Resecurity

In an era where cybercrime poses a pervasive threat to individuals, corporations, and governments worldwide, Resecurity and Cybercrime Atlas by World Economic Forum have forged a partnership aimed at disrupting the global cybercriminal ecosystem. Following the 54th Annual Meeting of The World Economic Forum at Davos-Klosters (Switzerland), this strategic alliance supported by founding members in face of Santander, Fortinet, Microsoft, and PayPal marks a significant milestone in the ongoing battle against cyber threats, bringing together our expertise and Cybercrime Atlas's network to enhance operational collaboration that counter cybercrime globally. https://lnkd.in/gMMjWMqV #cybersecurity #cybercrime #cybercriminals #cybercrimeawareness #cyberresilience #cybercrimeprevention #cyberthreatintelligence #fraudprevention #partnership #worldeconomicforum #wef #wef24

Resecurity was excited to support Crack the Code, a 24-hour hackathon organized at Concordia University Irvine for high school students interested in cybersecurity, machine learning, and web security. Participants demonstrated strong skills in application security testing across various competitions. We congratulate all the winners, and want to express our gratitude to the organizers for their efforts in cultivating the future cybersecurity talent for the nation. The event included the following tracks: ?? Cyber in Depth Machine Learning Mayhem: Using AI to Battle Malware ?? Cyber at a Glance Cyber Sentry: Defending Digital Doorways ?? USACO Mock Competition Written by USACO competitors, this side-contest serves as a gentle intro to competitive programming. ?? Capture The Flag With (cybersecurity/CTF-style) challenges and puzzles suitable for all skill levels, this side-contest serves as an opportunity to hone and showcase your knowledge. https://crackthecode.dev/ Joshua Tallman Hari Holla Soham Dev #academia #appsec #education #cybersecurity #ctf #hackathon #machinelearning #websecurity #talent #event #irvine

Around Xmas time, Resecurity identified a vulnerability present at the Data Leak Site (DLS) of BlackLock Ransomware in the TOR network - successful exploitation of which allowed our analysts to collect substantial intelligence about their activity outside of the public domain. Since that time, our analysts from the HUNTER team have been covertly acquiring critical and previously undisclosed artifacts related to threat actors' network infrastructure, logs, ISPs and hosting providers involved, timestamps of logins, associated file-sharing accounts at MEGA, the group created to store stolen data from the victims (which later got published via DLS in TOR). A successful compromise of BlackLock's DLS allowed to uncover a trove of information about the threat actors and their Modus Operandi (MO), but more importantly, to predict and prevent some of their planned attacks and protect undisclosed victims by alerting them. Few days ago, their sister project Mamona Ransomware also went offline. Notably, another prominent ransomware group DragonForce took the lead capitalizing on these events. It is not enough to look at ransomware groups and design fancy reports counting the number of victims suffering from their activity. Resecurity believes the proactive, practical approach to disrupting cybercriminal chains is the key catalyst to combat ransomware activity worldwide. BlackLock Ransomware compromise is a unique case when offensive cyber, combined with cyber threat intelligence (CTI) research capabilities, facilitated investigation workflow to uncover critical insights and target the actors regardless of how sophisticated their operations are. https://lnkd.in/gQ3Sud9X #cybersecurity #cybercrime #cybercriminals #darkweb #tornetwork #threatintelligence #threathunting #vulnerability #ransomware

Resecurity was excited to support Crack the Code, a 24-hour hackathon organized at Concordia University Irvine for high school students interested in cybersecurity, machine learning, and web security. We congratulate all the winners and participants, and want to express our gratitude to the organizers for their efforts in cultivating the future cybersecurity talent for the nation. https://lnkd.in/edzBkPH6 Joshua Tallman Hari Holla Soham Dev #academia #appsec #education #cybersecurity #ctf #hackathon #machinelearning #websecurity #talent #event #irvine

Following Assetnote’s disclosure of the flaws last year, Resecurity warned that foreign threat actors had attempted to exploit the three ServiceNow vulnerabilities to target both private sector companies and government agencies around the world. GreyNoise Intelligence said in a blog post on Tuesday that it had observed a “notable resurgence of in-the-wild activity” targeting the three ServiceNow vulnerabilities, tracked as CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217. Cybersecurity company Imperva released another report in July 2024 warning that it had also observed exploitation attempts across 6,000 sites across various industries, with a focus on the financial services sector. Learn more in the latest article at TechCrunch by Carly Page: https://lnkd.in/eKC6kTfn #cybersecurity #cyberrisk #darkweb #hacking #networksecurity #threatintelligence #threathunting #riskmanagement

As a proud Digi Americas alliance member, Resecurity was thrilled to support the recent US-Mexico Exchange of Cybersecurity Good Practices in Washington, DC. The ongoing dialogue facilitates cooperation in the security field and demonstrates the commitment to supporting our allies in addressing new emerging threats and challenges. In the past few years, the total two-way goods trade between the United States and Mexico has reached $807 billion, with Mexico being the top goods trading partner for the U.S., surpassing China. The event was attended by delegates from the Senate of Mexico, the Secretariat of Foreign Affairs of Mexico, the Secretariat of Security and Citizen Protection (SSCP), the US-Mexico Foundation, the US Embassy in Mexico City, and private sector partners. #cybersecurity #security #riskmanagement #partnership #mexico #usa

Resecurity was thrilled to support the recent US-Mexico Exchange ???? ???? of Cybersecurity Good Practices organized in Washington, DC, by Digi Americas. As a proud member of the alliance, our team, represented by COO Shawn Loveland, debriefed the delegates on the latest threat landscape trends and the vital role of proactive cyber threat intelligence (CTI). Mexico remains a critical partner for the US in trade and security, and it was a pleasure to connect with our peers from the region to discuss mutual cooperation and the agenda to make tomorrow’s day safer today together. #cybersecurity #security #riskmanagement #partnership #mexico #usa

Part 3 - Resecurity investigators also identified a cluster of Telegram drug trafficking groups operating out of Germany, including ‘Drogs Berlin,’ ‘Candy store,’ and ‘El Diablo Shop.’ Collectively, these operations deal in the same assortment of illicit substances: Marijuana, cocaine, MDMA, ketamine, hash, LSD, 2-CB, mephedrone, and other cathinones. The findings reveal the resilience of industrial-scale drug trafficking networks and operations on Telegram despite the company’s pledge to crack down on illegal content, products, and services. The lingering presence of fentanyl-related commerce is particularly troubling given the massive potential for deadly harm to recreational users. Our investigation into illicit Telegram drug markets largely corroborates the Global Initiative Against Transnational Organized Crime think tank’s “realization” that “synthetic drugs have become the future of drug trafficking.” The research also reveals the rapidly growing global threat to recreational users and civil society posed by novel psychoactive substances (NPS) like mephedrone, Alpha-PVP, and their cathinone analogs. Learn more: https://lnkd.in/gz_CCDNe #aml #banking #cyberintelligence #cryptocurrency #compliance #drugs #fintech #darkweb #darknet #moneylaundering #narcotics #kyc #telegram #riskmanagement

Part 2 - Resecurity’s investigation reveals how the digital platforming of drug trafficking operations on Telegram reflects geopolitical and logistical shifts in the nuts-and-bolts mechanics of the global narcotics trade. Notably, a report published by Polish investigative journalism outlet OKO.press included an interview with a local drug underworld insider who estimated that there are 50 different Telegram-based drug operations servicing the capital city of Warsaw alone. The insider also estimated that there were over 200 Warsaw-based dealers using Telegram to peddle dope. Further highlighting the growing role of Poland in global drug trafficking, a Financial Times report noted that Polish-flagged yachts are increasingly being “used by criminals to export cocaine and other drugs across the Atlantic from South America to Europe and elsewhere,” citing warnings from the UNODC and the watchdog Maritime Analysis and Operations Centre. Garsany Julien, the Brussels representative for the UNODC, told the media outlet that drug traffickers are taking advantage of a legal loophole that gives Polish vessels ‘de facto immunity’ from arrest in international waters. Learn more: https://lnkd.in/gjyKB2nV #aml #banking #cyberintelligence #cryptocurrency #compliance #drugs #fintech #darkweb #darknet #moneylaundering #narcotics #kyc #telegram #riskmanagement

Part 1 - Over the last five months, Resecurity has discovered a plethora of professional drug trafficking communities promoting the sale of synthetic drugs like ketamine, 2-CB, mephedrone, and more traditional vice substances like cocaine, hashish, and cannabis. More alarmingly, our investigators uncovered multiple digital channels promoting the sale of deadly fentanyl products via Telegram, with some listings surprisingly specifying traditional ecommerce methods as their primary payment rail besides cryptocurrency. Such accounts could be registered by money mules, enabling further laundering of funds, creating a substantial challenge for financial institutions (FIs). Money mule networks are a global problem, moving vast sums of illegal money between accounts and facilitating various criminal activities. The use of mule accounts complicates the detection process for FIs because these accounts often appear legitimate at first glance. This creates blind spots in detection and investigation, making it harder for FIs to identify suspicious activity without advanced anti-money laundering (AML) tools and strategies The Trump administration prioritized combating fentanyl due to its devastating impact on public health and safety in the United States. The administration viewed the influx of fentanyl and other synthetic opioids as a national emergency. Despite a sweeping initiative announced by Telegram in September 2024 to crack down on illegal content hosted on its platform, professional drug trafficking channels have resurged on the messaging app, eluding the moderators’ purge. https://lnkd.in/g-VvFETe #aml #banking #cyberintelligence #cryptocurrency #compliance #drugs #fintech #darkweb #darknet #moneylaundering #kyc #telegram #riskmanagement