Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

FBI, CISA, and NSA Warn Of Escalating Conti Ransomware Attacks

FBI, CISA, and NSA Warn Of Escalating Conti Ransomware Attacks

CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) warned today of an increased number of Conti ransomware attacks targeting US organizations.

The three US federal agencies urge enterprise IT admins to review their organizations’ network security posture and implement the immediate actions outlined in the joint advisory to defend against Conti ransomware.

Mitigations shared by CISA, FBI, and NSA include keeping operating systems and software up to date, requiring multi-factor authentication, and implementing network segmentation.

Conti ransomware operators have been behind over 400 attacks that hit US and international entities, according to the three agencies.

Also Read: What Legislation Exists in Singapore Regarding Data Protection and Security?

“The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed the increased use of Conti ransomware in more than 400 attacks on U.S. and international organizations,” the advisory reads.

“In typical Conti ransomware attacks, malicious cyber actors steal files, encrypt servers and workstations, and demand a ransom payment.”

The FBI also warned in May 2021 that Conti operators have tried to breach the networks of over a dozen US healthcare and first responder organizations.

Who is Conti?

Conti ransomware is a private Ransomware-as-a-Service (RaaS) operation believed to be controlled by a Russian-based cybercrime group tracked as Wizard Spider.

Conti shares some of its code with the notorious Ryuk Ransomware, whose TrickBot distribution channels they started using after Ryuk’s activity started slowing down in July 2020.

The cybercrime gang recently breached Ireland’s Health Service Executive (HSE) and its Department of Health (DoH), asking the former to pay a $20 million ransom after encrypting its systems.

Although the DoH blocked Conti from encrypting its systems, the HSE was not as lucky and was forced to take down all IT systems to prevent the ransomware from spreading throughout its network.

Also Read: Advisory Guidelines on Key Concepts in the PDPA: 23 Chapters

After the attack on Ireland’s public healthcare system, the Conti gang released a free decryptor for the HSE while warning that they will still leak or sell the data stolen from their network.

In August, a disgruntled affiliate leaked the gang’s training materials, including info about one of its operators, a manual on deploying various tools such as Cobalt Strike and mimikatz, and numerous help documents allegedly provided to Conti affiliates.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us