Skip to content
February 24, 2020Insider Trading, At Your ServiceEditorial TeamAs the dark web economy evolves, it increasingly becomes a “negative mirror” of the legitimate economy on the world wide web. It looks much like that old Star Trek episode where Captain Kirk and his cohorts are transported to a parallel evil universe – everyone and everything looks the same, they’re just evil. On the […]
February 4, 2020Biometric Security: More Risk than RewardEditorial TeamUsing biometrics for authentication has always been a source of controversy. At face value, it seems like a fool-proof way to authenticate users (everyone has unique fingerprints, right?). But dig a level deeper, and biometric access management systems store that fingerprint (or iris, or facial map, or walking gait) as data. And, we all know […]
January 31, 2020The Dark Web in 2020: More Cybercrime, Exit Scams and a Decentralization of MarketsEditorial TeamAs we look ahead to what this new year brings, we wanted to offer our expectations for dark web markets in 2020. Dark Web Expectations In a previous blog post called “The Commercialization of the Dark Web,” we mentioned the increased competition between threat actors and how they have begun offering services that ‘dumb down’ […]
December 17, 2019IoT Risks from the Dark Web – Shodan EyeEditorial Team GroupSense continuously monitors, collects and analyzes data from multiple open source and dark web locations on the internet. This is done to allow our team of analysts and researchers to understand the tactics, techniques and procedures used by threat actors. We review the data for possible signs of attacks, data leakage or other negative outcomes […]
December 10, 2019Mitigating Breached Credentials on the Dark Web: Where Cyber Threat Intelligence ShinesEditorial TeamBreached credentials are rampant on the dark web, with cybercrime steadily rising in 2019. This shouldn’t come as too much of a surprise given the frequency of data breaches is increasing every year. In fact, there have been almost 15 billion records breached since 2013. The reality is that following data breaches, the credentials of […]
November 27, 2019Dark Web Greed and Grudges: A Hacker Soap OperaEditorial TeamCryptocurrency exchangers store enormous amounts of funds, so it should come as no surprise that they are an increasingly attractive target for hackers. But now there’s a new element in this saga to contend with: hackers exposing data breaches as a way to air their grievances and promote personal feuds. Take the well-known Bitmax Crypto […]
November 25, 2019The Commercialization of the Dark WebEditorial TeamThe dynamics of the dark web are changing, and not in a good way. It’s now easier than ever for any individual – even those with minimal security or IT background – to sell or buy services on the dark web and become a successful cybercriminal. GroupSense researchers recently found posters on the dark web […]
November 19, 2019Blood Bank Data Dump Puts Third-Party Risk in the SpotlightEditorial TeamMany organizations focus their security efforts on protecting their own assets but neglect to consider the risks introduced by their supply chain and third-party partners. GroupSense researchers’ latest findings shed a spotlight on this very issue. Researchers detected a data dump of 1,128,031 records associated with an online blood bank that matches hospitals and donors […]
October 23, 2019Rise of Threat Actor Groups on the Dark WebEditorial TeamThe dark web is constantly changing, and in the same way that marketplaces come and go, new groups form and disband. In recent months, GroupSense researchers have observed several groups forming. In this post, we will compare the differences between a threat actor motivated by ideology and a fraudster looking to profit financially from a […]
October 22, 2019Securing Our Children’s Future: Take Control of Identity Theft Targeting ChildrenEditorial TeamIdentity theft is a growing concern across the globe and threat actors have already turned their attention to children. A recent report shared that over 1 million children in the U.S. were victims of identity theft in 2017, costing families $540 million in out-of-pocket expenses. The identities of children make attractive and high value targets […]
October 10, 2019The Fall of Darknet MarketsEditorial TeamLast week, in Darknet Drama, we discussed the increase of disappearing admins of darknet markets. Recently, we’ve found an abundance of evidence confirming our predictions for more casualties in the darknet. First, one of the most valued sources of leaked intel, “Intel Repository”, went down, as confirmed by this thread on darknet cybersecurity location “Torum”: […]
October 3, 2019Darknet DramaEditorial TeamThe darknet is under attack by law enforcement and even those within its own community. There seems to have been a never-ending stream of darknet incidents since the beginning of 2019. The year began with DDoS attacks on rich darknet markets, most likely from different sources, and with different goals. After Dream Market succumbed and […]
September 30, 2019How Cyber War Games Can Impact the Cyber Security IndustryEditorial TeamCollaboration and communication within the cybersecurity industry are key to thwarting cyber attacks from threat actors. As we have repeatedly seen, threat actors constantly communicate with each other, especially through the dark web, attempting to sell their services and products. The third annual Cyber War Games, expertly crafted by our partner, TLR Communications, took place […]
September 24, 2019The Nightmare of Disappearing Darknet MarketsEditorial TeamThe administrators of the Nightmare Market performed an exit scam In July 2019. Discussion and speculation around exit scams is common on dark web forums, as demonstrated in the following images. Figure 1: Exit scam motivations The screenshot above is from a reputable darknet forum. In it, a user named “r00b00t” explains their view on […]
August 14, 2019Anti-vaxxers Could Be Turning to the Dark Web for Help in Avoiding VaccinationsEditorial TeamThe anti-vax movement has always claimed that vaccines are at the root of a wide-range of health problems for kids. Some have attributed them to autism while others have claimed that they cause long-term health issues. Whatever the case may be, the group attributed to this movement have sometimes thrown medical research or advice out […]
August 8, 2019Another Day, Another Breach: A Few Thoughts on How We Can Do BetterEditorial TeamBreach announcements come with such frequency these days that it is hard to keep track. When a major finance company was breached last week, most of us in the information security industry assumed the usual vector and outcomes. This one was different, and much noise is being made about the methods and infrastructure affected. For […]
June 28, 2019Empire Market Could be the Next Dropped or Seized Dark Web MarketplaceEditorial TeamThe seizures and disappearances of numerous major dark web marketplaces, including Hansa, Dream Market, Wall Street, and Rapture have left Empire Market as the largest and most likely last major dark web market. In the past two months, Empire Market has dominated its niche on the dark web with posts and offers of drugs, fraud, […]
June 4, 2019A CISO’s Perspective: Michael Lines Shares How CISOs Can SucceedEditorial TeamAs a CISO, you constantly worry if today is the day you’ll have a security incident. It’s a common problem. There are huge expectations on you and your team, but the support from the business is not always in line with those expectations. For today’s post, we interviewed cyber risk expert Michael Lines. Over the […]
May 15, 2019Venezuela’s Unrest Evident on the DarknetEditorial TeamIn case you’re unaware, there’s significant unrest in Venezuela. The country has had political and civil unrest for years, but recently came under increased global scrutiny due to the continued collapse of its economy, and its worsening living conditions. Its people have suffered from power outages, water shortages and lack of toilet paper, food, and […]
April 24, 2019Supply Chain and Third Party Risk: A growing concern for enterprise and governmentsEditorial TeamCyber reconnaissance isn’t just about protecting your organization – it’s also about keeping an eye on your business partners and supply chain. This is important, as attackers often find it easier to breach third-party suppliers and move laterally into well protected organizations. Larger organizations – including government institutions – typically have strong, mature security programs […]
April 19, 2019Billions of credentials spanning 1,700 breaches released onlineEditorial TeamAn unnamed Russian threat actor has released a file containing 3 billion unique combinations of emails and passwords on a well known Russian forum. The records appear to have been sourced from an illicit distributor of credentials, claiming to have 13 billion records. Figures 1 & 2 above are screenshots of breached credential websites operated […]
April 1, 2019Don’t Be April Fooled by Cyber FraudEditorial TeamWith losses skyrocketing past $1.4 billion, cyber fraud is no laughing matter. Last year alone, over 300,000 consumers reported cyber fraud and malware attacks to the FBI’s Internet Crime Complaint Center (IC3). In celebration of a fool’s holiday, we thought we’d share a few interesting tools and scenarios we’ve seen recently, so without further ado […]
March 25, 2019The 5 Reasons WhatsApp Could be a National Security RiskEditorial TeamLast week I was asked by one of the 24-hour news networks to comment on camera about Jared Kushner’s use of WhatsApp for official White House business. The news network wanted my thoughts on the vulnerabilities and risks associated with this behavior. My first thought was that this was outside the core focus of what […]
March 19, 2019Facebom: A targeted bruteforce tool poses a serious threat to individuals and enterprisesEditorial TeamRecently, “teamkelvinsecteam’, one of the most active hacking groups released Facebom on a deep web forum; Facebom is an individualized brute force software targeting Facebook. Due to the targeted nature of this tool, the GroupSense research team believes Facebom poses a threat to individuals and enterprises alike. So what if everyone’s Facebook account gets hacked? […]
March 7, 2019VOIP Voice Conversations Posted on Forum, PII ExposedEditorial TeamBy virtue of monitoring conversations in illicit forums, our team frequently stumbles across some unwitting enterprise’s data. Often the data is in the form of a database dump, personally identifiable information (PII), account information, or credentials. Occasionally, though, there is something unique. What’s worse than a data dump? Recently our team observed a well-known threat […]
January 29, 2019The Rise of Cyber Threat Intelligence in the War on Internet FraudEditorial Team
January 7, 2019Signal Versus NoiseEditorial Team
November 6, 2018The Death and Resurrection of Intel CutoutEditorial Team
November 5, 2018Leaked Voter Databases Could be Weaponized for Election MeddlingEditorial Team
October 10, 2017Behind the Scenes: CISOs and the Intelligence CommunityEditorial TeamWhy would companies be recruiting and hiring information security executives from the Intelligence Community? The answer is in the intelligence discipline and how it applies to a holistic and effective security program.
October 9, 2017How To Use The Intelligence Cycle To Secure Your BrandEditorial TeamThe Intelligence Cycle in Action: A case study illustrating how the Intelligence Cycle enables intelligence and security professionals to establish a plan of action and execute on that plan to deliver a high-quality intelligence product to their clients.
July 24, 2017How to Use Maltego to Conduct Threat ResearchEditorial TeamMaltego is an interactive, visual data mining and link analysis tool used to conduct online investigations through a library of plugins called “transforms.” In this guide, we'll show you how to use Maltego to do threat research within your own organization.
