Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week in Ransomware – November 12th 2021 – Targeting REvil

The Week in Ransomware – November 12th 2021 – Targeting REvil

This week, law enforcement struck a massive blow against the REvil ransomware operation, with multiple arrests announced and the seizure of cryptocurrency.

On Monday, the US Department of Justice, Europol, and Interpol announced arrests of REvil affiliates and members in Kuwait and Romania. The FBI also announced the arrest of the REvil affiliate behind the July Kaseya attack that encrypted over 1,500 organizations.

Also Read: In Case You Didn’t Know, ISO 27001 Requires Penetration Testing

In addition, the US announced that $6 million in ransom payments was seized from the REvil ransomware operation.

After REvil shut down in October, it was expected that the group would rebrand as a new operation shortly. However, with the recent news of the arrests and that the FBI hijacked their server, it is possible that they may call it quits as other cybercriminals will likely not want want to work with them again.

This week, the other big news is a massive attack on the European electronics retailer MediaMarkt by the Hive Ransomware operation.

Other news this week is the Clop gang using the Serv-U vulnerability to breach networks and a new US bill laying out ransomware response steps for financial organizations.

Contributors and those who provided new ransomware information and stories this week include: @serghei@FourOctets@BleepinComputer@struppigel@billtoulas@fwosar@malwrhunterteam@jorntvdw@Ionut_Ilascu@LawrenceAbrams@Seifreed@VK_Intel@malwareforme@demonslay335@DanielGallagher@PolarToffee@douglasmun@John_Fokker@tsrc_team@cybereason@NCCGroupInfosec@kpoulsen@bobmcmillan@pcrisk, and @Amigo_A_.

November 7th 2021

Operation Cyclone deals blow to Clop ransomware operation

A thirty-month international law enforcement operation codenamed ‘Operation Cyclone’ targeted the Clop ransomware gang, leading to the previously reported arrests of six members in Ukraine.

November 8th 2021

Electronics retail giant MediaMarkt hit by ransomware attack

Electronics retail giant MediaMarkt has suffered a ransomware attack causing IT systems to shut down and store operations to be disrupted in Netherlands and Germany.

REvil ransomware affiliates arrested in Romania and Kuwait

Romanian law enforcement authorities have arrested two suspects believed to be Sodinokibi/REvil ransomware affiliates on November 4, both of them allegedly responsible for infecting thousands of victims.

Also Read: 4 Considerations In The PDPA Singapore Checklist: The Specifics

US seizes $6 million from REvil ransomware, arrest Kaseya hacker

The United States Department of Justice today has announced charges against a REvil ransomware affiliate responsible for the attack against the Kaseya MSP platform on July 2nd and seizing more than $6 million from another REvil partner.

US sanctions Chatex cryptoexchange used by ransomware gangs

The US Treasury Department announced today sanctions against the Chatex cryptocurrency exchange for helping ransomware gangs evade sanctions and facilitating ransom transactions.

U.S. offers $10 million reward for leaders of REvil ransomware

The U.S. is offering up to $10 million for identifying or locating leaders in the REvil (Sodinokibi) ransomware operation, including $5 million leading to the arrest of affiliates.

November 9th 2021

Clop gang exploiting SolarWinds Serv-U flaw in ransomware attacks

The Clop ransomware gang, also tracked as TA505 and FIN11, is exploiting a SolarWinds Serv-U vulnerability to breach corporate networks and ultimately encrypt its devices.

November 10th 2021

TrickBot teams up with Shatak phishers for Conti ransomware attacks

A threat actor tracked as Shatak (TA551) recently partnered with the ITG23 gang (aka TrickBot and Wizard Spider) to deploy Conti ransomware on targeted systems.

New STOP Ransomware variant

PCrisk found a new STOP ransomware variant that appends the .qdla extension.

November 11th 2021

Magniber ransomware gang now exploits Internet Explorer flaws in attacks

The Magniber ransomware gang is now using two Internet Explorer vulnerabilities and malicious advertisements to infect users and encrypt their devices.

New bill sets ransomware attack response rules for US financial orgs

New legislation introduced this week by US lawmakers aims to set ransomware attack response “rules of road” for US financial institutions.

New BlackCocaine Ransomware

Amigo-A found a new ransomware that appends the .BlackCocaine extension and drops the HOW_TO_RECOVER_FILES.BlackCocaine.txt ransom note.

November 12th 2021

U.S. Accuses Russian of Money Laundering for Ryuk Ransomware Gang

A Moscow entrepreneur was detained during a vacation abroad this month and is now facing extradition to the U.S. on charges that he helped a notorious Russian ransomware group launder payments.

New STOP Ransomware variant

PCrisk found a new STOP ransomware variant that appends the .qmak extension.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us