Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week In Ransomware – July 24th 2020 – Navigation Failure

The Week In Ransomware – July 24th 2020 – Navigation Failure

This week has been quite busy with a new enterprise targeting ransomware called Exorcist and attacks against large companies.

The biggest news this week is the attack on Garmin who suffered a worldwide outage since July 23rd. Today, BleepingComputer has been able to confirm that Garmin suffered a WastedLocker Ransomware attack.

There was also interesting analysis released this week on the Lazarus APT group, Maze, and WastedLocker from various security firms. 

Contributors and those who provided new ransomware information and stories this week include: @jorntvdw@BleepinComputer@FourOctets@malwareforme@demonslay335@struppigel@serghei@malwrhunterteam@DanielGallagher@LawrenceAbrams@fwosar@PolarToffee@VK_Intel@Seifreed@Ionut_Ilascu@LabsSentinel@campuscodi@Arete_Advisors@3xp0rtblog@JAMESWT_MHT@Amigo_A_@MarceloRivero@kaspersky, and @leotpsc.

July 18th 2020

Sodinokibi\REvil Ransomware attacks against the Education Sector

Since January 2020, the Arete IR practice has responded to forty-one (41) Sodinokibi engagements. The industry has seen two big changes with Sodinokibi/REvil from their shift to exfiltrating data as of January 2020, and more, recently with their move to only accepting payments in Monero cryptocurrency (XMR).

July 20th 2020

Lorien Health Services discloses ransomware attack affecting nearly 50,000

Lorien Health Services in Maryland announced that it was the victim of a ransomware incident in early June. Data was stolen and then encrypted during the incident.

Ransomware gang demands $7.5 million from Argentinian ISP

A ransomware gang has infected the internal network of Telecom Argentina, one of the country’s largest internet service providers, and is now asking for a $7.5 million ransom demand to unlock encrypted files.

New ransomware/wiper discovered

Michael Gillespie found a new ransomware/wiper that appends the .mechu4Po and .Ieph0uxo extensions or drops a ransom note named !!!ПРОЧИТАТЬ!!!.txt / README.txt.

ID Ransomware can now detect 900 ransomware families

Michael Gillespie announced that ID Ransomware can now detect 900 ransomware families.

New Matrix Ransomware variant

Michael Gillespie found a new Matrix ransomware variant that appends the .RE78P and drops the RE78P_README.rtf ransom note.

July 21st 2020

New Exorcist Ransomware

MalwareHunterTeam found a new ransomware called Exorcist that is targeting enterprise networks and is promoted on hacker forums.

Brief analysis of Exorcist posted

Vitali Kremez posted a brief analysis of the Exorcist ransomware and how it avoids CIS countries.

July 22nd 2020

Lazarus hackers deploy ransomware, steal data using MATA malware

A recently discovered malware framework known as MATA and linked to the North Korean-backed hacking group known as Lazarus was used in attacks targeting corporate entities from multiple countries since April 2018 for ransomware deployment and data theft.

Enter the Maze: Demystifying an Affiliate Involved in Maze (SNOW)

Affiliate involved in Maze ransomware operations profiled from the actor perspective while also detailing their involvement in other groups.

New in-dev Davinci ransomware

Leo found a new in-development ransomware that calls itself Davinci and only encrypts files on the desktop. Amigo-A states that this is a variant of the CobraLocker ransomware family.

Also read: 7 Client Data Protection Tips to Keep Customers Safe

July 23rd 2020

Garmin outage caused by confirmed WastedLocker ransomware attack

Wearable device maker Garmin shut down some of its connected services and call centers on Thursday following what the company called a worldwide outage, now confirmed to be caused by a WastedLocker ransomware attack.

UK govt warns of ransomware, BEC attacks against sports sector

The UK National Cyber Security Centre (NCSC) today highlighted the increasing risks posed by ransomware attacks, phishing campaigns, and Business Email Compromise (BEC) fraud schemes targeting sports organizations and teams, including Premier League football clubs.

New Bootlocker gives link to RickRoll

JAMESWT found a new bootlocker that shows a link to a RickRoll YouTube Video.

July 24th 2020

WastedLocker Ransomware Insights

Arete Threat Intelligence continues to work with law enforcement contacts to conduct analysis into WastedLocker. The cyber criminals behind this variant have been quick to identify and infect victims’ systems with ransomware resulting in a devastating blow to the victims IT infrastructure and interrupting profitable business operations

New ERIF STOP Ransomware variant

Michael Gillespie found a new STOP Ransomware variant that appends the .erif extension to encrypted files.

New Silvertor ransomware

Karsten Hahn found a new ransomware that threatens “fry” files and append the .silvertor extension to encrypted files.

New FlyingShip Ransomware

Karsten Hahn found a new CryptoWire variant called FlyingShip.

That’s it for this week! Hope everyone has a nice weekend!

Also read: 9 Policies For Security Procedures Examples



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us