fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Police Arrest Two In Data Theft Cyberattack On Leonardo Defense Corp

Police Arrest Two In Data Theft Cyberattack On Leonardo Defense Corp

Italian police have arrested two people allegedly for using malware to steal 10 GB of confidental data and military secrets from defense company Leonardo S.p.A.

Leonardo is one of the world’s largest defense contractors, with 30% of the company owned by the Italian Ministry of Economy and Finance. As a multi-national company, they are headquartered in Italy but have a large presence in the United Kingdom and the United States.

According to Italian media, police arrested one person for allegedly using USB keys to infect 94 workstations with a trojan named ‘cftmon.exe.’ This trojan was likely named after the legitimate Windows file located at C:\Windows\system32\ctfmon.exe to evade detection.

The malware is said to have been used for two years, between 2015 and 2017, to steal data and send it back to a command and control server at ‘fujinama.altervista.org.’

This C2 server has since been seized by the Polizia di Stato who has placed a seizure message on the website, as shown below.

Polizia di Stato website seizure
Polizia di Stato website seizure

The exfiltrated data included confidential accounting information, military secrets, and aircraft designs.

Also Read: Limiting Location Data Exposure: 8 Best Practices

“Overall, data for 10 gigabytes, that is about 100,000 files , concerning administrative-accounting management, the use of human resources, the procurement and distribution of capital goods, as well as the  design of civil aircraft components and military aircraft for the Italian and international market were exfiltrated . Also capture credentials for accessing personal information of Leonardo spa employees,”, Agi.it reports.

The head of Leonardo’s cyber-emergency team was also placed under house arrest for allegedly misrepresenting the scope of the attack and hindering the investigation.

The prosecutors state that Leonardo’s security systems did not detect the malware as it was designed by the employee and not previously seen by antivirus programs.

In response to this news, Leonardo issued a statement that they initiated the investigation after filing an official complaint with the courts.

“With regards to the current measures adopted by the Naples judiciary, Leonardo announces that the investigation comes from a complaint by the Company’s security that has been followed by others. The measures concern a former collaborator who is not an employee of Leonardo, and a non-executive employee of the Company.”

“The Company, which is obviously the injured party in this affair, has provided maximum cooperation since the beginning and will continue to do so to enable the investigators to clarify the incident, and for its own protection. Finally, it should be noted that classified or strategic data is processed in segregated areas, without connectivity, and not within the Pomigliano plant,” Leonardo said in a statement.

Also Read: 10 Practical Benefits of Managed IT Services

Update 12/5/2020: Updated article to contain the correct C2 server. Thanks James for the correction.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us