Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing

        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing

        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing

        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing

        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training

        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing

        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review

        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention

        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise

        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle

        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

I'VE BEEN BREACHED

The Week in Ransomware – October 30th 2020 – Hospitals Under Siege

The Week in Ransomware – October 30th 2020 – Hospitals Under Siege

This week we have seen a concerted attack against the healthcare industry by hacking groups utilizing the Ryuk ransomware. Also, we saw some large well-known companies suffer ransomware attacks that impacted their business operations.

The biggest news this week is the U.S. government warning the healthcare industry that there is “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” As a result of these attacks, we have seen six hospitals targeted in attacks this week, including Wyckoff Hospital, University of Vermont Health Systems, Sky Lakes Medical Center, and St. Lawrence Health System.

We also learned of ransomware attacks against well-known companies, such as furniture manufacturer SteelCase, French IT consulting firm Sopra Steria, and the Italian power company Enel Group.

Finally, an REvil representative known as UNKN stated that they earned $100 million in a year, and the infamous Maze gang has started to shut down its ransomware operation.

Now that the weekend is upon us, it is important for all companies to monitor for suspicious activity on their networks and Windows domain controllers, and proactively respond if anything is detected.

Contributors and those who provided new ransomware information and stories this week include: @PolarToffee@VK_Intel@struppigel@BleepinComputer@malwrhunterteam@malwareforme@demonslay335@jorntvdw@Seifreed@FourOctets@serghei@LawrenceAbrams@Ionut_Ilascu@DanielGallagher@fwosar@MarceloRivero@Malwarebytes@Amigo_A_@GrujaRS@0x4143@fbgwls245@siri_urz@Mandiant, and @IntelAdvanced.

October 24th 2020

New Russian Ransomware

dnwls0719 found a new ransomware targeting Russia that appends the .pizhon-(Random) extension to encrypted files.

Russian ransomware

October 25th 2020

State and Local Cybersecurity: Defending Our Communities from Cyber Threats Amid COVID-19

In late September, Coveware’s CEO, Bill Siegel, was invited to testify before the Federal Spending Oversight Subcommittee of the Committee on Homeland Security and Governmental Affairs. The topic: Defending Our State & Local Communities from Cyber Threats Amid COVID-19. The committee hearing was postponed after the passing of Ruth Bader Ginsberg, and while we look forward to the hearing be rescheduled, we figured would publish our submitted testimony anyway. The testimony explains the market dynamics of ransomware, and our thoughts on how to most efficiently and effectively protect our state & local communities from cyber threats.

October 26th 2020

Sopra Steria confirms being hit by Ryuk ransomware attack

French enterprise IT services company Sopra Steria confirmed today that they were hit with a Ryuk ransomware attack on October 20th, 2020.

New STOP Djvu ransomware variant

Michael Gillespie found a new STOP ransomware variant that appends the .iiss extension to encrypted files.

New Xorist ransomware variant

Michael Gillespie found a new Xorist ransomware variant that appends the .ZaLtOnextension to encrypted files.

Also Read: Thinking of Shredding or Burning Paper? Here’s What You Should Know

Mineral Technologies Inc discloses a ransomware attack in SEC filings

Minerals Technologies Inc. (the “Company”) today announced that on October 22, 2020, it detected a ransomware attack impacting certain of its information technology systems.  Immediately upon its detection of the security incident, which prevented access to certain systems and data within the Company’s network, the company implemented its cyber security emergency response plan. As part of that plan, Company took steps to restore its network and resume normal operations as quickly as possible.  The Company launched an investigation working with industry-leading cybersecurity firms, engaged legal counsel, notified law enforcement and is in the process of notifying appropriate governmental authorities.

New TheDMR ransomware variant

Amigo-A found a new variant of TheDMR Ransomware that calls itself ‘Alvin Ransomware’ and appends the .ALVIN extension and drops a ransom note named HOW TO RECOVER ENCRYPTED FILES.txt.

Alvin Ransomware

New Ransomware32 ransomware

Karsten Hahn found ransomware written in Rust called Ransomware32 that appends the ._encrypted extension and drops a ransom note named README_encrypted.txt.

October 27th 2020

Enel Group hit by ransomware again, Netwalker demands $14 million

Networks of giant energy company Enel have been hit by a ransomware attack for the second time this year. This time, it’s Netwalker asking $14 million ransom for the decryption key.

Steelcase furniture giant hit by Ryuk ransomware attack

Office furniture giant Steelcase has suffered a ransomware attack that forced them to shut down their network to contain the attack’s spread.

New Mars ransomware

Michael Gillespie found a new ransomware that appends the .mars extension to encrypted files and drops a ransom note named !!!MARS_DECRYPT.TXT.

New Ransomware COVID

MalwareHunterTeam found ‘Ransomware COVID’ that appends the .crypt extension to encrypted files.

Ransomware COVID

New SnapDragon ransomware

0x4143 found a new ransomware called SnapDragon that appends the .SNPDRGN extension to encrypted files.

Also Read: What Legislation Exists in Singapore Regarding Data Protection and Security?

New Wanna Scream variant

0x4143 found a new Wanna Scream variant that appends the .H@RM@ extension and drops ransom notes named info.hta and ReadMe.txt.

Wanna Scream

October 28th 2020

Fake COVID-19 survey hides ransomware in Canadian university attack

In recent weeks, we’ve observed a number of phishing attacks against universities worldwide which we attributed to the Silent Librarian APT group. On October 19, we identified a new phishing document targeting staff at the University of British Columbia (UBC) with a fake COVID-19 survey.

New Ragnar Locker ransomware variant

GrujaRS found a new Ragnar Locker ransomware variant that appends the .__r4gN4r__XXXXXXX extension and drops a ransom note named !!!_READ_ME_XXXXXXX_!!!.txt.

New RegretLocker ransomware

MalwareHunterTeam found the RegretLocker ransomware that appends the .mouse extension and drops a ransom note named HOW TO RESTORE FILES.TXT.

October 29th 2020

Maze ransomware is shutting down its cybercrime operation

​The Maze cybercrime gang is shutting down its operations after rising to become one of the most prominent players performing ransomware attacks.

REvil ransomware gang claims over $100 million profit in a year

REvil ransomware developers say that they made more than $100 million in one year of extorting large businesses across the world from various sectors.

Hacking group is targeting US hospitals with Ryuk ransomware

In a joint statement, the U.S. government is warning the healthcare industry that a hacking group is actively targeting hospitals and healthcare providers in Ryuk ransomware attacks.

Brooklyn & Vermont hospitals are latest Ryuk ransomware victims

Wyckoff Heights Medical Center in Brooklyn and the University of Vermont Health Network are the latest victims of the Ryuk ransomware attack spree covering the healthcare industry across the U.S.

Georgia county voter information leaked by ransomware gang

The DoppelPaymer ransomware gang has released unencrypted data stolen from Hall County, Georgia, during a cyberattack earlier this month.

New MyRansom ransomware

GrujaRS found a new ransomware called MyRansom that does not append an extension but drops a ransom note named README.TXT.

My Ransom

New Bondy ransomware

Siri found the Bondy Ransomware that appends the .bondy extension and drops a ransom note named HELP_DECRYPT_YOUR_FILES.txt.

Bondy

New STOP ransomware variant

Michael Gillespie found a new STOP ransomware variant that appends the .jdyi extension to encrypted files.

New Wanna Scream variant

Michael Gillespie found a new Wanna Scream variant that appends the .Bang extension to encrypted files.

New CCE ransomware variant

Siri found a variant of the CCE ransomware that appends the .aieou extension to encrypted files.

New RansomKart ransomware

0x4143 found a new in-development ransomware called Ransomkart that appends the .ransomkart extension.

New Hentai OniChan Version King Engine ransomware

Siri found a new ransomware that calls itself ‘Hentai OniChan Version King Engine’ and appends the .docm extension to encrypted files.

Onichan

October 30th 2020

New Bondy variant

Siri found another Bondy Ransomware variant that appends the .Connect extension.

UHS restores hospital systems after Ryuk ransomware attack

Universal Health Services (UHS), a Fortune 500 hospital and healthcare services provider, says that it has managed to restore systems after a September Ryuk ransomware attack.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

Let us help you out.

Grab your free consultation NOW!

Privacy Ninja

Data Protection​

Cybersecurity

Support

Company

Locations

Singapore

7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987

Thailand

The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand



email-icon
Facebook Twitter Linkedin Youtube

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

× Chat with us