Get 24/7 incident response assistance from our global team
Please review the following rules before submitting your application:
1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.
2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.
In this report, we share our key investigative findings and observations, including UNC2891’s tactics, techniques, and procedures.
Learn more
Group-IB’s monthly Intelligence Insights offers a concise summary of major cybercrime trends, critical vulnerabilities, and regional campaigns impacting your business environment. Our July edition reveals growing trends in signed driver abuse, vulnerability exploitation, and region-specific phishing campaigns targeting key sectors.
Critical SharePoint Vulnerabilities ExploitedAbuse of Signed Kernel Drivers
Real Estate Lure Targets MEA
A fake DocuSign-themed real estate document was used to deliver remote access malware — resembling tactics used by MuddyWater and Brazil-based clusters.
QR Code Phishing on the Rise
Attacks impersonating company staff use QR codes to harvest credentials, with some spoofing internal IT infrastructure.
New Classiscam Activity in GCC
A new wave of phishing scams targeting users across the GCC was detected in July.
Download the July 2025 META & Pakistan Intelligence Insights and equip your team with actionable knowledge to bolster your cyber defense.
We see the full picture of the evolving cyber threat landscape thanks to unique tools for monitoring the infrastructure used by cybercriminals and data from battlefields:
