, to stay informed:…
Group-IB unveils insights into the #cyberthreat landscape in the Asia-Pacific (#APAC) region with the release of our annual #HiTechCrimeTrends #report. Get your copy of the report centered on the digital threats prevalent in this region. Download it here: tinyurl.com/3p682d2m
🚨 We've just released our latest #HiTechCrimeTrends report, a comprehensive analysis that delves into the evolving landscape of #cyberthreats worldwide. This year, we've got separate regional reports and an AI-cybersecurity section! Download it now: tinyurl.com/3h53667f
🕵️♀️ Exposing the #DarkWeb deception. Since October 2022, the #ThreatActor known as "resetmyname" has been falsely advertising "unique customer databases" from numerous #banks on various Dark Web platforms. Regularly announcing "new bank customer databases" from many countries…
The #GoldDigger family grows: Group-IB's TI Unit finds GoldPickaxe.iOS, the first #iOS #Trojan harvesting #FacialRecognition data for unauthorized bank access, targeting #APAC. It is linked to the GoldDigger family discovered last October. Learn more: bit.ly/3UHDaAq
Camille Charaudeau @c_charaudeau
108 Followers 167 Followingrose @rose_almodawob
0 Followers 20 FollowingSk Technologies @sktechnologiez
13 Followers 242 Following FOR GRAPHICS DESIGNS, BRANDING, PHONE AND COMPUTER REPAIRHamza Rabbani @hamzarabbani00
33 Followers 304 FollowingHuck @Huck0900
33 Followers 415 FollowingWagner O Nascimento @woascimento
38 Followers 474 Following1nv3st1gat0r @1nv3st1gat0r_at
5 Followers 15 FollowingLinwood Wright @LinwoodWright
45 Followers 177 FollowingRishab Ghosh @RishabG37911650
170 Followers 2K Following Quantum Computing enthusiast and a lifelong learner.Mutsonga🇿🇦 @MalambaniM
148 Followers 2K FollowingChris Formosa @chrisformosa3
23 Followers 135 Followingchichibing @chichibing97
38 Followers 142 Following Hong Kong IT dog. Glory to HK. Please stand with Hong Kong. Don’t trust CCP #手足互科Litquidity📊🔧 @Emmanuel1757851
5 Followers 19 Following CRYPTO RECOVERY, RECOVERING ALL STOLEN ASSETS,NFTs, SECURITY EXPERT 👮♂️, BLOCKCHAIN DEV, SOFTWARE PROGRAMMER, PROFESSIONAL SERVICE ‼️Cerbero10 @Cerberox10
13 Followers 110 Followingسطام. @HunterxSatam
2K Followers 601 Following DFIR | Threat Hunter & Intelligence | Malware Analyst #GCFA #GDAT #CRTP #eCDFP #eCTHPv2 #eCIR #eCPPTv2 #eJPT #Security+ #CCNAEconomic consulting, .. @Economicco74844
45 Followers 1K FollowingThe Sh1998 @thesh1998
2 Followers 78 FollowingAri Ben Am @ari_ben_am
240 Followers 5K Following Open source investigation enthusiast. Co-founder of Telemetry Data Labs (https://t.co/rYsms4liSu).Maciej @Maciej10982039
4 Followers 187 Followingfour eyes @foureyes755667
12 Followers 59 FollowingReally Stealthy @EthnicTwid737
4 Followers 15 FollowingDonyll Tapp @DonyllTapp25681
6 Followers 25 Followingabzarulazli @abzaazli
6 Followers 34 Followingdds @dds46162
35 Followers 974 FollowingElectronicsseeker @libertarian108
36 Followers 3K FollowingSumit Dhar @naruto_ender
0 Followers 4 Followingnotnimo @aintmacncheese
6 Followers 137 FollowingTRIVEDI BHAVYA @TRIVEDIBHA77398
0 Followers 48 FollowingCarol Mello @carolich_an
2 Followers 88 FollowingUnderDorg @ilhamuln
16 Followers 214 FollowingVijhey Kaarthik @vijheykaarthik
3 Followers 10 FollowingSierra Bravo @desertmist
151 Followers 611 Following Sky diver,avid wild life photographer, animal rights activist,cyber security specialist - Views are my Own and Retweets don’t imply endorsement or agreement.”Dark Kali @Dark7Kali
2 Followers 41 FollowingRaja Waqar @rwqr01
2K Followers 1K Following Cyber Security 🖥️| Threat Intelligence | Forensic Researcher | Cricket 🏏| Gaming 🎮Sirius @andSiriuss
55 Followers 560 FollowingMOHAMED-AMINE EL-FAKI.. @Cyberwallx
3 Followers 138 Following SOC Analyst & Cybersecurity Researcher🛡️ Cyberwallx!Ashish Tripathi @a4ash2009
350 Followers 3K Following Contributing to improve Information Security Compliance for new businesses..Hudson Pavilus @HPavilus
3 Followers 21 FollowingAli Salim @oman_1970
236 Followers 3K Following If some feels that they had never made a mistake in their lives, then it means they never tried a new thing in their lifeExploit Abuser @xploit_abuser
4 Followers 29 FollowingBrad Proctor @bradproctor
986 Followers 2K Following Director of Operations at MAD Security | Husband, Father of Five, Captain Obvious Clone | DEF CON 31 ICS Village - “Secure for Sea”Red Canary @redcanary
28K Followers 1K Following 24/7/365 threat detection and response across your cloud, identity, endpoints and everything in-between. We got you: https://t.co/pFNwBJMvnxJose Ramirez 🇻🇪.. @csrconsultores
1K Followers 4K Following Dad. CCNP R&S/SP, JNCIA, IP/CORE Network Consultor, Peering Coordinator, MikroTik Certified Consultor.LouisColumbus @LouisColumbus
30K Followers 28K Following Husband & Dad | LinkedIn Top Voice | Love to teach, travel & write | Writer & conference speaker on AI, cybersecurity, ERP, and zero trust | Love baseballGroupIB_DFIR @GroupIB_DFIR
332 Followers 52 Following @GroupIB's #DFIR team. First-hand insights from battle-tested incident respondersKornelij @Kornelij
71K Followers 2K Following Social Media, Information #Security, #CyberSecurity, #Armenia, Hybrid threats, Strategic Communication, AI | @CyberHubAm co-founder | kornelij.eth |Joseph Mlodzìanowsk�.. @cedoxX
9K Followers 4K Following Fmr Conf Org. Gen AI GPT & LLM's Developer. Author: O'Reilly Course Creator, Instructor & Investigator DarkNets. ICS/Scada/OT, OSintel RedTeamer -CCIE/CISSP/AWSArs Technica @arstechnica
1.2M Followers 1K Following Original news, reviews, analysis of tech trends, and expert advice on the most fundamental aspects of tech. IPAE! @ActorExpose
5K Followers 4K Following Expose phishing pages and sometimes malware on domain to either to get reported or exposed out public. Majority of these criminals are part of the underground.Dark Web Intelligence @DailyDarkWeb
93K Followers 0 Following https://t.co/3gj0T4Udv3 | Your daily dose from the dark side ☠️ For any questions about a post, you can send an email to [email protected]Joe Roosen @JRoosen
8K Followers 1K Following SpyCloud - Security Research Manager, Cryptolaemus Coordinator, Emotet(Ivan)/QBot(Boris) hater, gold prospector & former sysadmin.s1ckb017 @s1ckb017
998 Followers 448 Following just another user - my opinions are my own and do not represent the views of my employerthreatYeti by alphaMo.. @threatyeti
61 Followers 38 Following threatYeti is a domain/IP research platform from https://t.co/33uEZWna3F that helps researchers investigate potentially malicious sites faster and more confidently.Ryan "Chaps" Chapman @rj_chap
7K Followers 3K Following DFIR & malware analyst. @sansforensics FOR528 Author & FOR610 Instructor. @CactusCon crew. Husband & father. Comments = own.Alberto Fittarelli @albefittarelli
1K Followers 905 Following Sr. Researcher @citizenlab. Fmr. @Meta, @Uber, @PayPal. Disinformation, OSINT, (threat) intelligence, some history.Md Ismail Šojal @0x0SojalSec
22K Followers 4K Following Cyber_Security_Researchers || 0SINT || Digital Forensics System Analysis / incident Response II Pwn || GH0ST_3xP10iT || 0ld Accounts Suspended @0xSojalSec ||BumbleBreaches @bumblebreaches
180 Followers 34 FollowingSick.Codes @sickcodes
16K Followers 6K Following Weaponizing source code 🧬 https://t.co/KyNXMmRX1H 🐘 https://t.co/qulkQaGWp9 🤖 https://t.co/TosFp8TDVo 🇦🇺Pawel Partyka @Pawp81
1K Followers 317 Following Amateur cyclist and swimmer. Security Researcher in Microsoft 365 Defender team. Tweets are mine.hasherezade @hasherezade
84K Followers 846 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)Juan P. Betancourt @jpbetancourtr
479 Followers 917 Following SOC Senior Manager. Opinions are my own and do not represent the organization I work for. #blueteam #cti #threathunting #infosec #cyberdefenseMalwar3Ninja | Threat.. @Malwar3Ninja
3K Followers 3K Following Malware Hunter | ⚡🆓Threat Intelligence: https://t.co/QOE128pOFN | Member @CuratedIntel | Cyber Defense | DFIR | Views are personal | Retweet≠endorsement | 🍺🥃0x4d @0x4d_
2K Followers 1K FollowingM@rtino @martinorob
434 Followers 861 Following System Engineer @SysDatSpA || Cyber-Security Enthusiast || Retweets ≠ EndorsementsAlan Neville @abnev
1K Followers 3K Following Principal Intelligence Analyst @ Symantec. Views are my own etc. https://t.co/XK1XdeAyJrSebastien Larinier @Sebdraven
10K Followers 4K Following Malwarist,Threat Huntist and pythonist / core dev of #yeti/ member of @ProjectHoneynet/ co-organizer #BotConf / researcher at @GroupeESIEACurt Wilson, human @curtw
3K Followers 5K Following Exploring systems security since 1985. Malware+{cybercrime/espionage} analysis, threat intelligence + full-spectrum tech security research. Personal account.Kaja @KajaCiglic
2K Followers 1K Following Not all those who wonder are lost... but some are. Slovenian Microsoftee. She/Her. Views are my own.Autumn Good @autumn_good_35
6K Followers 369 Following 晴れ時々セキュリティ、所により一時スイーツ。 セキュリティは趣味ですけど仕事にも活かしていきたいですね。Security Hobbyist. Ice Cream Researcher. 日本アイスマニア協会会員Candace @Candace__Hughes
964 Followers 811 Following Forever an Optimistic Realist | Interested in #infosec #blueteam #ir | Hobbies: adventures into the wild blue yonderqueen basic ⊛ @onfvp
5K Followers 937 Following How many buzzwords can I fit here? 🐱 Cat Lady • #DFIR-er • Thrunter • Candy Aficionado • Gamer • Coffee Addict • ReaderAlbert Zsigovits @albertzsigovits
2K Followers 2K Following Senior Malware Researcher @VMRay 🤖👾🧬🦠 | #malware #ransomware #dfir #apt #threatintel #threatresearch | Opinions expressed are strictly my own.보안프로젝트 - .. @ngnicky
1K Followers 1K Following 모의해킹이란 무엇인가, 칼리리눅스를 활용한 모의해킹(공저), 디지털 포렌식의 세계(공저), https://t.co/ZVBhO99ffx 대표, pentester, security research, writersina @rejectionking
3K Followers 5K Following Bonsai Wolf. Tiny and Mighty. Adorkable chihuahua. Hobby reverser. Dogged and rigorous. Bit of a #weirdo. RT =/= endorsement. Email: [email protected]Goupil @FuraxFox
1K Followers 794 Following Parceque ! (mes opinions n'engagent que moi) Ailleurs en ligne: https://t.co/acDCjDdjpU https://t.co/yQ0hBOLriV https://t.co/18svx97IpvMalware Patrol @MalwarePatrol
9K Followers 2K Following Malware | Ransomware | Phishing | CryptominingRIS OSINT @ArnoReuser
7K Followers 288 Following Open Source Intelligence (OSINT) teacher/trainer and workshop organizer; Founder Dutch OSINT unit;internet search & security expert, teacher OSINT PathfinderDaily OSINT @DailyOsint
36K Followers 114 Following Daily Open Source Intelligence Powered by @SOCRadar XTI® #OSINT #XTI #ThreatIntelligenceKim Zetter @KimZetter
95K Followers 3K Following Journalist - cyber/national security. Author - COUNTDOWN TO ZERO DAY: Stuxnet and the Launch of the World's First Digital Weapon. https://t.co/334DzfSL1fmig30m6 @mig30m6
2K Followers 5K Following Retweets & Likes do not imply endorsement. [email protected] 🏳️🌈 🏳️⚧️ 🇨🇦🇬🇧🇺🇳 🌈🇫🇷🏴🇪🇺🇲🇶🇳🇱Brent Muir @bsmuir
2K Followers 200 Following Professional browser tab hoarder. Tweets are my own. #Cybersecurity #DFIR #cybercrime #malware #forensics #cyberespionage #infosec #CISO #geopolitico #securityDominic Alvieri @AlvieriD
14K Followers 292 Following Cybersecurity analyst and security researcher. Deleted my own Facebook & hacked yours. #cybersecurity #infosec https://t.co/jpm0COr5fYSOS Intelligence @SOSIntel
18K Followers 2K Following The Dark Web Monitoring platform for business and enterprise. Managed Threat Intelligence services to detect darkweb & OSINT data-breach and theft. #NAFO IntelBirmingham Cyber Arms.. @BirminghamCyber
7K Followers 13 Following 🦾 Offensive Security Hardware 🕵️♂️ Threat Intelligence 🔍 Dark Web, Data Breaches and Leaks Monitoring 🏷️ #OffSec | #ThreatIntelligence | #CybercrimeDaniel Donda @DanielDonda
9K Followers 4K Following 🛡️ Cybersecurity Professional https://t.co/25I3z0wnbv 📚Book writer ⚡npub15rdytrwdsc62qmvsc28xhzdxs5u35utlexg3tc3mtzm23ka4hzmsthe64fCalvince Odhiambo Asu.. @jcoasugo
1K Followers 5K Following A humble being, eager to go beyond the expectations of people i interact with; with intense passion to make a difference in people's lives in whichever capacityScuttlebutt @anthonymfreed
5K Followers 5K Following Director of CorpComms at https://t.co/ZPLAgoESwm - but these tweets are mine...how GoldPickaxe.iOS infects iOS devices - iOS trojan group-ib.com/blog/goldfacto… tomsguide.com/computing/malw… #golddigger
This article and headline are highly misleading. If you read Group-IB’s report, you will discover the Trojan app requests a face scan and uploads the results (video and photos) to the attacker. This is not the same as compromising FaceID data, as FaceID data only contains a…
Thanks to @GroupIB_TI for the assistance and great collaboration again 👍😎
Red Alert server is still down and was running over HTTP Based on the code of Red Alert app and available PoC exploit, messages within the app were not encrypted
On Sunday, #AnonGhost, a well-known #hacktivist group, exploited an API vulnerability in the #RedAlert app, that provides real-time rocket alerts for Israelis. In their exploit, they successfully intercepted requests, exposed vulnerable servers and APIs, and employed Python…
In a world of advanced tech and military tensions, a dose of skepticism is crucial. Blindly trusting #hacktivist channels can lead to misinformation. Verify and stay informed responsibly. #InformationVerification
On Oct 8, #hacktivist group #CyberAv3ngers in their Telegram channel claimed to have successfully attacked #Dorad power plant (pic. 1). Group-IB’s Threat Intelligence team has discovered that the information posted by CyberAv 3ngers is data that was stolen by the #ransomware…
Great work debunking hacktivist hype here. "This is yet another example of how hacktivists try to generate hype by posting data from past attacks and masquerading them as recent ones in order to attract attention."
On Oct 8, #hacktivist group #CyberAv3ngers in their Telegram channel claimed to have successfully attacked #Dorad power plant (pic. 1). Group-IB’s Threat Intelligence team has discovered that the information posted by CyberAv 3ngers is data that was stolen by the #ransomware…
Thanks continued: @GroupIB_TI, @briankrebs, @pcrisk, @FBI, @jgreigj, and @DrWeb_antivirus.
@GroupIB_TI's Eline Switzer, @MichalKoczwara and I, have released a report of a new #RaaS actor dubbed #ShadowSyndicate. Really enjoyed the collaborative research with two talented individuals. #CrimeFightersClub #Quantum #Nokoyawa #AlphV #CobaltStrike #Sliver #IcedID
ShadowSyndicate is a new Ransomware-as-a-Service player who's having a major impact on the global stage. We've teamed up with Group-IB and Michael Koczwara to publish a full report on the group: bridewell.com/insights/blogs… #ransomware #threatintelligence
ShadowSyndicate is a new Ransomware-as-a-Service player who's having a major impact on the global stage. We've teamed up with Group-IB and Michael Koczwara to publish a full report on the group: bridewell.com/insights/blogs… #ransomware #threatintelligence
Strong #networksecurity hinges on staying informed about high-risk threats, potential adversaries, their attack tactics, and more. Discover how Group-IB Threat Intelligence enabled a leading global bank to achieve this capability. Explore the case study for insights!…
#Lazarus Additional file: GetSymbol - v2.0.2.exe MD5: 49b8fbe174867c9933a496b94b9a93d5 SHA-1: 1493d924a65a99b1ea46aa9ad96d3b971c415440 SHA-256: 2bd5e0428a32c852b318abc44d51f65caabc2d0e83bf3e5a47ee70cde2231984 blog.google/threat-analysi…
#APT #CloudAtlas РЕЗЮМЕ_e48ef291-9b7a-49af-8f12-708d09d9f0a3.1.doc (old sample) virustotal.com/gui/file/d367d… 1Table Template URL: hxxps://supportpanel.agent-group[.]org/certificates/kainite
Group-IB's Threat Intelligence unit uncovered a #0day (#CVE-2023-38831) in WinRAR's ZIP file processing during research on DarkMe spread. Cybercriminals exploited this to create weaponized ZIP archives carrying malware, targeting traders on forums.👇
⚡️Group-IB Threat intelligence discovers a new 0-day in #WinRAR used to target traders #CVE-2023-38831 allows TAs to spoof file extensions and hide the launch of malicious script within a ZIP archive masquerading as a '.jpg', '.txt', and other formats ➡️bit.ly/45fFq44
A few tips on how you can use Censys to hunt malicious infrastructure - opendirs 🎯 You can use just one query with a few changes. For example, this is a good start 👇 (Directory listing for msf4) and services.software.vendor=`Python Software Foundation`…
Finally, our collaboration paid off 💪👍 @GroupIB @GroupIB_TI @OrangeCertCC @H_Miser #OPERA1ER #DESKTOPgroup x.com/groupib/status…
🤝 Group-IB has assisted in the INTERPOL-led Operation Nervone, aimed at successfully disrupting the operations of the cybercriminal syndicate #OPERA1ER in French-speaking Africa. More details: bit.ly/3NHlU9j @INTERPOL_HQ @INTERPOL_Cyber
@GroupIB_TI Can confirm. Highly sus. threatyeti.com/search?q=theon…
Download the #DigitalRiskTrends2023 report to learn about the #threat landscape, get full statistics on #phishing and #scam across different regions and industries and learn how to mitigate the risks for your brand: bit.ly/44FpVBT
The average number of #scam resources per brand globally in 2022 more than doubled when compared to 2021, and this growth was particularly noticeable in developing countries: bit.ly/44FpVBT
Group-IB has published #DigitalRiskTrends2023, a comprehensive analysis of #scams and #phishing. We detected a 304% increase in the number of scam resources that utilized the name and likeness of legitimate brands in 2022 compared to the preceding year: bit.ly/3XPoej4