Monitoring deep, dark and surface web to detect exposure of your sensitive data, secret projects and initiatives, privileged users, critical systems, IT infrastructure, and more.
Monitoring and alerting of third party data breaches impacting your employees’ emails, usernames, and personally identifiable information.
Assess the risk footprint and security posture of key business relationships to get a handle on external risk introduced through your extended attack surface.

Sign Up for Updates

Digital risk monitoring of key personnel with telemetry and risk metrics. VIPRecon provides broad coverage of social media, deep and dark web, as well as physical threat assessments.
Our Ransomware Response Readiness Assessment, Playbook and Table Top Exercise gives your organization the best chance to survive and recover.
Gain visibility of your digital footprint by reaching into the most active areas of the cyber underground.
Fully managed and tailored Threat Intelligence services that becomes an extension of your current security processes and provides real-time visibility on new threats.
Providing research and investigations into known threats, to save security teams time and stress during a cyber emergency.

Sign Up for Updates

GroupSense offers a comprehensive package of services for assessing and responding to ransomware attacks, including negotiations with threat actors.
Actively researching and monitoring threats from vendors or third-party companies that can affect organizational security.
Monitoring for threats to elections, VIPs, and more on social media to proactively prevent or mitigate digital risk.
Focusing on the threats and risks that matter to your security processes and providing intelligence and insights to prevent or mitigate digital risk.
Taking the next step in security services, by proactively taking down phishing sites or anonymously interacting with threat actors to provide better intelligence.
Active monitoring of your brand's digital assets to protect its reputation and stop further brand abuse from targeting unsuspecting victims.

Sign Up for Updates

Combining your cyber and fraud programs to effectively fight threat actors continually scamming or threatening assets within an organization.
Executives are prime targets for fraudulent activities, but with a proactive approach, any attacks or threats can be neutralized before causing any damage.
Governments, political parties and candidates must all act now to activate cyber threat intelligence services to harden their information security and get ahead of inevitable cyber threats to the election process.


Squid Games Ransomware Cyber Drill

By Editorial Team on Jan 19, 2022 11:24:05 AM

Earlier this week, GroupSense's CEO, Kurtis Minder, participated in AIMA's APAC Webinar: Cybersecurity x Ransomware: Squid Games Edition.

Topics: Blog

Security Analytics & XDR Demo Forum

By Editorial Team on Jan 12, 2022 10:10:05 AM

GroupSense’s CTO, Adam Bregenzer, participated on the Security Analytics & XDR Demo Forum with Richard Stiennon, as well as BlackCloak, Cyberint, and Digital Shadows. They discussed Digital Risk Protection around intel collection strategy, initial access brokers, and threat intel SOC integration.

Topics: Webinar Events

New Wave of Jan. 6 Conspiracy Theories

By Editorial Team on Jan 6, 2022 5:45:02 PM

Bryce Webster-Jacobsen, Director of Intelligence Operations at GroupSense, was quoted in Axios' article, "New Wave of Jan. 6 Conspiracy Theories". Bryce spoke to Sara Fischer, Media Reporter at Axios, about conspiracy theories surrounding the January 6th attack on the U.S. Capital. 

Topics: News

The Top 5 Cybersecurity Tools Companies Need to Implement Right Now

By Editorial Team on Jan 3, 2022 4:46:25 PM

Kurtis Minder, GroupSense CEO, started 2022 off on the right foot with a feature on Infosecurity. He shared his top five cybersecurity tools that companies need to implement right now. While these items may be considered “cybersecurity 101,” you’d be surprised how many organizations don’t have these measures in place. Below is a snippet from the article. 

Topics: News

Seven Tips for Negotiating with Hackers (or Anyone for that Matter)

By Editorial Team on Dec 30, 2021 12:47:57 PM

Kurtis Minder, GroupSense CEO and cofounder, sat down with Joe Meadows, Partner at Gordon & Rees, and talked about seven tips for negotiating with hackers (or anyone for that matter!). Here are a few highlights of that conversation:

Topics: News Blog Ransomware

GroupSense to Speak at CactusCon in Two Ransomware Sessions

By Editorial Team on Dec 28, 2021 3:03:16 PM

GroupSense CEO and co-founder, Kurtis Minder, Intelligence Analyst, Nicole Hoffman, and Director of Intelligence Operations, Bryce Webster-Jacobsen, are speaking at CactusCon February 4-5, 2022. 

Topics: Webinar Events

Ask Me Anything Webinar with Abacode

By Editorial Team on Dec 28, 2021 11:30:04 AM

Ransomware attacks have increased significantly over the past year. On Tuesday, February 22nd, join Jeremy Rasmussen, Chief Technology Officer at Abacode, and renowned ransomware negotiator and CEO of GroupSense, Kurtis Minder, to get behind the scenes exclusive access and insight into what happens after a ransomware attack.

Topics: News Webinar Ransomware Events

AIMA APAC Webinar: Cyber security x Ransomware

By Editorial Team on Dec 27, 2021 2:13:08 PM

On January 18th, Kurtis Minder, GroupSense CEO, will join AIMA for their APAC Webinar: Cyber security x Ransomware: Squid Games Edition.

Topics: Webinar Events

NYLIB: Cyber Security Panel Discussion

By Editorial Team on Dec 27, 2021 1:46:16 PM

GroupSense CEO Kurtis Minder, will join NYLIB as a keynote speaker highlighting his experience in the cyber security space. Afterwards, NYLIB will host a panel discussion focused on cyber security risks facing banks, current trends, and best practices.

Topics: Webinar Events

Five Ransomware Predictions for 2022

By Editorial Team on Dec 22, 2021 9:30:00 AM

In 2021, we saw a steady rise in the number of ransomware attacks. It’s projected that global ransomware damage costs will reach $20 billion by the end of 2021. Nearly every week, you hear of a new high-profile catastrophic breach, but organizations of all sizes have been critically impacted by ransomware and cyber threats.

Topics: Blog Ransomware

GroupSense's Kurtis Minder and Nicole Hoffman to Speak at RSA

By External Author on Dec 21, 2021 5:33:49 PM

GroupSense CEO and co-founder, Kurtis Minder, and Intelligence Analyst, Nicole Hoffman, are speaking at the RSA Conference June 6-9, 2022.

Topics: Webinar Events

The Bad Actors – The Extortion Economy

By Editorial Team on Dec 17, 2021 2:53:29 PM

Kurtis Minder, Ransomware Negotiator and GroupSense CEO, was featured on MIT Technology Review & ProPublica's: The Bad Actors – The Extortion Economy podcast. This series is hosted by Meg Marco and produced by Emma Cillekens, Tate Ryan-Mosley and Anthony Green. The podcast dives into the criminal world where the stakes are high, but the methods are increasingly business-like and meet the people who interact with the ransomware hackers.

Topics: News Ransomware Podcast

Impact of CVE-2021-44228 Apache Log4j Vulnerability

By Editorial Team on Dec 16, 2021 3:42:30 PM

GroupSense performed a deep and dark web investigation into the critical remote code execution (RCE) zero-day impacting the Apache Java-based logging utility Log4j (CVE-2021-44228). This high severity vulnerability is already being actively exploited in the wild, per numerous public reports. The attack vector is extremely trivial for threat actors to exploit, requiring only a single string of code, and impacts software products from numerous vendors. The US Cybersecurity and Infrastructure Security Agency is maintaining an updated list of affected vendors.

Topics: Blog

CynergisTek's Healthcare Ransomware Bootcamp Recap

By Editorial Team on Dec 13, 2021 1:19:21 PM

On December 9th, Kurtis Minder, GroupSense CEO, presented at the CynergisTek Healthcare Ransomware Bootcamp.

Cyber Resilience is like muscle – training helps you achieve more. In this Ransomware Bootcamp seminar, you will learn about the changes to cyber insurance and how to prepare for them, an inside perspective from a ransomware negotiator, and steps on how to train your resilience muscle to strengthen your defensive and offensive strategies. 

CynergisTek, Lockton Companies, and GroupSense provided insider insights on how to stay ahead of the curve and protect yourself from being the next target.

"The healthcare industry lost an estimated $25 billion to ransomware attacks in 2019," SafeAtLast.

Elissa Doroff, Managing Director & Cyber Technical Leader at Lockton Companies, presented "Cyber Insurance - The Effects of Ransomware". Ransomware attacks accounted for 41% of all filed cyber insurance claims in the first half of 2020, according to a report by Coalition. To keep up with the cost, and rise in claim occurrence, cyber insurance providers are implementing compliance requirements that, depending on compliance capability, might increase your coverage cost or deem you ineligible to be insured at all.

Elissa Doroff covered the following in her session:
  • Background of the always-evolving cyber insurance industry. Once deemed an organizational “nice to have”, finds itself in a pivotal point that may change the insured’s coverage decision forever.
  • A walkthrough of the top 10 cybersecurity compliance standards, and a deep dive into why they are important, and what they mean.
  • What happens once you become insured. Including best practices to work with your insurance company, how cyber insurance works, a look into filing a claim, and a broker’s perspective on breach response.

Kurtis Minder followed Elissa and presented "Real Life Perspectives from a Ransomware Negotiator". No one ever expects it to happen to them, but with ransomware and cybercrime on the rise, it’s more likely than ever to discover that ransomware has locked down your system and cybercriminals are holding your data hostage. 

"2020 Healthcare attacks involved the theft or exposure of the protected health information of at least 18,069,012 patients," HIPPA Journal.

Kurtis Minder covered the following in his session:
  • What most people don’t realize about ransomware and the cybercriminals that run these exploits
  • Immediate do’s and don’ts if your systems are being held captive
  • How to limit potential damage like data loss, overpaying threat actors, tarnished brand reputation, and compliance violations
  • Notable stories from the field
Below are some interesting healthcare specific stats/issues from Kurtis's session:
  • Connected IoMT: There are 430 million connected medical devices worldwide. The number rises every day, creating an expanded attack surface.
  • Mergers and Acquisitions (M&A): It is not uncommon for healthcare organizations to have many mergers and acquisitions. An organization might be more vulnerable if the acquired organization doesn’t have up-to-date records of all its assets.
  • 2020 Healthcare Ransomware: More than a third of healthcare organizations were hit by a ransomware attack in 2020 and of those, 65% said the cybercriminals were successful in encrypting their data.
  • Unpatched Systems: Many health care institutions use unpatched or outdated hardware devices and software, which are prone to ransomware attacks.

Mac McMillan, President & CEO at CynergisTek closed out the event by highlighting the crucial need for organizations to shift towards cybersecurity resilience, and away from a compliance/preparation-only mindset. Mac discussed key findings from Elissa and Kurtis’s sessions and tied it all together.

Download Tips to Better Protect Your Data >

About Kurtis Minder:

Kurtis Minder is the CEO and co-founder of GroupSense, a leading provider in Digital Risk solutions. Kurtis built a robust cyber reconnaissance operation protecting some of the largest enterprises and government organizations. Kurtis has been the lead negotiator at GroupSense for ransomware response cases. He has successfully navigated and negotiated some of the largest ransomware, breach, and data extortion cases world-wide. With over 20 years in the information security industry, Kurtis brings a unique blend of technical, sales and executive acumen.

Topics: News Webinar Ransomware Events

The Rise of the Geopolitical Hack

By Editorial Team on Dec 10, 2021 9:39:28 AM

The residue of ransomware is infiltrating our psychology and pocketbooks. Is politics next?

Earlier this year, GroupSense spoke to Erika Hellerstein, Senior Reporter at Coda, about connecting links between disinformation and ransomware, as well as GroupSense's backstory on how they became ransomware negotiators.

Topics: News

Activist Movements Drive Misinformation Mayhem

By Editorial Team on Dec 3, 2021 10:50:27 AM

Bryce Webster-Jacobsen, Director of Intelligence Operations at digital risk protection / ransomware negotiators GroupSense, was a featured in Axios' article "Activist Movements Drive Misinformation Mayhem. Bryce spoke to Sara Fischer about anti-vaccination conspiracy theories and how they are becoming dangerous spreaders of misinformation.

Topics: News

CynergisTek's Ransomware Bootcamp

By Editorial Team on Dec 1, 2021 12:00:00 PM

Cyber Resilience is like muscle – training helps you achieve more. In this Ransomware Bootcamp seminar, you will learn about the changes to cyber insurance and how to prepare for them, an inside perspective from a ransomware negotiator, and steps on how to train your resilience muscle to strengthen your defensive and offensive strategies. 

Topics: News Webinar Ransomware Events

As the cyber insurance bubble begins to burst, the market scrambles for a new approach

By Editorial Team on Nov 24, 2021 3:47:22 PM

Bryce Webster-Jacobsen, Director of Intelligence Operations at digital risk protection / ransomware negotiators GroupSense, was a featured on SC Media. Bryce spoke to Joe Uchill about the cyber insurance bubble bursting and how organizations need to take a different approach.

Topics: News

SafetyDetectives - Digital Risk Protection Q&A with Kurtis Minder

By Editorial Team on Nov 19, 2021 5:05:52 PM

Earlier this week, Kurtis Minder, GroupSense CEO & Co-founder, was interviewed by Aviva Zacks, Cybersecurity Expert and Writer at SafetyDectives. During the interview they discussed GroupSense's backstory, how GroupSense serves their clients, what makes GroupSense so unique, and the worst cyberthreat out there today. Below are a few highlights from the interview.

Topics: News

GroupSense Presents at BSidesDFW

By Editorial Team on Nov 3, 2021 1:53:41 PM

Join Nicole Hoffman, GroupSense Intelligence Analyst, on Saturday, November 6th (12PM CT) at BSidesDFW! Nicole is presenting The Cognitive Stairways of Analysis.

Topics: Events

A Mysterious Network of Twitter Bots Promote Alleged NRA Hack

By External Author on Nov 2, 2021 12:00:00 PM

When a mysterious Russian hacking gang announced last week that it had assaulted the National Rifle Association with a ransomware attack, the NRA was quiet on whether the claim was true. But a network of hundreds of Twitter trolls were far from mute—they lapped up the news and went to town amplifying it across Twitter.

Topics: News Ransomware

As demo’d with NRA, ‘information operations’ may be new way to give ransomware victims Grief

By External Author on Nov 1, 2021 11:30:00 AM

After the notorious Grief ransomware group added the National Rifle Association to its public list of victims, messages of the breach was reportedly amplified by a network of fake Twitter accounts. While it's still unclear if the network is connected to Grief, experts worry it could mark the beginning of information campaigns being added to the ransomware arsenal.

Topics: News Ransomware

4th Cybersecurity Conference: How to Negotiate with Ransomware Hackers

By Editorial Team on Oct 28, 2021 3:30:00 PM

On Thursday, October 28th, GroupSense's CEO, Kurtis Minder, spoke at Convent's 4th Annual Cybersecurity Conference. Kurtis spoke to Andreas Horchler, Founder & Managing Partner of, about his experiences as a Ransomware Negotiator and how to negotiate with ransomware hackers.

Topics: News Video Webinar Ransomware Events

GroupSense Spoke About Ransomware Prevention at The Fairfax County's Department of Information Technology Event

By Editorial Team on Oct 28, 2021 2:32:52 PM

On Friday, October 15th, GroupSense's CEO, Kurtis Minder, spoke at The Fairfax County's Department of Information Technology event for Cyber Security Awareness Month. Kurtis spoke about reducing ransomware — from prevention through recovery.

Topics: Events

Cybercrime Magazine Podcast: Ransomware Negotiation

By Editorial Team on Oct 27, 2021 10:00:00 AM

Cybercrime Radio, host Hillarie McClure spoke with Kurtis Minder, a ransomware negotiator and CEO of GroupSense, a leading provider in Cyber Reconnaissance.

Topics: News Ransomware

SC Media Ransomware Kill Chain Feature

By Editorial Team on Oct 22, 2021 12:00:00 PM

Ransomware needs its own kill chain framework

GroupSense's Intelligence Analyst, Nicole Hoffman, is featured in SC Media. Nicole explains the evolution of the Cyber Kill Chain developed by Lockheed Martin and argues that the industry needs a kill chain specifically for ransomware.

Topics: News Blog Ransomware

Cover Story: The dark web rises

By External Author on Oct 18, 2021 10:15:00 AM

The dark web is often seen as a virtual back alley — a shady place where underground deals are made and criminal gangs plot their next heist. While most law-abiding citizens tend to steer clear of the dark web, the growing number of ransomware attacks and cybercriminal cases has made it far too dangerous to ignore. 

Topics: News Ransomware

The Ransomware Pandemic that COVID Started

By Kurtis Minder on Oct 15, 2021 9:45:00 AM

By Kurtis Minder, CEO, GroupSense

Topics: News Blog Ransomware

Couple use peanut butter sandwich to trade nuclear secrets for crypto

By External Author on Oct 12, 2021 9:30:00 AM

A husband and wife espionage team could face up to 10 years in prison after investigators discovered their alleged attempts to hide — and sell — top-secret military information in ordinary items such as a peanut butter sandwich and a stick of chewing gum.

Topics: News Ransomware

WIRED Security Virtual Event: Top Priorities to Protect the Future of Business

By External Author on Oct 12, 2021 9:15:00 AM

WIRED Security will explore current issues and top priorities for security experts to protect the digital and physical future of business. The event gathers the innovators, disruptors and leaders in security for a day of eye-opening and inspirational stories, case studies and workshops that cover new cybersecurity threats, deal with disruptive technologies and build resilience in a world that’s constantly changing.

Topics: News Webinar Ransomware Events

Hello Show by Orange Silicon Valley- October 5 to 7, 2021

By External Author on Oct 5, 2021 9:30:00 AM

9:15 a.m. (PDT) — No More Yelling in the Boardroom: How Companies Misunderstood Ransomware Response — Talk by Kurtis Minder, CEO, GroupSense, and moderated Q&A with Alex Chitea, Principal, Technology Group, Orange Silicon Valley

Topics: News Video Webinar Ransomware Events

Congress Questions FBI’s Tight-Lipped Ransomware Tactics

By External Author on Sep 25, 2021 10:45:00 AM

More weight should be placed on consideration of the victims whose business has been ground to a halt in the aftermath of ransomware attacks, according to Kurtis Minder, CEO and co-founder of security firm GroupSense, which helps ransomware victims negotiate with cybercriminals if they can’t obtain a decryption key otherwise.

Topics: News Ransomware

Best tips for negotiating with hackers

By External Author on Sep 23, 2021 9:30:00 AM

Kurtis Minder, CEO of the American cyber security company GroupSense, has been busy acting as a ransom negotiator in ransomware cases. It started with a client who needed help, and then as the number of cases increased, he refined his ability to negotiate with the criminal gangs on the other side.

Topics: News Blog Ransomware

Webinar: Technology Risks & Rewards- 2021 and Beyond

By External Author on Sep 20, 2021 10:00:00 AM

Join Kaufman Rossin CEOLink with our partner GrayRobinson for a one-hour session, Technology Risks & Rewards: 2021 and Beyond, moderated by WLRN's Tom Hudson, host of The Sunshine Economy.

Topics: News Video Webinar Ransomware Events

The Baltimore Sun: Kurtis Minder Ransomware Negotiator

By Editorial Team on Sep 20, 2021 9:30:00 AM

“What bothers me most is how preventable this all is.”

Kurtis Minder, CEO of GroupSense, provided commentary to The Baltimore Sun yesterday about “vaccinating” a company against ransomware. “What bothers me most is how preventable this all is. In fact, like current COVID-19 deaths, it’s at least 99.2% preventable. “Vaccinating” a company against ransomware isn’t expensive or technically daunting — yet companies fail at simple cyber hygiene and put their businesses, our critical infrastructure, and sometimes even people’s lives, at risk,” says Kurtis Minder.

Below are a few highlights from Kurtis’ op-ed.

Topics: News Blog Ransomware

FNC Smart Talks with a Ransomware Negotiator

By External Author on Sep 14, 2021 9:30:00 AM

In this interview Rodrigo Andrade receives Kurtis Minder, CEO of GroupSense and Ransomware Negotiator. They talk about what to do in case of attacks, who are the main targets and how to prevent and stay safe from these crimes.

Topics: News Video Ransomware

Pretend Podcast: The Ransomware Negotiator

By External Author on Sep 14, 2021 9:30:00 AM

Ransomware. Does that term ring a bell? Even if you've never heard those words before, trust me, most of us have experienced Ransomware one way or another. If you live on the East Coast, you remember waiting long hours at the gas pump this past May. That's because a hacking group known as DarkSide hacked the Colonial Pipeline. The hackers demanded a ransom for 75 bitcoins which is equivalent to $4.4 million. How did the hackers break into the oil company's system? Easy. Some employees used the same password they used on another account that was previously hacked. And guess what? Colonial Pipeline paid the ransom and the hackers. $4.4. million dollars—gone, just like that.

Topics: News Ransomware Podcast

How Can I Reduce the Chances of My Company Getting Hit by Ransomware?

By Kurtis Minder on Sep 10, 2021 9:15:00 AM

Question: How can I reduce the chances of my company getting hit by ransomware? Where do I start?

Topics: News Blog Ransomware

Podcast: What Ragnar Locker Got Wrong About Ransomware Negotiators

By External Author on Sep 9, 2021 9:30:00 AM

The Ragnar Locker ransomware gang put its victims on notice: If victims call investigators, the FBI or ransomware negotiators for help the punishment will be publishing encrypted files.

Bryce Webster-Jacobsen, Director of Intelligence Operations at digital risk protection / ransomware negotiators GroupSense, was a featured guest on Threatpost’s podcast this week. Bryce spoke to Lisa Vaas about what Ragnar Locker got wrong about ransomware negotiators. Below are a few highlights from the conversation.

Topics: News Ransomware Podcast

The Art of Ransomware Negotiation

By External Author on Sep 7, 2021 9:30:00 AM

Kurtis Minder shielded his laptop screen from prying eyes in the airline seats around him.

Topics: News Ransomware

Webinar: Ransomware Negotiator - Ask Me Anything

By Editorial Team on Sep 6, 2021 11:08:00 AM

Ransomware attacks have increased significantly over the past year. There were 93% more ransomware attacks carried out in the first half of 2021 than the same period last year.

Topics: News Blog Webinar Ransomware Events

What can we learn from the Poly Network cryptocurrency heist?

By External Author on Aug 24, 2021 9:30:00 AM

On Monday, cryptocurrency finance firm the Poly Network ended its strange journey with a hacker or hackers who stole $611 million, when the remaining funds were returned. It was a sequence of events so baffling, it will leave many people to wonder if common-sense rules for negotiations still apply.

Topics: News Ransomware

To Prevent Ransomware Attacks, We Must Look Inward

By Kurtis Minder on Aug 24, 2021 9:30:00 AM

By Kurtis Minder, co-founder and CEO of GroupSense

A year and a half ago, I was pulled into a ransomware negotiation as a lead negotiator. My company has been negotiating with threat actors on the underbelly of the internet for years, so we were uniquely suited to assist. Following that case, more cases came that varied in size and complexity. 

Topics: Blog Ransomware

Inside the Secret Codes Hackers Use to Outwit Ransomware Cops

By External Author on Aug 20, 2021 9:30:00 AM

They used to be a safe space for hackers to coordinate attacks, but with online forums worried about unwanted attention from law enforcement, many have banned ransomware posts. And—as is usually the case in the whack-a-mole game of hacking—cybercriminals are finding a way around the new restrictions: a coded language to bypass suspicion.

Topics: News Ransomware

Webcast: Ransomware Negotiator - Ask Me Anything with Kurtis Minder

By External Author on Aug 18, 2021 9:15:00 AM

According to a former senior White House official, 2020 was the year that ransomware went from being a nuisance to a full-scale national security threat and a “scourge.” The frequency of ransomware attacks has increased dramatically over the past year, with 93% more carried out in the first half of 2021 than the same period last year. Ransom payments topped over $400 million last year and is on pace for another record breaking year in 2021. Although those payments may seem jaw-dropping its nothing compared to the damage that a ransomware attack can cause on enterprises and critical infrastructure such as the attack on Colonial Pipeline.

Topics: News Video Webinar Ransomware

Podcast: Black Hat 2021... What Did We Learn?

By External Author on Aug 13, 2021 9:15:00 AM

On today’s No Name Security Podcast, Matt Stephenson welcomes 3 people doing very cool things in a very cool industry… and… they happen to be to very cool people. Kurtis Minder is the co-founder and CEO at GroupSense, Tom Pace is the co-founder and CEO at NetRise and Scott Scheferman is the Chief Strategist at Eclypsium. They are each legendary incident response types who were at Black Hat for a multitude of reasons. Why were they there…? Stick around and find out!

Topics: News Ransomware Podcast

Cover Story: Holding Data Hostage

By External Author on Aug 9, 2021 9:00:00 AM

Ransomware is a present-day digital plague — cold, methodical and indifferent. Spreading from source to source, it can lie dormant within networks for years, biding its time before striking.

Topics: News Ransomware

A Disgruntled Threat Actor Provides a Behind-the-Scenes Look at a Ransomware Group’s Playbook

By Editorial Team on Aug 6, 2021 2:09:02 PM


On 5 August 2021, a seemingly disgruntled Russian-speaking threat actor claiming to work as an affiliate for the popular ransomware group Conti leaked on the underground forum XSS a 113 MB archive of training materials and tools allegedly used by Conti to conduct its ransomware attacks (Figure 1). 

Topics: Blog Ransomware

Ransomware's Big Year - from nuisance to 'scourge'? - DEF CON Policy Panel

By External Author on Aug 5, 2021 5:33:04 PM

When: August 6th, 1:00 pm to 2:00 pm PST

Where: DEF CON main stage panel

According to a former senior White House official, 2020 was the year that ransomware went from being a nuisance to a full-scale national security threat and a “scourge.” After an awkward adolescence spent shaking down individual users for a couple hundred dollars and a big debut in 2017 with WannaCry and NotPetya , ransomware really hit the big time in 2020.

Topics: News Ransomware Panel

Livestream: Ransomware Preparedness Programs

By External Author on Aug 3, 2021 12:15:00 PM

Kurtis Minder joined Security Guy TV for a discussion on ransomware negotiation and ransomware preparedness programs.

Topics: News Video Ransomware

Podcast: Bryce Webster-Jacobsen on negotiating with ransomware hackers

By External Author on Jul 31, 2021 9:00:00 AM

Ransomware attacks are not a new phenomenon, but they have increased exponentially since the beginning of the pandemic. Cybersecurity experts attribute the surge, in part, to the shift to people working from home and away from the safe perimeters of corporate networks.

Topics: News Ransomware Podcast

BlackMatter & Haron: Evil Ransomware Newborns or Rebirths

By External Author on Jul 28, 2021 2:30:00 PM

So much for darkened servers at the headquarters of DarkSide or REvil ransomware groups. Turns out, we’ve got either their rebranded versions or two new ransomware gangs  to contend with.

Topics: News Ransomware

GroupSense and Airgap Partnership Helps Companies Prepare for and Defend Against Ransomware Attacks

By Editorial Team on Jul 28, 2021 10:00:00 AM

Arlington, Va. and Santa Clara, Calif. – July 28, 2021GroupSense, a digital risk protection services company, and Airgap, a cybersecurity provider of the industry’s first agentless Ransomware Kill Switch™, today announced a partnership to help customers prepare for and defend against ransomware attacks. By combining GroupSense’s Ransomware Response Readiness Subscription (R3S) service offering with Airgap’s Ransomware Kill Switch™ annual SaaS subscription, customers can microsegment their networks to automatically prevent the spread of ransomware during the incident mitigation lifecycle, and also have a comprehensive and tested ransomware “playbook” for mitigating the damage caused by these attacks.

Topics: News Press Releases Ransomware

Many ransomware attacks go unreported. The FBI and Congress want to change that.

By External Author on Jul 27, 2021 7:30:00 PM

Congress, urged on by the nation’s top law enforcement agencies, is pushing to require companies to report ransomware attacks in an effort to help the government understand the scope of the threat.

At a Senate Judiciary Committee hearing on Tuesday, representatives of the Justice Department, FBI, Secret Service and the Cybersecurity and Infrastructure Security Agency all said Congress should consider passing a bill forcing companies that have been hit by a cyberattack to tell the government.

Topics: News Ransomware

How crypto is supercharging ransomware attacks

By External Author on Jul 26, 2021 8:00:00 AM

Cryptocurrencies like Bitcoin are becoming the preferred payment method in ransomware attacks, in which computer data is held hostage by malicious software. But crypto's anonymity means cybercriminals are becoming even harder to trace and prosecute.

Topics: News Video Ransomware

Software company’s unveiling of decryption key comes too late for many victims of devastating ransomware attack

By External Author on Jul 23, 2021 6:00:00 PM

On Thursday, the software company Kaseya announced that it could help unlock any of its customers’ systems that were still inaccessible following a devastating ransomware attack early this month that took down as many as 1,500 businesses worldwide. But for many victims it was too little, too late.

Topics: News Ransomware

Kaseya Gets Tool to Unlock Data After Ransomware Attack

By External Author on Jul 23, 2021 8:15:00 AM

The technology provider at the center of a ransomware attack this month said it obtained a tool to unlock data targeted by hackers in an incident that disrupted hundreds of firms in several countries.

Topics: News Ransomware

Podcast: Kurtis Minder, Ransomware Negotiator and CEO of Group Sense | What To Do When Your Data’s Being Held Ransom - Episode 27

By External Author on Jul 22, 2021 9:00:00 AM

Kurtis Minder joins Dominique Shelton Leipzig and David Biderman on the Decrypted Unscripted podcast to discuss how GroupSense’s team of cyberspies knows how to find where the bad guys are operating and work with clients to protect their data. He describes in detail how he became the “go-to” ransomware negotiator in the country. He also explains the dark web and how it helps criminals steal information and shares why his team has seen a steady increase in threat actors accessing data remotely over the last 12 months.

Topics: News Ransomware Podcast

Chat logs show how Egregor, an $80 million ransomware gang, handled negotiations with little mercy

By External Author on Jul 21, 2021 9:00:00 AM

In a series of ransomware payment negotiations last December, operatives from a gang known as “Egregor” alternated from treating their victims with surprising civility, and behaving like cartoonish movie villains.

Topics: News Ransomware

Podcast: What’s Next for REvil’s Victims?

By External Author on Jul 19, 2021 7:15:00 PM

Last week, the servers of ransomware giant REvil vanished.

Topics: News Ransomware Podcast

Podcast: Ransomware - a very 21st century crime

By External Author on Jul 18, 2021 8:45:00 AM

The rush to go digital during Covid-19 has coincided with a marked rise in ransomware attacks.

Topics: News Ransomware Podcast

Podcast: Threat actors changing ransomware tactics

By External Author on Jul 15, 2021 10:00:00 AM

Guest Kurtis Minder from GroupSense joins Dave to discuss divergent ransomware trends, the guys have a listener reminder about it being CompTIA, Joe, Dave has a story about a coupon scam in the Houston area, Joe's story is about a real estate rental scam and a scammer who likes to talk about his work, and our Catch of the Day is from a listener named Craig with an email about an unprofessional colleague and a questionable attachment.

Topics: News Ransomware Podcast

REvil gang suddenly goes silent leaving victims unable to recover systems

By External Author on Jul 14, 2021 8:45:00 AM

The dark web sites operated by the notorious REvil ransomware group suddenly went offline on Tuesday, prompting speculation that the US or Russian governments stepped in. Meanwhile, victims and the security companies working for them to recover data have been put in a more difficult situation.

Topics: News Ransomware

Ransomware gang REvil's websites become unreachable

By External Author on Jul 13, 2021 4:15:00 PM

WASHINGTON, July 13 (Reuters) - Websites run by the ransomware gang REvil suddenly became unreachable on Tuesday, sparking widespread speculation that the group had been knocked offline.

Topics: News Ransomware

Hacking group behind widespread ransomware attacks disappears online

By External Author on Jul 13, 2021 3:45:00 PM

A cybercriminal group that took responsibility for a massive ransomware attack that affected hundreds of businesses this month has disappeared from sight online.

Topics: News Ransomware

Russia’s most aggressive ransomware group disappeared. It’s unclear who disabled them.

By External Author on Jul 13, 2021 1:30:00 PM

Just days after President Biden called President Vladimir V. Putin of Russia and demanded that he act to shut down ransomware groups that are attacking American targets, the biggest of them has gone off-line. The mystery is who made that happen.

Topics: News Ransomware

Waikato DHB could 'use some help' with ransomware clean up

By External Author on Jul 10, 2021 10:00:00 AM

Kurtis Minder is the chief executive of GroupSense, a US-based company that deals in the prevention of and response to ransomware and other cyber attacks.

Topics: News Video Ransomware

The anatomy of a ransomware attack

By External Author on Jul 9, 2021 10:00:00 AM

Just hours before the Fourth of July weekend, a huge, coordinated cyberattack hit hundreds of businesses across the world. A group of hackers broke in by exploiting a hole in the software code of an information technology company with a wide-ranging client base, then demanded $70 million in ransom.

Topics: News Ransomware

Ransomware Negotiations Spark New Business For Cybersecurity Companies

By External Author on Jul 8, 2021 11:00:00 AM

The rise of ransomware attacks directed at U.S. companies is creating demand for a new service from cybersecurity companies: ransomware negotiations. 

Topics: News Video Ransomware

Ransomware group demands $70 million for Kaseya attack

By External Author on Jul 5, 2021 9:45:00 AM

The ransomware group REvil has demanded a $70 million payment in Bitcoin for a decryptor tool following its attack on the software vendor Kaseya, cyber researchers say.

Topics: News Ransomware

Why has data stolen in the HSE cyberattack not yet appeared online?

By External Author on Jul 3, 2021 9:30:00 AM

Topics: News Ransomware

Kaseya Ransomware Incident

By Editorial Team on Jul 2, 2021 5:43:58 PM

GroupSense analysts became aware of a wide-spread attack leveraging Kaseya’s Vector Signal Analysis (VSA) platform, commonly in use by Managed Service Providers.


Topics: Blog Ransomware

Negotiating with ransomware criminals creates new business for security professionals

By External Author on Jun 29, 2021 12:00:00 PM

A growing swarm of ransomware attacks has created a cottage industry of tech whizzes willing to do what companies and law enforcement won’t: negotiate with the cybercriminals taking systems and data hostage.

Topics: News Ransomware

Could curtailing cryptocurrency calm cyber crime wave?

By External Author on Jun 28, 2021 2:30:00 PM

Besides outright banning ransom payments, one of the most widely circulated policy ideas to curtail ransomware would be to treat cryptocurrencies as a bonafide component of the financial system: require cryptocurrency exchanges or the cryptocurrencies themselves to abide by regulations that reduce anonymity and prevent money laundering.

Topics: News Ransomware

Podcast: Kurtis Minder - The Seven Dirty Words of Cybersecurity

By External Author on Jun 22, 2021 12:00:00 PM

If you have been reading about or watching news shows discussing ransomware, more than likely, you have seen Kurtis Minder. He has been nearly omnipresent across multiple platforms because his team at Groupsense has been putting in the work to help the victims of ransomware attacks negotiate with attackers in order to get their data back.

Topics: News Ransomware Podcast

Monero emerges as crypto of choice for cybercriminals

By External Author on Jun 22, 2021 9:00:00 AM

For cybercriminals looking to launder illicit gains, bitcoin has long been the payment method of choice. But another cryptocurrency is coming to the fore, promising to help make dirty money disappear without a trace.

Topics: News Ransomware

Can the ransomware threat be stopped?

By External Author on Jun 17, 2021 2:00:00 PM

Ransomware attacks have become one of the biggest threats in cybersecurity today. Cybercriminals have blocked access to a major US oil pipeline, shut down hospitals in Ireland and halted operations in the world's largest meat processing company.

Topics: News Video Ransomware

Why backups are not the panacea for recovery from a ransomware attack

By External Author on Jun 17, 2021 9:15:00 AM

The most pervasive wisdom about preventing damage from ransomware is to backup systems. FujiFilm and Colonial Pipeline in fact, restored from back-ups. So in an era of increased concern about ransomware, is solving the ransomware scourge as simple as investing in some backups?

Topics: News Ransomware

Podcast: Ransomware Threats in Illinois

By External Author on Jun 15, 2021 12:30:00 PM

In the past year, several Illinois organizations have been compromised by ransomware groups, which often demand payment in cryptocurrency under threat of compromising services or leaking sensitive data.

Topics: News Ransomware Podcast

One of ransomware's top negotiators would rather you not have to hire him

By External Author on Jun 14, 2021 3:00:00 PM

Kurtis Minder, CEO of threat intelligence firm GroupSense, received a lot of press as a top negotiator in ransomware cases. But he’d rather you not hire him or his peers to negotiate. Instead, he says, he’d much rather you stop the ransomware attack before you’d ever need to call him in.

Topics: News Ransomware

Podcast: The World Tonight ransomware discussion with Kurtis Minder

By External Author on Jun 11, 2021 10:00:00 AM

Kurtis Minder speaks to Razia Iqbal of BBC News on what happens when a ransomware attack occurs and if they can be prevented. In his discussion he explains the basic steps he takes when starting a ransomware negotiation and his experiences throughout the process. 

Topics: News Ransomware Podcast

Secrets of a ransomware negotiator

By External Author on Jun 10, 2021 8:45:00 AM

Kurtis Minder told CNN when discussing ransomware negotiation: "Part of this whole process is also about being a counselor and helping them (the victim) remain objective during this unfortunate event." 

Topics: News Video Ransomware

The business of negotiating with ransomware hackers

By External Author on Jun 9, 2021 12:00:00 PM

Recent ransomware attacks have shown just how vulnerable any business can be to hackers. The growing threat has forced some companies to negotiate with hackers, and has created a whole new business to help corporations navigate the process. Kurtis Minder, a ransomware negotiator and the founder and CEO of GroupSense, joined CBSN to discuss.

Topics: News Video Ransomware

GroupSense and CipherTrace Partner to Reduce Cyrptocurrency Cybercrime

By Editorial Team on Jun 9, 2021 8:45:00 AM

Arlington, Va. – June 08, 2021GroupSense, a digital risk protection services company, and leading crypotcurrency intelligence company CipherTrace, accounce combining their threat intelligence offerings for enterprise clients who are victims of ransomware attacks.

Topics: News Press Releases

Can Investors Find Opportunity in the Cybersecurity Industry? A Look at the Trends and Risks

By External Author on Jun 8, 2021 10:15:00 AM

News of cyberattacks and data breaches are almost becoming commonplace, but particularly stunning attacks still make headlines, such as the Colonial Pipeline disruption and the SolarWinds attack.

Topics: News Ransomware

Podcast: The booming ransomware business

By External Author on Jun 8, 2021 9:00:00 AM

Hackers are making millions from ransomware attacks. What can be done to stop them? Ed Butler speaks to professional ransomware negotiator Kurtis Minder, about the increasing professionalisation of the ransomware business. Kimberly Grauer, head of research at Chainalysis explains why following the bitcoin trail may be the best way of bringing ransomware gangs to justice and Vishaal Hariprasad, boss of cyber insurance company Resilience, tells us why the ransomware threat means there needs to be a stepchange in how companies view cyber security.

Topics: News Ransomware Podcast

Webinar: Cyber Ransom Negotiation

By External Author on Jun 7, 2021 9:00:00 AM

Ransomware is not just a problem for large enterprises and utility companies, it is impacting thousands of small and medium businesses in all sectors. Kurtis Minder, founder of digital risk protection services company GroupSense, has led the response, mitigation, and negotiations of ransomware incidents world-wide. He will share how these attacks occur, who are the perpetrators, how to minimize the chances of being a victim, and what to do if you are.

Topics: Webinar Ransomware

Podcast: The Current- Examining the threat of ransomware attacks

By External Author on Jun 7, 2021 8:45:00 AM

The U.S. government says it's taking ransomware attacks as seriously as terrorism after meat plants and a major U.S. pipeline network were temporarily shuttered by hackers. But will that make it any easier to catch the perpetrators? Joe Uchill, a senior reporter with online cybersecurity publication SC Media, brings us the view from Washington. We also speak with Kurtis Minder, founder and CEO of GroupSense, which helps organizations defend against cyber threats; and David Shipley, co-founder and CEO of Fredericton-based cybersecurity startup Beauceron Security.

Topics: News Ransomware Podcast

Bloomberg Quicktake "Take the Lead" with Kurtis Minder

By External Author on Jun 4, 2021 9:30:00 AM

Kurtis Minder#GroupSense CEO, speaks to Bloomberg about ransomware and ransomware negotiations  at 41:52. 

Topics: News Video Ransomware

A cybersecurity expert takes us inside a ransomware attack on a 70-employee company

By External Author on Jun 2, 2021 11:00:00 AM

At GroupSense, there’s such a demand for ransomware remediation services they’ve added a hotline that’s featured prominently on the frontpage of their website. No one escapes this form of cyberthreat, Minder told Insider.

Topics: News Ransomware

Meet the ransomware negotiators you hope you'll never need

By External Author on Jun 1, 2021 9:30:00 AM

Kurtis Minder has some advice about how to negotiate with criminals who extort millions of dollars by crippling companies’ computer systems and stealing their data: Don’t call them “bad guys.”

Topics: News Ransomware

How to Negotiate with Ransomware Hackers

By External Author on May 31, 2021 8:00:00 AM

A few days after Thanksgiving last year, Kurtis Minder got a message from a man whose small construction-engineering firm in upstate New York had been hacked. Minder and his security company, GroupSense, got calls and e-mails like this all the time now, many of them tinged with panic. An employee at a brewery, or a printshop, or a Web-design company would show up for work one morning and find all the computer files locked and a ransom note demanding a cryptocurrency payment to release them.

Topics: News Ransomware

A Day in the Life of... [Cyber Security Professionals]

By External Author on May 25, 2021 8:45:00 AM

Join us on Wednesday, May 26th as we talk with cyber professionals across different functions within the cybersecurity space. Each individual brings a unique perspective and insight into what their daily lives entail.

Topics: Video Webinar

Podcast: Ransomware Negotiators Step In When Companies Are Hacked

By External Author on May 25, 2021 8:45:00 AM

Ransomware attacks that lock up a victim's systems have become more common. So have people who negotiate with the hackers on behalf of the victims. Kurtis Minder, co-founder of the cyber reconnaissance startup GroupSense, discusses what those negotiations are like, and cybersecurity reporter David Uberti discusses how this approach is viewed within the cyber community. Christopher Zinsli hosts...

Topics: News Ransomware Podcast

Ransomware Boom Forces More Companies to Cut Deals With Criminals

By External Author on May 20, 2021 8:45:00 AM

Kurtis Minder got into the ransomware negotiation business by accident early last year.

Topics: News Ransomware

Brace for ransomware attacks, Midsize Pharma

By External Author on May 19, 2021 9:00:00 AM

“Industrywide, there is a lack of attention to some of the common things that cause breaches and open companies up to ransomware,” Maley says. “We’re becoming immune to these types of things, as they happen more frequently. We’re seeing the same things across sectors. It’s a lack of attention to the basics.”

Topics: News Ransomware

GroupSense Unveils Ransomware Response Readiness Assessment

By Editorial Team on May 19, 2021 8:45:00 AM

Since the publishing of this blog post, GroupSense has rebranded the R3A into the Ransomware Response Readiness Subscription (R3S). You can find more information on the R3S service here.


ARLINGTON, Va., May 19, 2021 /PRNewswire/ -- GroupSense, a digital risk protection services company, today announced its Ransomware Response Readiness Assessment (R3A) service offering.

GroupSense's threat intelligence team, including experts who have extensive experience remediating ransomware attacks, will provide three core functions as part of this new service: a readiness assessment, to identify gaps in ransomware response capabilities; a response playbook, to provide a step-by-step action plan should an attack occur; and a tabletop exercise, to test and validate the playbook.

Topics: News Press Releases

Webcast: Ransomware in the Remote Work Era

By External Author on May 10, 2021 4:30:00 PM

Join this month's episode of The (Security) Balancing Act as Diana Kelley and guests discuss why ransomware is surging again, which sectors are most at risk, the threat to enterprises and how it is being used for more than just ransom (ex: distractionware, destructionware, etc).
- The rise in ransomware under the cloak of the pandemic
- Why email continues to be the channel of choice
- The difference between fully automated and human-operated campaigns
- How to decide whether or not to pay or not to pay the ransom
- Why your backups may not be immune to ransomware
- Addressing the threat with best practices

- Nicole Hoffman, Intelligence Analyst, GroupSense
- Courtney Radke, CISO for National Retail, Fortinet
- Patrick Lee, Senior Incident Response Consultant, Rapid7

Topics: Blog Video Webinar Ransomware

SIM Swapping: What Is It and How to Protect Yourself From It

By Editorial Team on Apr 27, 2021 12:15:57 PM


Recently, a hacker known as PeteRepete leaked over 533 million Facebook users’ personal information online. There were no passwords in the database, but it did contain full names, phone numbers, email addresses, employer information, and a few other pieces of information from Facebook users’ profiles. GroupSense confirmed only a small portion of the records contained email addresses, but almost all of the records contained a phone number. 

Topics: Blog

Cyber insurance companies need to focus more on risk profiles - and less on security ratings scores

By External Author on Apr 23, 2021 8:30:00 AM

Security ratings services have become a popular way for companies to assess their own cybersecurity posture, as well as that of their partners. And, while they are useful for establishing a data baseline of competence, they are often relied on as something more than that. For example, they’re used in boardrooms as “eye candy” to portray the state of company cyber-risk, with supply chain partners to manage third-party risk and, even more frightening, by insurance companies to create risk profiles for cyber-insurance policies.

Topics: News Blog

Punishing the victim won't stop ransomware

By External Author on Apr 8, 2021 8:45:00 AM

Imagine, for a moment, that you own a small business -- say, a regional dairy farm producing milk, ice cream, yogurt, and other products. And, like so many companies in the food manufacturing sector, you get hit by ransomware. You can’t access any of the data you need to run your business -- so you don’t know which products to ship, where to ship them, what prices you’ve negotiated, who’s paid and who hasn’t… everything is locked up. And, the clock is ticking -- you can’t tolerate extended downtime or products will spoil and customers will defect to other vendors.

Topics: News Ransomware

Ransomware negotiations: An inside look at the process

By External Author on Mar 29, 2021 8:45:00 AM

As ransomware attacks continue to surge across the globe, the demand for negotiation services has also increased -- and been hard to fill.

Topics: News Blog Ransomware

Big Game Hunting: CARBON SPIDER and SPRITE SPIDER Target ESXI Servers

By External Author on Mar 16, 2021 8:45:00 AM

Big Game Hunting, the targeted large-scale ransomware campaign, is now regarded as the primary cyber threat to organizations across all sectors including financial, healthcare, and government in 2021. Leaking stolen data in an effort to pressure victims into paying is part of a broader trend across the BGH ecosystem. In the recent headlines, the ransomware operators go beyond the traditional dominance of Windows operating systems and now target VMware ESXi hypervisor. In this Ransomware Battleground, let’s look at how SPRITE SPIDER(Defray777 Ransomware) and CARBON SPIDER (Parkside Ransomware) operate in volume tactics. How do Cybercrime actors now back to use Linux variants of ransomware configured specifically to affect ESXi hosts?

In this talk, we will cover:
- What are Big Game Hunting tactics? And what did ransomware operator behavior change during Covid-19? (from POS to ESXi)
- How do you defend encrypting virtual infrastructure in your corporate network? Credential harvesting and payload ingesting?
- Why is Agentless Zero Trust Isolation and Ransomware Kill Switch the answer to stop Hypervisor "Jackpotting"?

Topics: Video Webinar Ransomware

Dropbox Security Concerns

By Editorial Team on Mar 9, 2021 9:00:00 AM


Users quickly adopted the cloud storage tool Dropbox at the start of the COVID-19 pandemic to alleviate file sharing issues and facilitate group work. Updates to Dropbox Spaces, a project management tool, reflect this shift, easing communications for remote work.1 The file-sharing company seeks to enhance collaboration and information-sharing within a distributed workforce, both now and in the future.

Topics: Blog

5 minutes with Bryce Webster-Jacobsen - What the new CMMC Framework means for defense contractors

By External Author on Mar 8, 2021 8:45:00 AM

Threat actors have successfully targeted defense contractors over the years because they haven’t fully secured their networks, thus creating serious vulnerabilities in U.S. national security. To combat this challenge, the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) framework was born.

Topics: News

FedHeads Podcast Episode 145: Cybersecurity was on brand in 2020 - it was horrible

By External Author on Mar 1, 2021 8:45:00 AM

First a pandemic, then a major economic crisis . . .why not throw in an epic cyber attack? GroupSense CEO Kurtis Minder breaks it down for #FedHeads Francis Rose and Robert Shea and throws in a few ransomware war stories, too. Chilling.

Topics: News Podcast

Someone is selling VPN access to a city government in Arizona

By External Author on Feb 24, 2021 8:45:00 AM

A regular user of underground forums and illicit online marketplaces with a track record of selling stolen credentials that can be used to access government, university and corporate networks is attempting to sell access to systems belonging to a large city in Arizona, the cybersecurity intelligence firm GroupSense told StateScoop.

Topics: News

Interactive hacks went up by 400% in the past two years

By External Author on Feb 22, 2021 8:45:00 AM

The cybersecurity industry is often rife with hype around the topic of automation, with both IT security teams and malicious hacking groups steadily incorporating more tools and processes that can rapidly and automatically scan networks or process large datasets at speeds far faster than humans.

Topics: News

The negotiators taking on the ransomware hackers

By External Author on Feb 16, 2021 8:45:00 AM

Kurtis Minder has spent the past year negotiating six-figure ransom demands from gangs of ruthless criminals. Not for the safe return of kidnap victims, but for the release of valuable data that is being held hostage by hackers. Ransomware attacks, which see hackers lock up data or computer systems until they are paid off, have been one of the biggest cyber security headaches for the private and public sectors in the past year.

Topics: News Ransomware

How ransomware negotiation works

By External Author on Feb 15, 2021 8:45:00 AM

Ransomware has been one of the most devastating malware threats that organizations have faced over the past few years, and there's no sign that attackers will stop anytime soon. It’s just too profitable for them. Ransom demands have grown from tens of thousands of dollars to millions and even tens of millions because attackers have learned that many organizations are willing to pay.

Topics: News Ransomware

GroupSense Doubles Customer Base and Reports Significant Year-Over-Year Revenue Growth in 2020

By Editorial Team on Feb 10, 2021 8:45:00 AM

GroupSense, a digital risk protection services company, today announced several milestones from a successful 2020, including doubling its customers base, recording 60 percent year-over-year revenue growth and adding eight strategic partnerships, among many other accomplishments.

Topics: News Press Releases

Podcast: Hiring a ransomware negotiator: Tactics, tips and careers

By External Author on Jan 20, 2021 8:45:00 AM

Ever thought of hiring a ransomware negotiator, or becoming one yourself? On today’s episode, Kurtis Minder of GroupSense tells us what makes a good ransomware negotiator, why setting the right tone is crucial in a successful negotiation, and why, in the right situation, you can get away with referring to a ransomer as “grasshopper.”

Topics: News Video Ransomware

Major US City Signs Deal with GroupSense for COVID-19 Vaccine Misinformation and Supply Chain Cybersecurity Services

By Editorial Team on Jan 19, 2021 1:30:00 PM

ARLINGTON, Va.Jan. 19, 2021 /PRNewswire/ -- GroupSense, a digital risk protection services company, today announced it has signed a deal with a major U.S. city to provide its COVID-19 Vaccine Threat Protection offering. This first-of-its-kind service offering uses cyber threat monitoring, similar to the approach GroupSense uses in its Election Threat Protection offering. This service provides the most comprehensive package available to protect the city and its millions of residents against COVID-19 vaccine misinformation, disinformation and supply disruptions from cyberattacks, including ransomware attacks.

Topics: News Press Releases

The perils of organizing underground

By External Author on Jan 18, 2021 8:45:00 AM

Researchers see one bright spot as far-right extremists turn to private and encrypted online platforms: Friction.

Topics: News

Top pharma industry predictions for 2021

By External Author on Jan 18, 2021 8:45:00 AM

In many ways, the beginning of 2021 isn’t just one of the most welcome New Years of the modern era — it could also be a turning point between the pre-COVID and post-COVID worlds. 

Topics: News

Fringe right plots new attacks out of sight

By External Author on Jan 17, 2021 8:45:00 AM

Driving the news: Extremism researchers worry the threat is more diffuse than the openly plotted Jan. 6 attack in Washington, with far-right groups taking to non-mainstream channels to plan nationwide disruption and broadly whip up anger and calls to arms.

Topics: News

GroupSense to Join ThreatQuotient for CyberSocial Virtual Panel

By External Author on Jan 13, 2021 1:06:52 PM

CyberSocial IV: 

‘21 and Over!

2020 Threat Intel Recap and Look Ahead

JANUARY 28, 2021 at 4:00 PM ET

A new year is here!

Join ThreatQuotient’s SVP of Strategy, Jonathan Couch, for an interactive, PowerPoint-free panel discussion of the best and worst of 2020 as well as trends and predictions for the year ahead.

Bring your favorite happy hour beverage and join:

  • Kurtis Minder, Chief Executive Officer, GroupSense
  • Justin Henkel, Director, Cyber Threat Intelligence, CME Group
  • Aylea Baldwin, Threat Intelligence Lead, Reddit

Register today!

Topics: News Webinar

Five COVID-19 Vaccine Threat Predictions for 2021

By Editorial Team on Jan 12, 2021 8:45:00 AM

With the emergency approval of COVID-19 vaccines, many are (rightfully) starting to see the proverbial light at the end of the tunnel. Although GroupSense is hopeful 2021 will bring health, prosperity, and recovery from the global public health crisis, we are also cognizant of numerous cyber security threats that may derail the mass-vaccination process. Below are five of the many threats GroupSense expects to see as the world moves forward with COVID-19 vaccination efforts.

Topics: Blog

Ransomware Read Me First: Don't Get Scammed... Twice

By Editorial Team on Jan 11, 2021 8:45:00 AM

You were hit with ransomware. You panic. You search “ransomware response” or “ransomware repair” and among the top results is a link that reads “Recover Encrypted Files - Guaranteed.” Sounds like you found the solution! None of us wants to pay the ransomware operators. If there is a legitimate solution that avoids sending tens of thousands (if not millions) of dollars via cryptocurrency to threat actors overseas, it’s worth paying for.

Topics: Blog Ransomware

Overview of the SolarWinds Software Supply Chain Attack

By Editorial Team on Dec 17, 2020 1:39:15 PM


The cyber security industry is reeling from another large scale, targeted attack. What was initially reported as a breach of FireEye red team tools on December 8th has now been exposed as a much wider, potentially catastrophic breach affecting the SolarWinds Orion software. SolarWinds stated a threat actor inserted malware,  SUNBURST or Solorigate, into a service providing trojanized software updates for its Orion platform, used by public and private companies to track IT resources. To date (December 16th, 2020), as many as 18,000 organizations have been affected by SUNBURST, announced SolarWinds. On December 14, Reuters and the Washington Post reported the U.S. Department of Homeland Security (DHS), the State Department, and the National Institutes of Health (NIH) were also compromised as a result of the infected Orion distribution.

Topics: Blog

Ephemeral Messaging: Good for Users, Bad for Security Researchers

By Editorial Team on Dec 9, 2020 9:50:54 AM

The world’s most popular messaging and social media apps are rolling out new privacy features allowing users to send content that will self-delete after a short time. On November 5, WhatsApp announced “disappearing messages” that are automatically erased after a week; on November 12, WhatsApp’s parent company Facebook introduced “vanish mode” for Messenger and Instagram, seamlessly deleting messages after users leave their chat. And on November 17, Twitter launched “Fleets,” messages with 24-hour lifespans.

Topics: Blog

Video: Kurtis Minder - TechStrong TV #2

By External Author on Dec 8, 2020 8:45:00 AM

GroupSense CEO and Co-Founder Kurtis Minder ponders the question, "To negotiate or not negotiate on ransomware?"

Topics: News Ransomware

Consider these credentials when hiring a ransomware negotiator

By External Author on Dec 8, 2020 8:45:00 AM

2020 saw a significant increase in the number ransomware attacks due to the expanded attack surface and vulnerabilities caused by the pandemic and distributed workforce. On top of that, in October 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory noting that companies can be fined if they make a ransomware payment. This leaves companies in a tough spot – especially smaller ones with limited means that may be facing an existential crisis when they get attacked by ransomware.

Topics: News Ransomware

How Ransomware Defense Is Evolving With Ransomware Attacks

By External Author on Nov 24, 2020 8:45:00 AM

Ransomware became deadly in 2020.

Topics: News Ransomware

Podcast: Hacking Humans with Guest Kurtis Minder #3

By External Author on Nov 12, 2020 8:45:00 AM

Joe has a story about how Emotet is being used in phishing emails through thread hijacking, Dave's story is a two-fer: one is about bad guys using image manipulation and the other has Elon Musk giving away Bitcoin again taking advantage of the US election, The Catch of the Day is from a listener named John about an email-based vishing attack, and later in the show, later in the show, we welcome back Kurtis Minder of GroupSense on the burgeoning ransomware negotiation industry. 

Topics: News Ransomware Podcast

How to Avoid Paying Ransomware Ransoms

By External Author on Nov 10, 2020 11:00:00 AM

Last month, two agencies of the US Treasury department issued advisories warning against paying ransomware.

Topics: News Ransomware

Kurtis Minder of GroupSense: 5 Things You Need To Know To Optimize Your Company’s Approach to Data Privacy and Cybersecurity

By External Author on Nov 10, 2020 8:45:00 AM

As a part of our series about “5 Things You Need To Know To Tighten Up Your Company’s Approach to Data Privacy and Cybersecurity”, I had the pleasure of interviewing Kurtis Minder, CEO and co-founder of GroupSense.

Topics: News

Getting real about ransomware [Q&A]

By External Author on Nov 6, 2020 8:45:00 AM

For every high-profile ransomware incident in the headlines, there are many more that never get reported. Particularly among small- and medium-sized businesses, often with small IT and cybersecurity teams, a ransomware attack can be an existential problem.

Topics: News Ransomware

The 5 Reasons WhatsApp Could be a National Security Risk

By Editorial Team on Oct 28, 2020 1:35:00 PM

Republished from October 2019

Topics: Blog

Podcast: Kurtis Minder with Decipher Discusses Ransomware Negotiation

By External Author on Oct 22, 2020 10:00:00 AM

Kurtis Minder, CEO of GroupSense, joins Dennis Fisher to discuss the delicate process of ransomware negotiations and how enterprises are dealing with infections today.

Topics: News Ransomware Podcast

US Treasury Department ban on ransomware payments puts victims in tough position

By External Author on Oct 22, 2020 9:00:00 AM

It's not very clear what room for maneuvering is left for incident response companies to assist their clients with ransomware attacks and whether providing information about the attackers, engaging with them to test whether they're able to actually decrypt files or to negotiate a lower ransom would qualify as "facilitating" a transaction under the OFAC regulations. "Frankly, that puts us in an interesting situation with a client, where we say: 'Hey, we are not able to facilitate payments. Can we still negotiate on your behalf? Absolutely. And we can validate all the keys and do all of those things to get you to the point where you can do a transaction but we cannot do a transaction'," Kurtis Minder, CEO of threat intelligence firm GroupSense, tells CSO.

Topics: News Ransomware

Ransomware groups are going corporate

By External Author on Oct 21, 2020 9:00:00 AM

Kurtis Minder, CEO of GroupSense, a company that offers ransomware negotiation services, told SC Media that most large ransomware groups with multiple concurrent victims deploy automatic, pre-determined answers through the early stages of a negotiation until it progresses far enough to warrant human interaction. Similar to the business world, ransomware managers are seemingly looking to make sure their workers’ time is being spent wisely.

Topics: News Ransomware

Securing WhatsApp – What You Need to Know Today

By External Author on Oct 14, 2020 9:00:00 AM

Webinar on October 28th at 1:00 pm EDT

Topics: Webinar

Treasury Dept. Advisory Shines Spotlight on Ransomware Negotiators

By External Author on Oct 13, 2020 9:00:00 AM

Threat intelligence firm GroupSense is one recent example. Earlier this month, the company introduced a new service that it says can help ransomware victims navigate a slew of issues following an attack. According to GroupSense, it can help organizations evaluate and confirm attacks, negotiate with threat actors to reduce ransom demands, manage cryptocurrency payments, arrange for the destruction of any stolen data, and carry out other post-transaction activities.

Topics: News Ransomware

Ransomware Negotiation Do’s and Don’ts with an Expert Negotiator

By External Author on Oct 12, 2020 9:00:00 AM

Webinar on October 21st at 10:00 am!

No one ever expects it to happen to them. But with ransomware and cybercrime on the rise, it’s more likely than ever to discover that ransomware has locked down your system and cybercriminals are holding your data hostage. Kurtis Minder, an expert ransomware negotiator, advises executive teams when their worst cybersecurity nightmares come to life. Join us for an interview with Kurtis as we discuss:

Topics: Video Webinar Ransomware

Cybersecurity firm offers official Ransomware Negotiation Service

By External Author on Sep 29, 2020 3:56:07 PM

While FBI is urging ransomware victims not to pay any ransom to hackers as it encourages crime, a Cybersecurity firm from Virginia says that it will offer a ransomware consultation and negotiation service on an official note to deal with a situation.

Topics: News Ransomware

Think Before You Share: How Tweets Fuel the Infodemic

By Editorial Team on Sep 15, 2020 9:44:15 AM

Twitter is a fun and easy way to engage with pop culture and maybe even spark a spirited discussion. Many of us on twitter can retweet/share without thinking or researching what tweets truly say, causing them to spread quickly to a larger audience. But, the sad fact is, some tweets might end up being misinformation or disinformation, especially politically-oriented tweets.

Topics: Blog

Breached Passwords and Legacy Protocols Still Defeat Azure MFA

By Editorial Team on Sep 3, 2020 10:04:24 AM

In August 2020, Microsoft posted an article focused on email authentication utilizing their Azure Active Directory (AD) authentication and the use of Multi-Factor Authentication (MFA).

Topics: Blog

Five tips for managing information security in the post-COVID world

By External Author on Aug 31, 2020 9:00:00 AM

The COVID-19 pandemic has created many security challenges that will persist long after the crisis ends. As time passes, it appears that work-from-home will become more permanent. Couple that with rushed digital transformation projects and inflamed security vulnerabilities that if not addressed quickly will lead to serious security and compliance problems. As we look to 2021, here are some challenges security teams must address:

Topics: News

Foreign actors seeking to sow divisions by targeting Native American populations, cyber intelligence firms says

By External Author on Aug 27, 2020 8:30:00 AM

MADISON - Foreign actors are using social media to target Native American populations in an effort to create disruption and sow division ahead of the 2020 election, according to preliminary research from cyber reconnaissance company GroupSense.

Topics: News Elections

Shoring Up the 2020 Election: Secure Vote Tallies Aren’t the Problem

By External Author on Aug 25, 2020 10:00:00 AM

With the 2020 U.S. Presidential Election coming up in just two months, cybersecurity concerns are taking center stage for average citizens and politicians. That said, the likelihood of election results being impacted by an attack are slim, security researchers say. The focus should be on other problem-plagued election infrastructure issues that are ripe for attack.

Topics: News Elections

Trump pushes fringe beliefs mainstream

By External Author on Aug 25, 2020 9:30:00 AM

Using his social media megaphone, President Trump has pushed once-fringe beliefs into the consciousness of everyday Americans.

Topics: News Elections

GroupSense Offers Special Package of Services to Protect Elections from Misinformation, Disinformation and Cyber Attacks

By Editorial Team on Aug 19, 2020 8:00:00 AM

ARLINGTON, Va., Aug. 18, 2020 /PRNewswire/ -- GroupSense, a threat intelligence company, today announced a special package of its Election Threat Protection offering for state and city governments. This package of services includes a readiness assessment, pre-election preparations, and cyber threat monitoring both during and after an election. This approach to election security protects city and state governments and their citizens from cyberattacks on voting technology, mis/disinformation campaigns, ransomware attacks, hacktivism, physical threats and other crimes.

Topics: News Press Releases

The COVID-19 vaccine: A developing tale of black and cornered markets

By External Author on Aug 13, 2020 4:00:00 PM

What’s the single most valuable product in the world? 

Topics: News

Stopping Disinformation: A 'How To' Guide

By Editorial Team on Aug 6, 2020 1:17:07 PM

Topics: Blog Elections

Livestream: Election 2020 and the Cyber Security Impact

By External Author on Aug 5, 2020 4:30:00 PM

Kurtis Minder joined Security Guy TV for a quick discussion on election security for the upcoming 2020 election. 

Topics: News Video Elections

QAnon's 2020 resurgence

By External Author on Aug 4, 2020 12:30:00 PM

The strange realities of 2020 have perfectly played to the kind of fear QAnon thrives on, driving record online interest in the conspiracy theory.

Topics: News Elections

America’s meme machine is fueling the populist movement globally

By External Author on Aug 4, 2020 12:00:00 PM

The QAnon conspiracy is picking up steam abroad, particularly in Europe, where populist movements are on the rise.

Topics: News Elections

Livestream: 'Data' vs 'Intelligence' What's the Difference?

By External Author on Aug 4, 2020 8:00:00 AM

Kurtis Minder joins Security Guy TV as part of the RSA pre-show interview to discuss the differences between "data" and "intelligence." 

Topics: News Video

How Should I Securely Destroy/Discard My Devices?

By External Author on Aug 3, 2020 8:00:00 AM

Question: How should I securely destroy/discard my devices?

Topics: News

How GroupSense uses 'cyber double agents' to rescue businesses' private information from the dark web and identify future leaks

By External Author on Jul 17, 2020 11:00:00 AM

A 2020 study on US consumers and cybercrime recorded nearly 1,500 significant data breaches in 2019 resulting in the exposure of more than 164 million sensitive records. Meanwhile, one executive of a major US accounting firm argued that 2020 may be one of the most fraud-rich environments in our nation's history.

Topics: Insider News

Threat Intelligence in a Big Data World

By External Author on Jul 7, 2020 12:00:00 PM

Threat intelligence is an important piece of any size organization’s cybersecurity system. But effective threat intelligence often fails is because threat analysis teams aren’t aligning themselves to the business, so they may be looking at the big picture of threats rather than for specific industry vertical threats. In the age of big data and data privacy regulations, this could be leaving an organization open to a damage data breach.

Topics: News Webinar

Expert Roundtable to Discuss the State of Threat Intelligence, Featuring Digital Shadows, Flashpoint, GroupSense and Recorded Future

By Editorial Team on Jun 26, 2020 11:00:00 AM

ARLINGTON, Va., June 26, 2020 /PRNewswire/ -- GroupSense, a cyber reconnaissance company, today announced it will host an online expert roundtable discussion, titled "Threat Intel in the Real World," on Wednesday, July 1 at 2:30 p.m. EDT. The roundtable is open to the public – people who would like to attend can register now. The roundtable will also be available to view on-demand, beginning immediately after the conclusion of the live session.  Attendees will have the opportunity to ask questions to roundtable members.

Topics: News Press Releases Webinar

Threat Intel in the Real World: An Expert Roundtable

By Editorial Team on Jun 24, 2020 8:00:00 AM

Find out what happens…when intel analysts stop being polite…and start getting real.

Today’s typical enterprise security team subscribes to at least four, often more, intelligence feeds, which analysts must comb through to find relevant information for operationalization. As a result, most threat intel has become “yet another tool to manage.” It’s simply not practical to expect every security organization to be able to hire threat intelligence analysts to make sense out of the feeds. Vendors need to deliver “threat-analyst-in-a-box” capabilities, so intelligence can be operationalized with minimal intervention.

Topics: News Webinar

Video: Kurtis Minder - TechStrong TV

By External Author on Jun 23, 2020 12:00:00 PM

Kurtis Minder, GroupSense CEO, talks with Charlene O'Hanlon about the black market and Dark Web activities as they pertain to COVID-19.

Topics: News Video

Podcast: Hacking Humans with Guest Kurtis Minder #2

By Editorial Team on Jun 18, 2020 8:00:00 AM

Dave shares a story of an attempt on his father's Verizon account, Joe has the story of an Amazon gift card phishing attempt, The Catch of the Day is a funny phishing email, and later in the show, Joe checks in with Kurtis Minder from GroupSense. They dig a little deeper into some of the topics Kurtis discussed in his previous appearance on our show. 

Topics: News Podcast

Exposing the dark web coronavirus scammers

By External Author on Jun 15, 2020 1:09:28 PM

Dan Patterson: Kurtis Minder works for GroupSense, and they have been tracking some of the most outrageous coronavirus scams. Kurtis, what are you seeing right now that people need to pay attention to?

Topics: News

Fireside chat with Kurtis Minder, Co-Founder and CEO of GroupSense

By External Author on Jun 10, 2020 5:00:00 PM

David Raviv will be hosting Kurtis Minder for a virtual fireside chat to talk operational security and other cyber security topics. Hear what he has to say at the meetup tomorrow at 5:00 pm EST by signing up!

Topics: News

Preventative Medicine: Pharmaceutical Company Uses Targeted Intel to Stop IP Theft

By External Author on May 18, 2020 10:43:48 PM


With the average cost to bring a new drug to market surging upwards of $2.5 billion, our client
wanted to get in front of any mentions of trial drugs before they were officially available. GroupSense worked closely with the client, a global pharmaceutical company, to fight back against IP fraud.

Our threat intelligence analysts identified a syndicate claiming to have access to name-brand medications. Whether the activities were from the physical theft of medication, or manufacturing of counterfeit drugs, the end result was the same: a negative impact on the client's reputation. A response was needed.

Armed with superior intelligence provided by GroupSense, our client quickly took action to prevent further activities from the threat actor group responsible. Understanding how an individual threat actor or group operates empowered our client to modify their own processes in the future to prevent recurrences.

Topics: Case Study

Manufacturing a Stronger Supply Chain: When People are the Weak Link

By External Author on May 18, 2020 10:37:35 PM

Humans were the weak link in this tech giant’s supply chain. Motivated by easy access to dark web marketplaces, assembly line workers had no qualms about using their access to  intellectual property for personal gain.

Topics: Case Study

M&A Process Changes: Assess Digital Risk Before You Make That First Call

By External Author on Apr 30, 2020 2:35:00 PM

Information and cybersecurity audits are a fundamental part of the M&A due diligence process. Given the impact of a breach on potential valuation, market acceptance, public relations and brand value, the security posture of a business being considered for an acquisition is a key element in understanding the liability, risk and value of the business.

Topics: News

5 ways COVID-19 is reshaping the cybercrime economy

By External Author on Apr 30, 2020 1:54:00 PM

As the COVID-19 pandemic pushes the above-ground economy to the brink of a major recession, the cybercrime economy appears to still be hard-charging ahead. And yet, the virus has rapidly reshaped the way business is being done on the dark web, as buyers and sellers jump on the opportunity to capitalize on global fears, as well as dramatic shifts in supply and demand.

Topics: News

Credit unions know Zoom isn’t secure. They’re using it anyway.

By External Author on Apr 28, 2020 5:45:00 PM

Videoconferencing tools may help bridge the communication gap credit unions are currently facing during the coronavirus, but at what cost?

Business continuity has been strained as credit union employees work remotely. To help with that, many management teams have turned to videoconferencing to keep their institutions running and employees informed.

However, the last few weeks have unveiled a host of cybersecurity concerns with the popular video messaging platform Zoom. There have been problems with end-to-end encryption, and hackers have been able to access the webcams of users. As a result, thousands of personal photos and email addresses of users have been exposed. And that's just the tip of the iceberg for Zoom's cyber vulnerabilities.

Despite this, credit unions are still using the software.

Topics: News

CNN Discusses Prescription Black Market

By External Author on Apr 23, 2020 5:46:00 PM

There are currently sellers on the dark web, offering what they claim is hydroxychloroquine, according to GroupSense, a cyber intelligence firm based in Virginia. Some of the posts are obvious scams, but others are from sellers with strong reviews who are considered reliable.
Topics: News

Podcast: Hacking Humans with Guest Kurtis Minder

By External Author on Apr 23, 2020 1:51:00 PM

Dave warns of fake QR code websites stealing Bitcoin, Joe has the return of classic cons, the Catch of the Day forgets one crucial element, and later in the show, our interview with Kurtis Minder. He’s with a company called GroupSense and they’ve been commemorating the 20th anniversary of the Dark Web.

Topics: News Podcast

Channel Happy Hour Episode 278: COVID-19 Crunch Time

By External Author on Apr 20, 2020 1:46:00 PM

What the Podcast Talks About:

Topics: News

GroupSense Shares Instances of COVID-19 Fraud

By External Author on Apr 16, 2020 1:37:00 PM

With trillions of dollars of financial aid being made available to help individuals and organizations weather the COVID-19 pandemic, it should come as no surprise there is now a massive wave of attempts being made to divert those funds into the hands of cybercriminals.

Topics: News

Morning Cybersecurity

By External Author on Apr 14, 2020 1:32:00 PM

GroupSense named Adam Bregenzer as chief technology officer and Jeffrey Duran as chief marketing officer. Prior to joining GroupSense, Bregenzer was a senior engineering manager at Venmo. Duran, who has had stints with Verizon and U.S. Army Cyber Command, most recently was vice president of marketing for threat investigation company Nisos.

Topics: News

Managed Security Services Provider (MSSP) News: 13 April 2020

By External Author on Apr 13, 2020 12:07:00 PM

Talent – Digital Risk Mitigation: GroupSense has named Adam Bregenzer as chief technology officer and Jeffrey Duran as chief marketing officer.

Topics: News

GroupSense Names Adam Bregenzer Chief Technology Officer and Jeffrey Duran Chief Marketing Officer

By Editorial Team on Apr 13, 2020 12:05:00 PM

ARLINGTON, Va.April 13, 2020 /PRNewswire/ -- GroupSense, a digital risk protection company, today announced it has named Adam Bregenzer as chief technology officer and Jeffrey Duran as chief marketing officer. Bregenzer will be responsible for the direction and implementation of GroupSense's technology roadmap, particularly in the area of frictionless delivery of finished, actionable digital risk intelligence into customer security operations. Duran, a veteran of the cybersecurity industry, will lead the vision and strategy for the company's marketing operations.

Topics: News Press Releases

The Intersection of Cyber Crime and Coronavirus Stimulus: The Perfect Storm for Fraud

By External Author on Apr 13, 2020 12:03:00 PM

The $2 trillion Coronavirus Aid, Relief, and Economic Security Act will provide economic relief to millions of businesses and taxpayers during the coronavirus pandemic. This stimulus bill may recall the last time government injected a huge sum of money into the U.S. economy— via the 2009 American Recovery and Reinvestment Act, following the 2008 mortgage crisis. But this time, the fraud risks are far more extensive due to the emergence of cyber crime.

Topics: News

Webinar- Detecting and Preventing Fraud in the Age of COVID-10: What You Need to Know

By External Author on Apr 7, 2020 11:52:00 AM

Please join us for insights on what your organization can do now and moving forward to proactively prevent fraud in these uncertain times. Our group of fraud experts will explore the risks posed by recent events with a focus on how fraud professionals can minimize risk through a series of tools and techniques, and help their organizations to keep going.

Topics: News Webinar

How Do I Make Sure My Work-From-Home Users Install Updates?

By External Author on Apr 7, 2020 11:47:00 AM

Question: How do I make sure my work-from-home users install updates?

Topics: News

Are Companies Turning a Blind Eye to Their Lost Data on the Dark Web?

By External Author on Mar 25, 2020 11:42:00 AM

Cybersecurity practitioners who scan the dark web for threats against a client, or its stolen assets, also commonly spot data or assets belonging to non-client organizations and offer courtesy reports to those businesses.

Topics: News

The dark web turns 20 this month. From black market hotspots to facilitating the Arab Spring, here's how it changed the world.

By External Author on Mar 21, 2020 4:45:00 PM

The dark web, a segment of the internet used by outlaws, dissidents, and hackers to share information without scrutiny, will turn 20 years old this month.

Topics: News

Closing the Regulatory Loop: Third-Party Breach Notification

By External Author on Mar 19, 2020 11:28:00 AM

According to AT&T's A CEO Guide to Navigating the Threat Landscape report, approximately, 50 percent of data breaches are first detected by the breached company's employees. What about the other 50 percent? Those notifications are more-or-less evenly distributed across law enforcement, customers and service providers. 

Topics: News

Everyone Here is a Criminal or Spy: How Darknet Groups Operate

By External Author on Mar 18, 2020 11:17:00 AM

Darknet groups where corporate employees illegally peddle inside information come with their own sets of rules.

Topics: News

Insiders Sell Employer's Secrets on Darknet Bazaars

By External Author on Mar 18, 2020 11:10:00 AM

In the hidden corners of the internet, company insiders routinely offer access to their employers’ computer systems, sensitive client information and even advance looks at financial statements and business deals, security professionals say. Experts say little can be done to stop them.

Topics: News

The Dark Web turns 20 this month

By External Author on Mar 13, 2020 5:44:00 PM

While we're all being encouraged to sing 'Happy Birthday' as we wash our hands to ward off the COVID-19 virus, you might like to know that you can sing it to the Dark Web, which turns 20 this month.

Topics: News

Dark Web Timeline

By Editorial Team on Mar 4, 2020 11:45:00 AM

The dark web has been around for 20 years, and in “celebration” we’ve put together a timeline of the major events from these past two decades. It’s important to note that many events have formed it into the dark web we see today. This is only a taste of its history…

Topics: Blog

Managed Security Services Provider (MSSP) News: 03 March 2020

By External Author on Mar 3, 2020 5:42:00 PM

Alliance – Risk Mitigation: GroupSense, a digital risk protection company, and Grant Thornton LLP, one of the nation’s largest audit, tax and advisory firms, have teamed to offer a digital crime mitigation solution, the companies say.

Topics: News

GroupSense and Grant Thornton Announce Technology Alliance

By Editorial Team on Mar 2, 2020 5:41:00 PM

ARLINGTON, Va.March 2, 2020 /PRNewswire/ -- GroupSense, a digital risk protection company, and Grant Thornton LLP, one of the nation's largest audit, tax and advisory firms, have teamed to offer a digital crime mitigation solution. The new solution couples GroupSense's operationally ready intelligence, gathered through both automated and human reconnaissance, with Grant Thornton's cyber and fraud risk, data privacy and due diligence offerings to give Grant Thornton clients a powerful, tailored solution for identifying and mitigating vulnerabilities in their digital environments. 

Topics: News

How Should I Answer a Nontech Exec Who Asks, 'How Secure Are We?'

By External Author on Feb 26, 2020 5:38:00 PM

Question: How should I answer a nontech exec who asks, "How secure are we?"

Topics: News

GroupSense Wins Esteemed InfoSec Award During RSA Conference 2020

By Editorial Team on Feb 25, 2020 5:35:00 PM

SAN FRANCISCOFeb. 25, 2020 /PRNewswire/ -- RSA Conference -- GroupSense, a digital risk protection company, today announced it was honored with the "Most Innovative Security Team of the Year" award as part of the InfoSec Awards program from Cyber Defense Magazine (CDM), one of the industry's most influential electronic information security magazines.

Topics: News

Livestream: Digital Risk Management & Threat-Intelligence Overload

By External Author on Feb 14, 2020 5:35:00 PM

Kurtis Minder joins Security Guy TV as part of the RSA pre-show interview to discuss how companies are overwhelmed with intelligence and how a human element can improve their security processes.

Topics: News

Podcast: Pros and Cons of Notifying Breached Companies

By External Author on Feb 5, 2020 5:23:00 PM

Spoofed emails may be an Iranian espionage effort. And the confessed Ninendo hacker cops a plea. Craig Williams from Cisco Talos with updates on Emotet. Guest is Kurtis Minder from GroupSense on the Pros and Cons of notifying breached companies at 6:15.

Topics: News Podcast

Biometric Security: More Risk than Reward

By Editorial Team on Feb 4, 2020 1:57:00 PM

Using biometrics for authentication has always been a source of controversy. At face value, it seems like a fool-proof way to authenticate users (everyone has unique fingerprints, right?). But dig a level deeper, and biometric access management systems store that fingerprint (or iris, or facial map, or walking gait) as data. And, we all know what happens to data if it’s not protected properly. Which brings us to the big problem with biometrics: while passwords can be changed if there’s a data breach, fingerprints and other biometric data are permanent. One breach of a biometrics database is all it takes for someone to lose their identity for a lifetime.

Topics: Blog

GroupSense and Cybraics Form Strategic Technology Alliance

By Editorial Team on Jan 14, 2020 5:16:00 PM

ARLINGTON, Va.Jan. 14, 2020 /PRNewswire/ -- GroupSense, a digital risk management company, and Cybraics, a security analytics and artificial intelligence (AI) company, today announced a strategic technology partnership. GroupSense's customer-specific, operationally ready intelligence, which is gathered and pre-processed through both automated and human reconnaissance, combined with Cybraics' advanced AI-based threat detection, will provide enterprises with an unparalleled end-to-end security-as-a-service offering to prevent and remediate cyberattacks.

Topics: News

What Tools Will Find Misconfigurations in my AWS S3 Cloud Buckets?

By External Author on Jan 6, 2020 5:14:00 PM

Question: Are there any tools that can help me find misconfigurations in my AWS S3 cloud buckets?

Topics: News

Should I Have A Security Travel Policy to Protect Devices and Sensitive Data?

By External Author on Dec 20, 2019 5:08:00 PM

Question: Should I have a security travel policy to protect devices and sensitive data, particularly when our staff are crossing international borders?

Topics: News

Tempting, but just say no to public charging stations and Wi-Fi

By External Author on Dec 16, 2019 5:05:00 PM

We've all been there. The battery percentage on your mobile is in the red and you forgot your charger. And, you're expecting an important call. Luckily, you remember there's a public charging station at the discount department store at the local strip mall. 

Topics: News

Poor security, not just password reuse, to blame for Disney+ breach

By External Author on Nov 21, 2019 4:50:00 PM

“All it takes is faith and trust, oh! and something I forgot: dust,” Peter Pan tells Wendy, John, and Michael in Disney’s 1953 adaptation of J.M. Barrie’s novel. But after a widespread breach of the entertainment company’s new Disney+ accounts, at least one cybersecurity research company is indicating that its new streaming service needs more than a magical concoction to fly among those it’d qualify as reasonably secure.

Topics: News

A CISO's Perspective: Michael Lines Shares How CISOs Can Succeed

By Editorial Team on Jun 4, 2019 11:47:00 PM

As a CISO, you constantly worry if today is the day you’ll have a security incident. It’s a common problem. There are huge expectations on you and your team, but the support from the business is not always in line with those expectations.

Topics: Blog

The WhatsApp attack didn't target you. But here's why you should still care

By External Author on May 17, 2019 8:30:00 AM

The WhatsApp vulnerability revealed earlier this week sounds terrifying.

Topics: News

The Rise of Cyber Threat Intelligence in the War on Internet Fraud

By Editorial Team on Jan 29, 2019 11:50:00 PM

Stolen digital information accelerates and enables fraud. This simple truth is changing the way organizations think about protecting themselves from fraudsters. A recent example drives this point home. Ridesharing has become part of our daily life—Uber and Lyft are ubiquitous across the United States and abroad. Not long ago, someone began ordering rides and then contacting the drivers via phone. This is possible given that rideshare applications offer up the driver’s phone number once a ride is hailed. The fraudster would spoof the calling number to look like it came from the rideshare HQ and then tell the driver to cancel their ride with “Mark,” which the driver recognized as the passenger’s name, and pull over.

Topics: Blog

The strange birth, death and rebirth of a Russian troll account called 'AllForUSA'

By External Author on Aug 16, 2018 2:40:00 PM

An Indiana man named Jesse D. Allen created a website in 2005 with the title, apparently to pursue some business interests, but he soon abandoned the site. A decade later, at the age of 80, Allen died.

But AllForUSA was just getting started.

Topics: News

How To Use The Intelligence Cycle To Secure Your Brand

By Editorial Team on Oct 9, 2017 9:30:00 AM

One of the most fundamental aspects in the world of intelligence is the application of a process known as The Intelligence Cycle.  It enables intelligence professionals regardless of the area of focus – from Counterterrorism to Cyber security – to establish a plan of action and execute on that plan to deliver a high-quality intelligence product to the client.

Topics: Blog