Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week In Ransomware – January 1st 2021 – New Year Edition

The Week In Ransomware – January 1st 2021 – New Year Edition

Of particular interest is the Air Forward attack as it was done by the new Hades ransomware operation that began operating last month and has been busy racking up victims.

This week’s other big news is the law enforcement takedown of the Safe-Inet and Insorg VPN and proxy services known for catering to cybercriminal activity.

According to Europol, threat actors using these services included ransomware operations, skimming attacks, and more.

“Active for over a decade, Safe-Inet was being used by some of the world’s biggest cybercriminals, such as the ransomware operators responsible for ransomware, E-skimming breaches and other forms of serious cybercrime,” Europol stated in a press release about the operation.

Contributors and those who provided new ransomware information and stories this week include @FourOctets@PolarToffee@DanielGallagher@malwrhunterteam@LawrenceAbrams@struppigel@fwosar@VK_Intel@jorntvdw@serghei@demonslay335@malwareforme@Ionut_Ilascu@Seifreed@BleepinComputer@AhnLab_SecuInfo@chum1ng0@siri_urz@Kangxiaopao@Jirehlov@fbgwls245@M_Shahpasandi, and @S2Wlab.

December 19th 2020

New ANCrypted Ransomware

M. Shahpasandi found a new ransomware called ANCrypted.

December 20th 2020

Flavors designer Symrise halts production after Clop ransomware attack

Flavor and fragrance developer Symrise has suffered a Clop ransomware attack where the attackers allegedly stole 500 GB of unencrypted files and encrypted close to 1,000 devices.

December 21st 2020

Trucking giant Forward Air hit by new Hades ransomware gang

Trucking and freight logistics company Forward Air has suffered a ransomware attack by a new ransomware gang that has impacted the company’s business operations.

Also Read: The 5 Benefits Of Outsourcing Data Protection Officer Service

The Institute for Security and Technology (IST) Launches Multi-Sector Ransomware Task Force (RTF)

The Institute for Security and Technology (IST) — in partnership with a broad coalition of experts in industry, government, law enforcement, nonprofits, cybersecurity insurance, and international organizations — is today launching a new Ransomware Task Force (RTF) to tackle this increasingly prevalent and destructive type of cybercrime. The RTF’s founding members understand that ransomware is too large of a threat for any one entity to address, and have come together to provide clear recommendations for both public and private action that will significantly reduce the threat posed by this criminal enterprise.

BlackMamba Ransomware 2.0 discovered

S!ri discovered the BlackMamba 2.0 ransomware.

New cuteRansomware discovered

S!ri discovered a new ransomware called cuteRansomware.

December 22nd 2020

Magniber Ransomware Changed Vulnerability (CVE-2019-1367 -> CVE-2020-0968) and Attempted to Bypass Behavior Detection

Since September 23, 2019, CVE-2019-1367 vulnerability, which the developer of Magniber used for distribution, stopped operating in the systems with emergency security patch (Version 1903) applied. In response, the developer changed the latest vulnerability to CVE-2020-0968, expanding the infection target range. On top of this occurrence, CVE-2020-0968 security patch (distributed on April 15, 2020) cannot be applied to Windows 7 as it is no longer supported as of January 14, 2020. For better understanding of the changes, see figures below which are the comparisons between the codes before the change (including POC) and the those after the change.

Safe-Inet, Insorg VPN services shut down by law enforcement

Law enforcement agencies around the world in a coordinated effort took down and seized the infrastructure supporting Safe-Inet and Insorg VPN and proxy services known for catering to cybercriminal activity.

December 23rd 2020

New v316 ransomware

MalwareHunterTeam found a new v316 Jigsaw variant that pretends to be a ProtonVPN installer. 

Story of the week: Ransomware on the Darkweb | W4 Dec

S2W LAB publishes weekly reports of the Ransomware activities that took place at Dark Web. Report includes summary of victimized firms, Top 5 targeted countries and industrial sectors, status of dark web forum posts by ransomware operator, etc.

Also Read: How To Prevent WhatsApp Hack: 7 Best Practices

December 24th 2020

FreePBX developer Sangoma hit with Conti ransomware attack

Sangoma disclosed a data breach after files were stolen during a recent Conti ransomware attack and published online.

New LOL Ransomware

xiaopao discovered the LOL ransomware that appends the .jcrypt extension to encrypted files.

New RansomeToad ransomware

xiaopao discovered a new ransomware called RansomeToad that appends the .rtcrypted extension.

New 21btc Dharma ransomware variant

xiaopao found a new Dharma ransomware variant that appends the .21btc extension to encrypted files.

New BlueEagle ransomware

xiaopao found a new ransomware called BlueEagle that appends the ..MaxSteel.Saher Blue Eagle extension.

December 25th 2020

New igal STOP Ransomware variant

Amigo-A found a new STOP ransomware variant that appends the .igal extension.

Unknown ransomware thinks it’s funny

MalwareHunterTeam found a new ransomware that appends the .HaHaHaHaHaHaHaHa extension to encrypted files.

New Mijnal Ransomware

Jirehlov Solace found a new ransomware that appends the .mijnal extension and drops a ransom note named OpenTheTorBrouser.html.

December 26th 2020

New PThree ransomware

Jirehlov Solace found a new ransomware named PThree that appends the .16x extension to encrypted files.

December 28th 2020

Home appliance giant Whirlpool hit in Nefilim ransomware attack

Home appliances giant Whirlpool suffered a ransomware attack by the Nefilim ransomware gang who stole data before encrypting devices.

New Lockedv1 ransomware

dnwls0719 found a new ransomware that appends the .lockedv1 extension and drops a ransom note named READMEV1.txt.

December 29th 2020

US Treasury warns of ransomware targeting COVID-19 vaccine research

The US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) warned financial institutions of ransomware actively targeting vaccine research organizations.

That’s it for this week! Hope everyone has a nice weekend!



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us