Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft: Ukraine Hit with FoxBlade Malware Hours Before Invasion

Microsoft: Ukraine Hit with FoxBlade Malware Hours Before Invasion

Microsoft said that Ukrainian networks were targeted with recently found malware several hours before Russia’s invasion of Ukraine on February 24th.

Researchers with the Microsoft Threat Intelligence Center (MSTIC) observed destructive attacks targeting Ukraine and spotted a malware strain they named FoxBlade (VirusTotal scan available here).

This malware was previously spotted by cybersecurity firms Symantec and ESET one day before the invasion started and dubbed HermeticWiper by SentinelOne principal threat researcher Juan Andres Guerrero-Saade.

Also Read: PDPA compliance and progressive HR practices: Why this tandem makes sense

“Several hours before the launch of missiles or movement of tanks on February 24, Microsoft’s Threat Intelligence Center (MSTIC) detected a new round of offensive and destructive cyberattacks directed against Ukraine’s digital infrastructure,” Microsoft President and Vice-Chair Brad Smith said.

“We immediately advised the Ukrainian government about the situation, including our identification of the use of a new malware package (which we denominated FoxBlade), and provided technical advice on steps to prevent the malware’s success.”

Smith said the company updated its Defender security platform with new signatures to block the malware within three hours of discovering the malicious payload deployed in the wild.

These recently spotted and still active cyberattacks “have been precisely targeted,” Smith also revealed.

This contrasts to the indiscriminate malware assaults that impacted Ukraine’s and other countries’ economies during the 2017 NotPetya worldwide attack linked to a Russian GRU Main Intelligence Directorate hacking group known as Sandworm.

Also Read: Changes to the access and correction obligations you should know

Ukrainian networks attacked with destructive malware

The offensive cyberattacks detected by MSTIC researchers right before the Russian invasion followed several other series of malware attacks since the start of 2021.

Earlier this month, newly discovered HermeticWiper malware was used to target Ukraine together with ransomware decoys to wipe data and render devices unbootable.

In January, the country was struck by another series of malware attacks deploying the WhisperGate wiper disguised as a ransomware payload.

Over the weekend, CISA and the FBI warned US organizations that the data wiping attacks against Ukraine could spill over to other countries, urging US orgs to “increase vigilance” and reinforce their defenses.

The same day, Ukraine’s Vice Prime Minister Mykhailo Fedorov also revealed the creation of an “IT army” to help the country “fight on the cyber front.”

Right before the war started, the Ukrainian Security Service (SSU) reported that Ukraine was being targeted by a “massive wave of hybrid warfare.”

Update: Added HermeticWiper info and updated title.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us