Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing

        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing

        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing

        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing

        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training

        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing

        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review

        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention

        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise

        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle

        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

I'VE BEEN BREACHED

The Week In Ransomware – August 7th 2020 – Businesses Under Siege

The Week In Ransomware – August 7th 2020 – Businesses Under Siege

This week illustrated how pervasive ransomware has become with news of two large and well-known companies getting hit with ransomware attacks, with more surely to come.

Over the weekend, BleepingComputer found a WastedLocker decryptor used by Garmin to decrypt their files, meaning that they paid the ransom to get the decryption key.

Later in the week, we discovered that Canon USA was attacked by the operators of the Maze ransomware, leading to another corporate service disruption.

Security budgets are always stretched thin until an attack occurs. Unfortunately, by then it is too late.

As ransomware groups consolidate into highly skilled operations, enterprises need to increase monitoring, lock down their perimeter, and make sure all gateway devices and RDP servers properly protected.

Contributors and those who provided new ransomware information and stories this week include: @jorntvdw@LawrenceAbrams@Seifreed@serghei@struppigel@malwrhunterteam@FourOctets@fwosar@Ionut_Ilascu@malwareforme@PolarToffee@VK_Intel@BleepinComputer@demonslay335@DanielGallagher@coveware@AJMartinSky@McAfee@John_Fokker@fr0gger_@emsisoft@markloman@SophosLabs@AltShiftPrtScn@john_shier@threatresearch@chetwisniewski@xiaopao80087499@thyrex2002@iamwinstonm@MarceloRivero, and @Jirehlov.

August 1st 2020

Confirmed: Garmin received decryptor for WastedLocker ransomware

BleepingComputer can confirm that Garmin has received the decryption key to recover their files encrypted in the WastedLocker Ransomware attack.

New Nile STOP Ransomware variant

Michael Gillespie found a new STOP ransomware variant that appends the .nile extension to encrypted files.

New ZaCaPa STOP Ransomware variant

Michael Gillespie found a new Xorist ransomware variant that appends the .ZaCaPa extension to encrypted files.

New WannaCash 2.0 Ransomware variant

Alex Svirid found a new variant of the WannaCash Ransomware that changes an encrypted file’s name to [number] ???? ??????????. ????. [ ????? [email protected] ] .WANNACASH.

New Nefilim ransomware variant

d2hvYW1p found a new Nefilim Ransomware variant that appends the .NEF1LIM extension to encrypted files.

August 2nd 2020

Ransom Demands Rise With Market Share Split Between Big Game Hunters and Amateur RaaS Affiliates

The Coveware Quarterly Ransomware Report describes ransomware incident response trends during Q2 of 2020. Ransomware attacks against enterprises forked in Q2 between big game attacks and an increase in new RaaS variants targeting small businesses. Victim demographics and resolution metrics are aggregated to present ransomware incident response statistics driven by actual case events.

New FlyStudio ransomware variant

Jirehlov found #Ransomware #Flystudio #China https://app.any.run/tasks/3d4fc8d4-2a2e-404b-a693-5a1680d456b8/… .itunes itunes-DECRYPT—-1596322702829.txt sample note: https://pastebin.com/z3eW5Y1N

August 3rd 2020

Netwalker ransomware earned $25 million in just five months

The Netwalker ransomware operation has generated a total of $25 million in ransom payments since March 1st according to a new report by McAfee.

Garmin ‘paid multi-million dollar ransom to criminals using Arete IR’, say sources

Smartwatch maker Garmin paid a multi-million dollar ransom to criminals who encrypted its computer files through a ransomware negotiation business called Arete IR, sources have told Sky News.

New Homer Dharma Ransomware variant

Marcelo Rivero found a new Dharma ransomware variant that appends the .homer extension and drops ransom notes named FILES ENCRYPTED.txt and Info.hta.

Also read: Privacy policy template important tips for your business

August 4th 2020

WastedLocker ransomware abuses Windows feature to evade detection

The WastedLocker ransomware is abusing a Windows memory management feature to evade detection by security software.

Interpol: Lockbit ransomware attacks affecting American SMBs

American medium-sized companies are actively targeted by LockBit ransomware operators according to an Interpol report on the impact the COVID-19 pandemic had on cybercrime around the world.

The realities of ransomware: A victim’s-eye view of an attack

The Managed Threat Response manager offers a unique perspective on the realities of being the target of ransomware

The realities of ransomware: Extortion goes social in 2020

Sophos’ senior security advisor on the growing threat of ransomware that threatens to publish companies’ private data

The realities of ransomware: Five signs you’re about to be attack

A manager on the Managed Threat Response team explains what to expect when you’re expecting a ransomware attack

The realities of ransomware: The evasion arms race

Behavioral shifts changed the ransomware landscape as criminals challenge defenses

The realities of ransomware: Why it’s not just a passing fad

Here we are seven years later scratching our heads, still thinking about what to do to defend ourselves against ransomware. You would think in seven years we ought to have gotten better at deterring attackers from this type online crime.But, like almost everything in information security, ransomware is a complicated, and an attack that has only grown more complex, particularly in the last 10 months.

New WEEK Dharma ransomware variant

Xiaopao found a new Dharma ransomware variant that appends the .WEEK extension to encrypted files.

Sample of PhantomChina found

Xiaopao found a sample of the PhantomChina ransomware that appends the .phantom extension and drops a ransom note named !How_To_Decrypt_My_File_????????.hta.

August 5th 2020

Canon confirms ransomware attack in internal memo

Canon has suffered a ransomware attack that impacts numerous services, including Canon’s email, Microsoft Teams, USA website, and other internal applications. In an internal alert sent to employees, Canon has disclosed the ransomware attack and working to address the issue.

New Zes Xorist Ransomware variant

Michael Gillespie found a new Xorist ransomware variant that appends the .zes extension to encrypted files.

August 6th 2020

CheckMail7 decryptor released

Emsisoft has released a decryptor for the CheckMail7 Ransomware.

That’s it for this week! Hope everyone has a nice weekend!

Also read: 4 easy guides to data breach assessment

0 Comments

Let us help you out.

Grab your free consultation NOW!

Privacy Ninja

Data Protection​

Cybersecurity

Support

Company

Locations

Singapore

7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987

Thailand

The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand



email-icon
Facebook Twitter Linkedin Youtube

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

× Chat with us