Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing

        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing

        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing

        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing

        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training

        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing

        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review

        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention

        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise

        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle

        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

I'VE BEEN BREACHED

The Week In Ransomware – January 15th 2021 – Locking You Up

The Week In Ransomware – January 15th 2021 – Locking You Up

It has been another quiet week for ransomware, though we did have some interesting stories come out this week.

By far, the most interesting is the news about ChastityLocker – ransomware that exploits vulnerabilities in men’s chastity belts (not joking) so that they can’t unlock them.

Other interesting news is Intel’s announcement that their new vPro chips will have built-in hardware ransomware detection and BitDefender released a decryptor for the DarkSide ransomware.

Unfortunately, after the decryptor was released, the DarkSide operation announced that they fixed the weakness allowing the decryptor to work.

Contributors and those who provided new ransomware information and stories this week include: @struppigel@Ionut_Ilascu@VK_Intel@BleepinComputer@FourOctets@serghei@Seifreed@malwrhunterteam@demonslay335@DanielGallagher@fwosar@malwareforme@jorntvdw@PolarToffee@LawrenceAbrams@Telekom_group@LukasStefanko@GrujaRS@Bitdefender@vxunderground@JakubKroustek@M_Shahpasandi@Kangxiaopao@ExtendedRaavan, and @Amigo_A_.

Also Read: What Is A Governance Framework? The Importance And How It Works

January 9th 2021

Hacker used ransomware to lock victims in their IoT chastity belt

The source code for the ChastityLock ransomware that targeted male users of a specific adult toy is now publicly available for research purposes.

January 10th 2021

Three new Dharma ransomware variants

Jakub Kroustek found three new Dharma ransomware variants that append the .hub, .aol, or .14x extension to encrypted files.

January 11th 2021

Intel adds hardware-based ransomware detection to 11th gen CPUs

Intel announced today at CES 2021 that they have added hardware-based ransomware detection to their newly announced 11th generation Core vPro business-class processors.

DarkSide ransomware decryptor recovers victims’ files for free

Romanian cybersecurity firm Bitdefender has released a free decryptor for the DarkSide ransomware to allow victims to recover their files without paying a ransom.

New STOP ransomware variant

Raavan Extended found a new STOP Ransomware variant that appends the .qlkm extension.

New STOP ransomware variant

Amigo-A found a new STOP Ransomware variant that appends the .coos extension.

New Flamingo ransomware variant

Amigo-A found a new variant of the Flamingo Ransomware variant that appends the .LIZARDextension and drops a ransom note named ReadThis.txt.

Also Read: Website Ownership Laws: Your Rights And What These Protect

January 12th 2021

Capcom: 390,000 people may be affected by ransomware data breach

Capcom has released a new update for their data breach investigation and state that up to 390,000 people may now be affected by their November ransomware attack.

New Judge ransomware 

xiaopao found a new ransomware that appends the .judge exension and drops a ransom note named info.txt.

January 14th 2021

Inside of CL0P’s ransomware operation

TA505 (also known as FIN11) is a financially motivated cybercrime actor. They conduct Big Game Hunting operations, such as deployment of ransomware and extortion of large ransom payment. In the past, I explained how they operate and I scrutinized their tools. If you are not familiar with TA505 and CL0P then I recommend you to read our threat actor profile of TA505 first. 

New variant of the Lucy Ransomware for Android

MalwareHunterTeam found a new malicious Android app that includes ransomware capabilities. Lukas Stefanko states that this is a new variant of the Lucy Ransomware.

New ByteLocker Ransomware

GrujaRS found a new HiddenTear variant called ByteLocker that encrypts files without adding an extension.

DarkSide found to be very similar to REvil

Vitali Kremez analyzed a new sample of REvil and found it be very similar to the DarkSide ransomware.

January 15th 2021

Scotland environmental regulator hit by ‘ongoing’ ransomware attack

The Scottish Environment Protection Agency (SEPA) confirmed on Thursday that some of its contact center, internal systems, processes and internal communications were affected following a ransomware attack that took place on Christmas Eve.

New BlackHeel HiddenTear variant

GrujaRS found a new BlackHeel HiddenTear variant that appends the .a extension to encrypted files.

New Epsilon ransomware

GrujaRS found a new Epsilon Ransomware that appends the .boom extension and drops a ransom note named READ_ME.hta.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

Let us help you out.

Grab your free consultation NOW!

Privacy Ninja

Data Protection​

Cybersecurity

Support

Company

Locations

Singapore

7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987

Thailand

The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand



email-icon
Facebook Twitter Linkedin Youtube

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

× Chat with us