fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing

        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing

        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing

        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing

        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training

        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing

        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review

        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention

        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise

        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle

        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

I'VE BEEN BREACHED

The Week in Ransomware – December 3rd 2021 – Seizing Bitcoin

The Week in Ransomware – December 3rd 2021 – Seizing Bitcoin

For this week’s ‘Week in Ransomware’ article we have included the latest ransomware news over the past two weeks.

The biggest news over the past two weeks is the unsealing of a United States’ Complaint for Forfeiture detailing how the FBI seized 39.89138522 bitcoins from an Exodus wallet belonging to an REvil affiliate. Based on the email listed in the court document, it is believed that the affiliate is one known as ‘Lalartu.’

We also learned that the BlackByte ransomware gang exploits the Microsoft Exchange ProxyShell vulnerabilities to gain initial access to internal networks. Therefore, make sure to update your servers.

The FBI also disclosed that Cuba ransomware has attacked 49 US critical infrastructure orgs and received at least US $43.9 million in ransom payments.

Finally, some of the attacks we learned about over the past two weeks include Planned Parenthood Los AngelesSwire Pacific Offshore, and Correos Express.

Contributors and those who provided new ransomware information and stories this week include: @fwosar@DanielGallagher@BleepinComputer@PolarToffee@malwrhunterteam@Ionut_Ilascu@jorntvdw@Seifreed@FourOctets@billtoulas@struppigel@demonslay335@serghei@VK_Intel@malwareforme@LawrenceAbrams@redcanary@John_Fokker@Mandiant@siri_urz@teachemtechy@fbgwls245@pcrisk@Kangxiaopao@Amigo_A, and @ValeryMarchive.

Also Read: The 12 Important Details for Employment Contract Template

November 22nd 2021

Wind turbine giant Vestas’ data compromised in cyberattack

Vestas Wind Systems, a leader in wind turbine manufacturing, has shut down its IT systems after suffering a cyberattack.

US govt warns of increased ransomware risks during holidays

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warned critical infrastructure partners and public/private sector organizations not to let down their defenses against ransomware attacks during the holiday season.

New Dharma Ransomware variant

PCrisk found a new Dharma ransomware variant that appends the .NEEH extension.

November 24th 2021

New Thanos variant

dnwls0719 found a new Thanos variant that appends the .xot5ik extension.

November 25th 2021

New STOP Ransomware variant

PCrisk found a new STOP ransomware variant that appends the .robm extension.

Also Read: Is it Illegal to Email Someone Without Their Permission?

New AV Ghost ransomware

xiaopao found a new Av Ghost ransomware that appends the AvGhost extension and drops a ransom note named AvGhost.txt.

AV Ghost ransomware

November 26th 2021

Marine services provider Swire Pacific Offshore hit by ransomware

Marine services giant Swire Pacific Offshore (SPO) has suffered a Clop ransomware attack that allowed threat actors to steal company data.

New Rook Ransomware

Zack Allen found a new ransomware called ‘Rook’ that is based on Babuk and appends the .rook extension to encrypted files.

Rook ransomware

New STOP Ransomware variant

PCrisk found a new STOP ransomware variant that appends the .rigj extension.

November 29th 2021

New Phobos Ransomware variant

PCrisk found a new Phobos ransomware variant that appends the .XIIIextension.

November 30th 2021

Yanluowang ransomware operation matures with experienced affiliates

An affiliate of the recently discovered Yanluowang ransomware operation is focusing its attacks on U.S. organizations in the financial sector using BazarLoader malware in the reconnaissance stage.

FBI seized $2.3M from affiliate of REvil, Gandcrab ransomware gangs

The FBI seized $2.3 million in August from a well-known REvil and GandCrab ransomware affiliate, according to court documents seen by BleepingComputer.

New Blue Locker Ransomware

Siri found a new Blue Locker that appends the .blue extension to encrypted files.

Blue Locker

December 1st 2021

Microsoft Exchange servers hacked to deploy BlackByte ransomware

The BlackByte ransomware gang is now breaching corporate networks by exploiting Microsoft Exchange servers using the ProxyShell vulnerabilities.

Planned Parenthood LA discloses data breach after ransomware attack

Planned Parenthood Los Angeles has disclosed a data breach after suffering a ransomware attack in October that exposed the personal information of approximately 400,000 patients.

Ransomware: the Spanish Correos Express appears to be confronted with Hive

The Spanish specialist in express parcel delivery Correos Express seems to be having difficulties in providing its services. A sample of Hive ransomware suggests a cyberattack that occurred around November 27.

New STOP Ransomware variant

PCrisk found a new STOP ransomware variant that appends the .moiaextension.

December 2nd 2021

New Hello Ransomware

Siri found a new ransomware calling itself ‘Hello’ that uses an interesting ransom note and appends the .hello extension.

Hello ransomware

December 3rd 2021

FBI: Cuba ransomware breached 49 US critical infrastructure orgs

The Federal Bureau of Investigation (FBI) has revealed that the Cuba ransomware gang has compromised the networks of at least 49 organizations from US critical infrastructure sectors.

DailyMail.com tracked suspected Yeveniy Polyanin

DailyMail allegedly tracked down Yeveniy Polyanin, a member of the REvil ransomware group.

New Makop variant

dnwls0719 found a new Makop ransomware variant that appends the .mkp extension.

New STOP Ransomware variant

PCrisk found a new STOP ransomware variant that appends the .yqalextension.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

Let us help you out.

Grab your free consultation NOW!

Privacy Ninja

Data Protection​

Cybersecurity

Support

Company

Locations

Singapore

7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987

Thailand

The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand



email-icon
Facebook Twitter Linkedin Youtube

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

× Chat with us