fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Emotet Malware Hits Lithuania’s National Public Health Center

Emotet Malware Hits Lithuania’s National Public Health Center

The internal networks of Lithuania’s National Center for Public Health (NVSC) and several municipalities have been infected with Emotet malware following a large campaign targeting the country’s state institutions.

“When infected recipients opened infected messages, the virus entered the internal networks of the institutions,” NVSC officials said in a statement published today.

“Infected computers, after downloading additional files, began sending fake emails or engaging in other types of malicious activity.”

Lithuanian government officials, ministry representatives, and epidemiological diagnostics experts that have previously been contacted by NVSC specialists via email have all received Emotet-infected emails from infected systems.

The NVSC e-mail systems have been temporarily shut down on Tuesday to stop the further spread of the virus.

NVSC information technology specialists, together with experts from the Central State Telecommunications Center and the National Cyber ​​Security Center currently working on cleaning affected systems of the Emotet infection, as well as on recovering NVSC e-mails and restoring email access.

Also Read: A Look at the Risk Assessment Form Singapore Government Requires

Emails sent as replies to previous conversations

Rytis Rainys, Director of the Lithuanian National Cyber ​​Security Center (NKSC), warned that the Emotet emails sent as replies to previous conversations distributed malicious code using password-protected archives as attachments, with the password shared in the email body.

This prevented anti-malware solutions from detecting the malicious emails which made it possible for the targeted individuals to open the attachment and infect themselves.

Stealing reply-chain emails is a known Emotet tactic used to camouflage malicious emails as parts of existing conversations for higher credibility and better infection rates in future spam campaigns.

The tactic is also being used by the Qbot trojan, and it was previously by the Gozi ISFB banking trojan and the URSNIF information-stealing trojan.

This is the second large Emotet campaign that has targeted Lithuania this year, with a previous one detected by the NKSC in October.

The NKSC published an advisory at the time recommending potential targets (including but not limited to state institutions and companies) to enable and properly configure Sender Policy Framework (SPF) email authentication.

Emotet is back in business

After a break of a month and a half, the Emotet botnet was revived on December 21st [12], and Microsoft spotted an ongoing campaign delivering “a wide range of lures in massive volumes of emails, the use of fake replies or forwarded emails, password-protected archive attachments.”

“The new Emotet campaign still uses documents that contain malicious macro that, when enabled, connects to seven malicious domains to download the Emotet payload,” Microsoft Security Intelligence tweeted.

Emotet was first spotted in 2014 as a banking Trojan and has now evolved into a botnet used by the TA542 threat group (aka Mummy Spider) to deploy second-stage malware payloads on infected systems.

The payloads Emotet drops on compromised computers include the QakBot and Trickbot (which also deploys both Ryuk and Conti ransomware) trojans.

Also Read: How to Send Mass Email Without Showing Addresses: 2 Great Workarounds

Before going on a break, Emotet has targeted multiple US state and local governments in potentially targeted campaigns according to an advisory published by DHS-CISA in October.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us