Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing

        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing

        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing

        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing

        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training

        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing

        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review

        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention

        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise

        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle

        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

I'VE BEEN BREACHED

The Week In Ransomware – April 9th 2021 – Massive Ransom Demands

https://open.spotify.com/show/3Gmj15x6cGrgJEzmGnDTTj

The Week In Ransomware – April 9th 2021 – Massive Ransom Demands

Ransomware attacks continue over the past two weeks with a continuation of the massive initial ransom demands we have seen recently.

Over the past two weeks, we have learned of attacks against Asteelflash, the Broward County Public Schools, Applus Technologies, Pierre Fabre, and Harris Federation, with many of the attack’s initial ransoms ranging between $24 – $40 million.

The Applus Technologies attack was particularly disruptive as it prevented emissions testing in eight US states.

Accellion FTA-related data breaches continue with the Clop ransomware gang leaking the data for Stanford Medicine, University of Maryland Baltimore (UMB), and the University of California.

Contributors and those who provided new ransomware information and stories this week include: @PolarToffee, @fwosar, @Seifreed, @LawrenceAbrams, @Ionut_Ilascu, @VK_Intel, @DanielGallagher, @jorntvdw, @demonslay335, @struppigel, @malwrhunterteam, @BleepinComputer, @malwareforme, @serghei, @FourOctets, @R3MRUM, @kaspersky, @PogoWasRight, @CheckPointSW, @troyhunt, @alexscroxton, @ValeryMarchive, @snlyngaas, @fbgwls245, @Amigo_A_, @campuscodi, @siri_urz, @chum1ng0, and @GrujaRS.

March 27th 2021

FatFace sends controversial data breach email after ransomware attack

British clothing brand FatFace has sent a controversial ‘confidential’ data breach notification to customers after suffering a ransomware attack earlier this year.

March 28th 2021

Ransomware admin is refunding victims their ransom payments

After recently announcing the end of the operation, the administrator of Ziggy ransomware is now stating that they will also give the money back.

CompuCom MSP expects over $20M in losses after ransomware attack

American managed service provider CompuCom is expecting losses of over $20 million following this month’s DarkSide ransomware attack that took down most of its systems.

March 29th 2021

Harris Federation hit by ransomware attack affecting 50 schools

The IT systems and email servers of London-based nonprofit multi-academy trust Harris Federation were taken down by a ransomware attack on Saturday.

March 30th 2021

Microsoft Exchange attacks increase while WannaCry gets a restart

The recently patched vulnerabilities in Microsoft Exchange have sparked new interest among cybercriminals, who increased the volume of attacks focusing on this particular vector.

New STOP Djvu Ransomware variant

Michael Gillespie found a new STOP ransomware variant that appends the .ytbn extension to encrypted files.

April 1st 2021

New Dharma ransomware variants

Jakub Kroustek found new Dharma ransomware variants that append the .4o4 and .ctpl extensions to encrypted files.

April 2nd 2021

Asteelflash electronics maker hit by REvil ransomware attack

Asteelflash, a leading French electronics manufacturing services company, has suffered a cyberattack by the REvil ransomware gang who is demanding a $24 million ransom.

Also Read: What Does A Data Protection Officer Do? 5 Main Things

Qualys says Accellion hackers did not breach production systems

Cybersecurity firm Qualys said today that the attackers who breached its Accellion FTA server didn’t infiltrate the company’s production and corporate environments.

Ransomware gang wanted $40 million in Florida schools cyberattack

Fueled by large payments from victims, ransomware gangs have started to demand ridiculous ransoms from organizations that can not afford to pay them. An example of this is a recently revealed ransomware attack on the Broward County Public Schools district where threat actors demanded a $40,000,000 payment.

As ransomware stalks the manufacturing sector, victims are still keeping quiet

In addition to Norsk Hydro, CyberScoop requested interviews with a dozen manufacturersin Europe and the U.S. that have reportedly had their production disrupted by ransomware incidents in the last two and half years. Nearly all either declined to comment, did not respond or said an executive was unavailable by press time.

New Makop Ransomware variant

dnwls0719 found a new Makop ransomware variant that appends the .dark extension and drops a ransom note named readme-warning.txt.

New WhiteBlackGroup ransomware

S!Ri has discovered a new ransomware called WhiteBlackGroup that appends the .encrpt3d extension to encrypted files.

WhiteBlack Group

April 3rd 2021

Malware attack is preventing car inspections in eight US states

A malware cyberattack on emissions testing company Applus Technologies is preventing vehicle inspections in eight states, including Connecticut, Georgia, Idaho, Illinois, Massachusetts, Utah, and Wisconsin.

Ransomware gang leaks data from Stanford, Maryland universities

Personal and financial information stolen from Stanford Medicine, University of Maryland Baltimore (UMB), and the University of California was leaked online by the Clop ransomware group.

Sepa spends nearly £800,000 on cyber attack response

Figures released to BBC Scotland under freedom of information laws show a total of £790,000 has been spent on Sepa’s response and recovery actions so far

New STOP Djvu Ransomware variant

Michael Gillespie found a new STOP ransomware variant that appends the .fdcz extension to encrypted files.

New Jigsaw Ransomware variant

GrujaRS found a new Jigsaw ransomware variant that appends the .cat extension.

April 4th 2021

Sierra Wireless resumes production after ransomware attack

Canadian IoT solutions provider Sierra Wireless announced that it resumed production at its manufacturing sites halted after a ransomware attack that hit its internal network and corporate website on March 20.

Also Read: The DNC Registry Singapore: 5 Things You Must Know

New STOP Djvu Ransomware variant

Michael Gillespie found a new STOP ransomware variant that appends the .urnb extension to encrypted files.

April 5th 2021

New Jormungand Ransomware variant

dnwls0719 found the Jormungand ransomware that appends the .glock extension and drops a ransom note named READ-ME-NOW.txt.

Jormungand

April 6th 2021

Windows XP makes ransomware gangs work harder for their money

A recently created ransomware decryptor illustrates how threat actors have to support Windows XP, even when Microsoft dropped supporting it seven years ago.

Ransomware hits TU Dublin and National College of Ireland

The National College of Ireland (NCI) and the Technological University of Dublin have announced that ransomware attacks hit their IT systems.

April 7th 2021

New Cring ransomware hits unpatched Fortinet VPN devices

A vulnerability impacting Fortinet VPNs is being exploited by a new human-operated ransomware strain known as Cring to breach and encrypt industrial sector companies’ networks.

REvil ransomware now changes password to auto-login in Safe Mode

A recent change to the REvil ransomware allows the threat actors to automate file encryption via Safe Mode after changing Windows passwords.

New Wintenzz Security Tool ransomware

S!Ri has discovered a new ransomware called Wintenzz Security Tool that appends the .wintenzzextension to encrypted files and drops a ransom note named BUY_WINTENZZ.txt.

Wintenzz Security Tool

April 8th 2021

New VHD ransomware variant

dnwls0719 found a new VHD ransomware variant that appends the .beaf extension and drops a ransom note named DecryptGuide.txt.

VHD

April 9th 2021

Leading cosmetics group Pierre Fabre hit with $25 million ransomware attack

Leading French pharmaceutical group Pierre Fabre suffered a REvil ransomware attack where the threat actors initially demanded a $25 million ransom, BleepingComputer learned today.

New STOP Djvu Ransomware variant

Michael Gillespie found a new STOP ransomware variant that appends the .lmas extension to encrypted files.

New GEHENNA Locker ransomware

dnwls0719 found a new VHD ransomware variant that appends the .gehenna and drops a ransom note named GEHENNA-README-WARNING.html.

Maze/Egregor ransomware cartel estimated to have made $75 million

The group behind the Maze and Egregor ransomware operations are believed to have earned at least $75 million worth of Bitcoin from ransom payments following intrusions at companies all over the world.

New RIP_lmao Ransomware

GrujaRS found a new ransomware called RIP_lmao that appends the .crypted extension and drops a ransom note named ___RECOVER__FILES__.crypted.txt.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

Let us help you out.

Grab your free consultation NOW!

Privacy Ninja

Data Protection​

Cybersecurity

Support

Company

Locations

Singapore

7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987

Thailand

The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand



email-icon
Facebook Twitter Linkedin Youtube

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

× Chat with us