fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week In Ransomware – November 27th 2020 – Attacks Continue

The Week In Ransomware – November 27th 2020 – Attacks Continue

With the USA holidays, this has been a relatively slow week in new research being released. We did, though, see some organizations get attacked or report historical attacks.

Last weekend, South Korean retail giant E-Land suffered a ransomware attack that forced them to close 23 retail stores while they recovered.

There were also attacks reported against RtizauUS FertilityRand McNally, and the Banijay Group SAS.

Finally, Sopra Steria announced that they expect a  €50 million loss after their Ryuk ransomware attack in October.

Contributors and those who provided new ransomware information and stories this week include: @demonslay335@struppigel@VK_Intel@fwosar@malwrhunterteam@jorntvdw@serghei@Ionut_Ilascu@FourOctets@PolarToffee@Seifreed@DanielGallagher@BleepinComputer@LawrenceAbrams@malwareforme@TheDFIRReport@LabsSentinel@Emm_ADC_Soft, and @GrujaRS.

November 21st 2020

Ranzy Ransomware | Better Encryption Among New Features of ThunderX Derivative

Ranzy ransomware emerged in September/October this year, and appears to be an evolution of ThunderX and, to a lesser extent, Ako ransomware. Ranzy shares many features and under-the-hood elements with its predecessors. However there have been a few key updates, including tweaks to encryption, methods of exfiltration, and the (now commonplace) use of a public “leak blog” to post victim data for those who do not comply with the ransom demand.

Also Read: What Legislation Exists in Singapore Regarding Data Protection and Security?

November 23rd 2020

Ransomware forces E-Land South Korean retail giant to close stores

South Korean conglomerate and retail giant E-Land has suffered a ransomware attack causing 23 of its retail stores to suspend operations while they deal with the attack.

New STOP Ransomware variant

Michael Gillespie found a new STOP Djvu Ransomware variant the appends the .lisp extension to encrypted files.

PYSA/Mespinoza Ransomware

Over the course of 8 hours the PYSA/Mespinoza threat actors used Empire and Koadic as well as RDP to move laterally throughout the environment, grabbing credentials from as many systems as possible on the way to their objective. The threat actors took their time, looking for files and reviewing the backup server before executing ransomware on all systems. Hours after being ransomed, our files were opened from multiple Tor exit nodes, which confirms our suspicion that files had been exfiltrated.

New LolKek ransomware variant

Emmanuel_ADC-Soft found a new LolKek ransomware variant that appends the .xls extension to encrypted files.

November 25th 2020

Sopra Steria expects €50 million loss after Ryuk ransomware attack

French IT services giant Sopra Steria said today in an official statement that the October Ryuk ransomware attack will lead to a loss of between €40 million and €50 million.

Danish news agency Ritzau refuses to pay after ransomware attack

Ritzau, the largest independent news agency in Denmark founded in 1866 by Erik Ritzau, said in a statement that it will not pay the ransom demanded by a ransomware gang that hit its network on Tuesday morning.

Baltimore County Public Schools hit by ransomware attack

Baltimore County Public Schools has been hit today by a ransomware attack that led to a systemic shutdown of its network due to the number of systems impacted in the attack.

Egregor RaaS Continues the Chaos with Cobalt Strike and Rclone

Egregor ransomware is an offshoot of the Sekhmet malware family that has been active since mid-September 2020. The ransomware operates by compromising organizations, stealing sensitive user data, encrypting said data, and demanding a ransom to exchange encrypted documents. Egregor is ransomware associated with the cyberattacks against GEFCO and Barnes & Noble, Ubisoft, and numerous others.

Belden networking giant’s company data stolen in cyberattack

Network device manufacturer Belden was hit with a cyberattack that allowed threat actors to steal files containing information about employees and business partners.

New Vash Sorena variant

GrujaRS found a new Vash Sorena variant that appends the .encrypt extension.

November 26th 2020

Ransomware hits largest US fertility network, patient data stolen

US Fertility, the largest network of fertility centers in the U.S., says that some of its systems were encrypted in a ransomware attack that affected the company two months ago, in September 2020.

Truck routing provider Rand McNally hit by cyberattack

Chicago-based transportation technology firm Rand McNally is working on restoring network functionality following a cyberattack that hit its systems earlier this week.

Canon publicly confirms August ransomware attack, data theft

Canon has finally confirmed publicly that the cyberattack suffered in early August was caused by ransomware and that the hackers stole data from company servers.

Also Read: Letter of Consent MOM: Getting the Details Right

November 27th 2020

MasterChef, Big Brother producer hit by DoppelPaymer ransomware

French multinational production and distribution firm Banijay Group SAS was hit earlier this month by a DoppelPaymer ransomware attack and had sensitive information stolen by the ransomware operators during the incident.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us