Monitoring deep, dark and surface web to detect exposure of your sensitive data, secret projects and initiatives, privileged users, critical systems, IT infrastructure, and more.
Monitoring and alerting of third party data breaches impacting your employees’ emails, usernames, and personally identifiable information.
Assess the risk footprint and security posture of key business relationships to get a handle on external risk introduced through your extended attack surface.

Sign Up for Updates

Digital risk monitoring of key personnel with telemetry and risk metrics. VIPRecon provides broad coverage of social media, deep and dark web, as well as physical threat assessments.
Gain visibility of your digital footprint by reaching into the most active areas of the cyber underground.
Fully managed and tailored Threat Intelligence services that becomes an extension of your current security processes and provides real-time visibility on new threats.
Providing research and investigations into known threats, to save security teams time and stress during a cyber emergency.

Sign Up for Updates

GroupSense offers a comprehensive package of services for assessing and responding to ransomware attacks, including negotiations with threat actors.
Actively researching and monitoring threats from vendors or third-party companies that can affect organizational security.
Monitoring for threats to elections, VIPs, and more on social media to proactively prevent or mitigate digital risk.
Focusing on the threats and risks that matter to your security processes and providing intelligence and insights to prevent or mitigate digital risk.
Taking the next step in security services, by proactively taking down phishing sites or anonymously interacting with threat actors to provide better intelligence.
Active monitoring of your brand's digital assets to protect its reputation and stop further brand abuse from targeting unsuspecting victims.

Sign Up for Updates

Combining your cyber and fraud programs to effectively fight threat actors continually scamming or threatening assets within an organization.
Executives are prime targets for fraudulent activities, but with a proactive approach, any attacks or threats can be neutralized before causing any damage.
Governments, political parties and candidates must all act now to activate cyber threat intelligence services to harden their information security and get ahead of inevitable cyber threats to the election process.
shutterstock_1115351222

Resources

External Author


Recent posts by External Author

Punishing the victim won't stop ransomware

By External Author on Apr 8, 2021 8:45:00 AM

Imagine, for a moment, that you own a small business -- say, a regional dairy farm producing milk, ice cream, yogurt, and other products. And, like so many companies in the food manufacturing sector, you get hit by ransomware. You can’t access any of the data you need to run your business -- so you don’t know which products to ship, where to ship them, what prices you’ve negotiated, who’s paid and who hasn’t… everything is locked up. And, the clock is ticking -- you can’t tolerate extended downtime or products will spoil and customers will defect to other vendors.

Topics: News Blog

Ransomware negotiations: An inside look at the process

By External Author on Mar 29, 2021 8:45:00 AM

As ransomware attacks continue to surge across the globe, the demand for negotiation services has also increased -- and been hard to fill.

Topics: Blog

Big Game Hunting: CARBON SPIDER and SPRITE SPIDER Target ESXI Servers

By External Author on Mar 16, 2021 8:45:00 AM

Big Game Hunting, the targeted large-scale ransomware campaign, is now regarded as the primary cyber threat to organizations across all sectors including financial, healthcare, and government in 2021. Leaking stolen data in an effort to pressure victims into paying is part of a broader trend across the BGH ecosystem. In the recent headlines, the ransomware operators go beyond the traditional dominance of Windows operating systems and now target VMware ESXi hypervisor. In this Ransomware Battleground, let’s look at how SPRITE SPIDER(Defray777 Ransomware) and CARBON SPIDER (Parkside Ransomware) operate in volume tactics. How do Cybercrime actors now back to use Linux variants of ransomware configured specifically to affect ESXi hosts?

In this talk, we will cover:
- What are Big Game Hunting tactics? And what did ransomware operator behavior change during Covid-19? (from POS to ESXi)
- How do you defend encrypting virtual infrastructure in your corporate network? Credential harvesting and payload ingesting?
- Why is Agentless Zero Trust Isolation and Ransomware Kill Switch the answer to stop Hypervisor "Jackpotting"?

Topics: Video Webinar

5 minutes with Bryce Webster-Jacobsen - What the new CMMC Framework means for defense contractors

By External Author on Mar 8, 2021 8:45:00 AM

Threat actors have successfully targeted defense contractors over the years because they haven’t fully secured their networks, thus creating serious vulnerabilities in U.S. national security. To combat this challenge, the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) framework was born.

Topics: News

FedHeads Podcast Episode 145: Cybersecurity was on brand in 2020 - it was horrible

By External Author on Mar 1, 2021 8:45:00 AM

First a pandemic, then a major economic crisis . . .why not throw in an epic cyber attack? GroupSense CEO Kurtis Minder breaks it down for #FedHeads Francis Rose and Robert Shea and throws in a few ransomware war stories, too. Chilling.

Topics: News

Someone is selling VPN access to a city government in Arizona

By External Author on Feb 24, 2021 8:45:00 AM

A regular user of underground forums and illicit online marketplaces with a track record of selling stolen credentials that can be used to access government, university and corporate networks is attempting to sell access to systems belonging to a large city in Arizona, the cybersecurity intelligence firm GroupSense told StateScoop.

Topics: News

Interactive hacks went up by 400% in the past two years

By External Author on Feb 22, 2021 8:45:00 AM

The cybersecurity industry is often rife with hype around the topic of automation, with both IT security teams and malicious hacking groups steadily incorporating more tools and processes that can rapidly and automatically scan networks or process large datasets at speeds far faster than humans.

Topics: News

The negotiators taking on the ransomware hackers

By External Author on Feb 16, 2021 8:45:00 AM

Kurtis Minder has spent the past year negotiating six-figure ransom demands from gangs of ruthless criminals. Not for the safe return of kidnap victims, but for the release of valuable data that is being held hostage by hackers. Ransomware attacks, which see hackers lock up data or computer systems until they are paid off, have been one of the biggest cyber security headaches for the private and public sectors in the past year.

Topics: News

How ransomware negotiation works

By External Author on Feb 15, 2021 8:45:00 AM

Ransomware has been one of the most devastating malware threats that organizations have faced over the past few years, and there's no sign that attackers will stop anytime soon. It’s just too profitable for them. Ransom demands have grown from tens of thousands of dollars to millions and even tens of millions because attackers have learned that many organizations are willing to pay.

Topics: News

Podcast: Hiring a ransomware negotiator: Tactics, tips and careers

By External Author on Jan 20, 2021 8:45:00 AM

Ever thought of hiring a ransomware negotiator, or becoming one yourself? On today’s episode, Kurtis Minder of GroupSense tells us what makes a good ransomware negotiator, why setting the right tone is crucial in a successful negotiation, and why, in the right situation, you can get away with referring to a ransomer as “grasshopper.”

Topics: News Video