Monitoring deep, dark and surface web to detect exposure of your sensitive data, secret projects and initiatives, privileged users, critical systems, IT infrastructure, and more.
Monitoring and alerting of third party data breaches impacting your employees’ emails, usernames, and personally identifiable information.
Assess the risk footprint and security posture of key business relationships to get a handle on external risk introduced through your extended attack surface.

Sign Up for Updates

Digital risk monitoring of key personnel with telemetry and risk metrics. VIPRecon provides broad coverage of social media, deep and dark web, as well as physical threat assessments.
Our Ransomware Response Readiness Assessment, Playbook and Table Top Exercise gives your organization the best chance to survive and recover.
Gain visibility of your digital footprint by reaching into the most active areas of the cyber underground.
Fully managed and tailored Threat Intelligence services that becomes an extension of your current security processes and provides real-time visibility on new threats.
Providing research and investigations into known threats, to save security teams time and stress during a cyber emergency.

Sign Up for Updates

GroupSense offers a comprehensive package of services for assessing and responding to ransomware attacks, including negotiations with threat actors.
Actively researching and monitoring threats from vendors or third-party companies that can affect organizational security.
Monitoring for threats to elections, VIPs, and more on social media to proactively prevent or mitigate digital risk.
Focusing on the threats and risks that matter to your security processes and providing intelligence and insights to prevent or mitigate digital risk.
Taking the next step in security services, by proactively taking down phishing sites or anonymously interacting with threat actors to provide better intelligence.
Active monitoring of your brand's digital assets to protect its reputation and stop further brand abuse from targeting unsuspecting victims.

Sign Up for Updates

Combining your cyber and fraud programs to effectively fight threat actors continually scamming or threatening assets within an organization.
Executives are prime targets for fraudulent activities, but with a proactive approach, any attacks or threats can be neutralized before causing any damage.
Governments, political parties and candidates must all act now to activate cyber threat intelligence services to harden their information security and get ahead of inevitable cyber threats to the election process.


Kaseya Ransomware Incident

By Editorial Team on Jul 2, 2021 5:43:58 PM

GroupSense analysts became aware of a wide-spread attack leveraging Kaseya’s Vector Signal Analysis (VSA) platform, commonly in use by Managed Service Providers.


Topics: Blog Ransomware

Webcast: Ransomware in the Remote Work Era

By External Author on May 10, 2021 4:30:00 PM

Join this month's episode of The (Security) Balancing Act as Diana Kelley and guests discuss why ransomware is surging again, which sectors are most at risk, the threat to enterprises and how it is being used for more than just ransom (ex: distractionware, destructionware, etc).
- The rise in ransomware under the cloak of the pandemic
- Why email continues to be the channel of choice
- The difference between fully automated and human-operated campaigns
- How to decide whether or not to pay or not to pay the ransom
- Why your backups may not be immune to ransomware
- Addressing the threat with best practices

- Nicole Hoffman, Intelligence Analyst, GroupSense
- Courtney Radke, CISO for National Retail, Fortinet
- Patrick Lee, Senior Incident Response Consultant, Rapid7

Topics: Blog Video Webinar Ransomware

SIM Swapping: What Is It and How to Protect Yourself From It

By Editorial Team on Apr 27, 2021 12:15:57 PM


Recently, a hacker known as PeteRepete leaked over 533 million Facebook users’ personal information online. There were no passwords in the database, but it did contain full names, phone numbers, email addresses, employer information, and a few other pieces of information from Facebook users’ profiles. GroupSense confirmed only a small portion of the records contained email addresses, but almost all of the records contained a phone number. 

Topics: Blog

Cyber insurance companies need to focus more on risk profiles - and less on security ratings scores

By External Author on Apr 23, 2021 8:30:00 AM

Security ratings services have become a popular way for companies to assess their own cybersecurity posture, as well as that of their partners. And, while they are useful for establishing a data baseline of competence, they are often relied on as something more than that. For example, they’re used in boardrooms as “eye candy” to portray the state of company cyber-risk, with supply chain partners to manage third-party risk and, even more frightening, by insurance companies to create risk profiles for cyber-insurance policies.

Topics: News Blog

Ransomware negotiations: An inside look at the process

By External Author on Mar 29, 2021 8:45:00 AM

As ransomware attacks continue to surge across the globe, the demand for negotiation services has also increased -- and been hard to fill.

Topics: News Blog Ransomware

Dropbox Security Concerns

By Editorial Team on Mar 9, 2021 9:00:00 AM


Users quickly adopted the cloud storage tool Dropbox at the start of the COVID-19 pandemic to alleviate file sharing issues and facilitate group work. Updates to Dropbox Spaces, a project management tool, reflect this shift, easing communications for remote work.1 The file-sharing company seeks to enhance collaboration and information-sharing within a distributed workforce, both now and in the future.

Topics: Blog

Five COVID-19 Vaccine Threat Predictions for 2021

By Editorial Team on Jan 12, 2021 8:45:00 AM

With the emergency approval of COVID-19 vaccines, many are (rightfully) starting to see the proverbial light at the end of the tunnel. Although GroupSense is hopeful 2021 will bring health, prosperity, and recovery from the global public health crisis, we are also cognizant of numerous cyber security threats that may derail the mass-vaccination process. Below are five of the many threats GroupSense expects to see as the world moves forward with COVID-19 vaccination efforts.

Topics: Blog

Ransomware Read Me First: Don't Get Scammed... Twice

By Editorial Team on Jan 11, 2021 8:45:00 AM

You were hit with ransomware. You panic. You search “ransomware response” or “ransomware repair” and among the top results is a link that reads “Recover Encrypted Files - Guaranteed.” Sounds like you found the solution! None of us wants to pay the ransomware operators. If there is a legitimate solution that avoids sending tens of thousands (if not millions) of dollars via cryptocurrency to threat actors overseas, it’s worth paying for.

Topics: Blog Ransomware

Overview of the SolarWinds Software Supply Chain Attack

By Editorial Team on Dec 17, 2020 1:39:15 PM


The cyber security industry is reeling from another large scale, targeted attack. What was initially reported as a breach of FireEye red team tools on December 8th has now been exposed as a much wider, potentially catastrophic breach affecting the SolarWinds Orion software. SolarWinds stated a threat actor inserted malware,  SUNBURST or Solorigate, into a service providing trojanized software updates for its Orion platform, used by public and private companies to track IT resources. To date (December 16th, 2020), as many as 18,000 organizations have been affected by SUNBURST, announced SolarWinds. On December 14, Reuters and the Washington Post reported the U.S. Department of Homeland Security (DHS), the State Department, and the National Institutes of Health (NIH) were also compromised as a result of the infected Orion distribution.

Topics: Blog

Ephemeral Messaging: Good for Users, Bad for Security Researchers

By Editorial Team on Dec 9, 2020 9:50:54 AM

The world’s most popular messaging and social media apps are rolling out new privacy features allowing users to send content that will self-delete after a short time. On November 5, WhatsApp announced “disappearing messages” that are automatically erased after a week; on November 12, WhatsApp’s parent company Facebook introduced “vanish mode” for Messenger and Instagram, seamlessly deleting messages after users leave their chat. And on November 17, Twitter launched “Fleets,” messages with 24-hour lifespans.

Topics: Blog