fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

UK Govt Warns Thousands of SMBs Their Online Stores Were Hacked

UK Govt Warns Thousands of SMBs Their Online Stores Were Hacked

The UK’s National Cyber Security Centre (NCSC) says it warned the owners of more than 4,000 online stores that their sites were compromised in Magecart attacks to steal customers’ payment info.

In Magecart attacks (also known as web skimming, digital skimming, or e-Skimming), threat actors inject scripts known as credit card skimmers (aka payment card skimmers or web skimmers) into compromised online stores to harvest and steal the payment and/or personal info submitted by customers at the checkout page.

The attackers will later use this data for various financial and identity theft fraud schemes or sell it to the highest bidder on hacking or carding forums.

Also Read: Limiting Location Data Exposure: 8 Best Practices

Victims urged to keep their software up-to-date

“The National Cyber Security Centre – a part of GCHQ – proactively identified 4,151 compromised online shops up to the end of September and alerted retailers to these security vulnerabilities,” the UK cybersecurity agency said.

“The majority of the online shops used for skimming identified by the NCSC had been compromised via a known vulnerability in Magento, a popular e-commerce platform.”

NCSC monitored these shops since April 2020 and issued warnings to site owners and small and medium-sized enterprises (SMEs) after discovering the compromised e-commerce sites via its Active Cyber Defence program.

Impacted online retailers were urged to keep Magento — and any other software they use — up-to-date to block attackers’ attempts to breach their servers and compromise their online shops and customers’ information during Black Friday and Cyber Monday.

“We want small and medium-sized online retailers to know how to prevent their sites being exploited by opportunistic cyber criminals over the peak shopping period,” said Sarah Lyons, NCSC Deputy Director for Economy and Society.

“It’s important to keep websites as secure as possible and I would urge all business owners to follow our guidance and make sure their software is up to date.”

Also Read: 10 Practical Benefits of Managed IT Services

Guidance for shoppers also available

The agency also provides guidance for individuals and families who want to shop online securely, advising them to only shop on trusted online stores, use credit cards for online payments, and always watch out for suspicious emails and text messages with offers that seem too good to be true.

The US Cybersecurity and Infrastructure Security Agency (CISA) also provides security tips on how to stay safe online while shopping.

FBI’s Internet Crime Complaint Center (IC3) tips can also help avoid being victimized while shopping online. The FBI’s advisory includes actionable advice on what to do if you fall prey to an online shopping scam or Magecart attack.

“On Black Friday and Cyber Monday the hackers will be out to steal shoppers’ cash and damage the reputations of businesses by making their websites into cyber traps,” said Steve Barclay, Chancellor of the Duchy of Lancaster.

“It’s critical, with more and more trade moving online, to protect your business and your customers by following the guidance provided by the National Cyber Security Centre and British Retail Consortium.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us