fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

CISA: Hackers Breached US Govt Using More Than SolarWinds Backdoor

CISA: Hackers Breached US Govt Using More Than SolarWinds Backdoor

The US Cybersecurity and Infrastructure Security Agency (CISA) said that the APT group behind the recent compromise campaign targeting US government agencies used more than one initial access vector.

“CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however, these are still being investigated. CISA will update this Alert as new information becomes available,” the agency said.

“Not all organizations that have the backdoor delivered through SolarWinds Orion have been targeted by the adversary with follow-on actions.”

Hard to remove from compromised networks

The APT group, suspected to be the Russian state-sponsored APT29 (aka Cozy Bear and The Dukes), was present on the networks of compromised organizations for long periods of time according to CISA.

Also Read: IT Governance Framework PDF Best Practices And Guidelines

Additionally, the agency said that it is very likely that the threat actor behind this coordinated hacking campaign made use of other tactics, techniques, and procedures (TTPs) that have not yet been discovered as part of ongoing investigations.

The agency is also currently investigating incidents where it found TTPs consistent with this ongoing malicious activity, “including some where victims either do not leverage SolarWinds Orion or where SolarWinds Orion was present but where there was no SolarWinds exploitation activity observed.”

“CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations,” the US risk advisor added.

“This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.”

Additional technical details including info on initial infection vectors, tactics, techniques, and procedures (TTPs) used in this campaign, mitigation measures, and indicators of compromise are available in CISA’s AA20-352A alert.

US govt hacks officially confirmed

The compromise of multiple US federal networks after the SolarWinds breach was officially confirmed today for the first time in a joint statement issued by the FBI, CISA, and the ODNI.

“This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government,” the US intelligence agencies said.

Microsoft, FireEye, and GoDaddy have collaborated to create a kill switch for the SolarWinds backdoor to force the malware to delete itself from compromised networks.

Also Read: How Bank Disclosure Of Customer Information Work For Security

The backdoor, tracked as Solarigate by Microsoft and Sunburst by FireEye, was distributed via SolarWinds’ auto-update mechanism onto the systems of approximately 18,000 customers.

The list of US government targets compromised so far in this campaign includes the US Treasury, the US Department of State, US NTIA, US NIH, DHS-CISA, and the US Department of Homeland Security.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us