fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

VMware Latest To Confirm Breach In SolarWinds Hacking Campaign

VMware Latest To Confirm Breach In SolarWinds Hacking Campaign

VMware is the latest company to confirm that it had its systems breached in the recent SolarWinds attacks but denied further exploitation attempts.

The company said that the hackers did not make any efforts to further exploiting their access after deploying the backdoor now tracked as Sunburst or Solarigate.

“[W]hile we have identified limited instances of the vulnerable SolarWinds Orion software in our own internal environment, our own internal investigation has not revealed any indication of exploitation,” the company said in a statement.

“This has also been confirmed by SolarWinds own investigations to date,” VMware added.

VMware zero-day exploit not used in recent high-profile hacks

VMware also disputed media reports that a zero-day vulnerability in multiple VMware products reported by the NSA was used as an additional attack vector besides the SolarWinds Orion platform to compromise high-profile targets.

The vulnerability tracked as CVE 2020-4006 was publicly disclosed in November and addressed during early December.

The National Security Agency (NSA) issued an advisory three days later, after the security flaw was addressed, saying that Russian nation-state hackers have been exploiting the vulnerability to gain access to protected data on impacted systems.

The reports have been prompted by an alert issued by the US Cybersecurity and Infrastructure Security Agency (CISA) saying that the APT group behind the ongoing compromise campaign targeting US government agencies used more than one initial access vector.

Also Read: Letter of Consent MOM: Getting the Details Right

“CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however, these are still being investigated,” the agency said.

“Not all organizations that have the backdoor delivered through SolarWinds Orion have been targeted by the adversary with follow-on actions.”

However, VMware denied that CVE-2020-4006 exploits were used as an additional method to breach government agencies in the recent surge of attacks.

“To date, VMware has received no notification that the CVE-2020-4006 was used in conjunction with the SolarWinds supply chain compromise,” the company said.

Customers urged to patch systems

While CVE-2020-4006 has not been abused in any of the breaches associated with the SolarWinds supply chain attack, VMware says that all customers should apply the security updates for affected products.

“VMware encourages all customers to apply the latest product updates, security patches and mitigations made available for their specific environment,” the company said.

“VMware strongly encourages all customers to please visit VMSA-2020-0027 as the centralized source of information for CVE 2020-4006.”

FireEye is currently tracking the threat actor behind the SolarWinds supply chain attack as UNC2452, while Volexity has linked the activity to a threat actor tracked as Dark Halo.

Dark Halo operators have been behind multiple malicious campaigns between late 2019 and July 2020 according to Volexity, targeting and successfully breaching the same US-based think tank three times in a row.

Unconfirmed media reports also cited sources connecting these recent attacks to APT29 (aka Cozy Bear), a nation-state hacking group linked to the Russian Foreign Intelligence Service (SVR).

Also Read: A Look at the Risk Assessment Form Singapore Government Requires

However, cybersecurity companies and researchers including FireEye, Microsoft, and Volexity, have not yet attributed these attacks to APT29 at this time.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us