KEEP IN TOUCH
Subscribe to our mailing list to get free tips on Data Protection and Cybersecurity updates weekly!
The holiday season is here, but there is no rest for our weary admins as ransomware gangs are still conducting attacks over the Christmas and New Years breaks.
This is especially true this year, with the rampant Log4j exploitation over the past few weeks leading to compromised networks that are ripe for ransomware deployment while the workforce is on vacation.
Network admins and security researchers are already reporting that BlackCat/ALPHV affiliates continue to attack the enterprise today as we move into the Christmas weekend, so it is vital to keep an eye on your networks and respond quickly to unusual behavior.
Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business
Good luck out there and wishing everyone a very happy and uneventful holiday season!
Contributors and those who provided new ransomware information and stories this week include: @LawrenceAbrams, @Ionut_Ilascu, @PolarToffee, @BleepinComputer, @struppigel, @Seifreed, @VK_Intel, @billtoulas, @serghei, @jorntvdw, @FourOctets, @malwareforme, @fwosar, @JakubKroustek, @DanielGallagher, @malwrhunterteam, @demonslay335, @ValeryMarchive, @ESETresearch, @LabsSentinel, @SophosLabs, @threatresearch, @NCCGroupplc, @pcrisk, @th3_protoCOL, @0daydorpher, and @siri_urz.
Jakub Kroustek found a new Dharma ransomware variant that appends the .ver extension.
PCrisk found a new STOP ransomware variant that appends the .nnqp extension to encrypted files.
PCrisk found a new Dharma ransomware variant that appends the .C1024 extension to encrypted files.
ESET discovered a new FreeBSD version of the SFile ransomware.
Security analysts from NCC Group report that ransomware attacks in November 2021 increased over the past month, with double-extortion continuing to be a powerful tool in threat actors’ arsenal.
Jakub Kroustek found a new Dharma ransomware variant that appends the .RED extension.
Also Read: Data Protection Officer Singapore | 10 FAQs
PCrisk found a new Phobos ransomware variant that appends the .health extension to encrypted files.
In recent attacks, the AvosLocker ransomware gang has started focusing on disabling endpoint security solutions that stand in their way by rebooting compromised systems into Windows Safe Mode.
S!Ri found a new ransomware that appends the .surtr extension to encrypted files.
A new ransomware operation named Rook has appeared recently on the cyber-crime space, declaring a desperate need to make “a lot of money” by breaching corporate networks and encrypting devices.
As first reported by Valéry Marchive, less than a week before the Christmas holiday, French IT services company Inetum Group was hit by a ransomware attack that had a limited impact on the business and its customers.
It’s not uncommon for ransomware gangs to take a bit of time off during the holidays. However, looks like BlackCat affiliates are continuing to work through the holidays.
Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.
Singapore
7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987
Latest resources sent to your inbox weekly
© 2025 Privacy Ninja. All rights reserved
Subscribe to our mailing list to get free tips on Data Protection and Cybersecurity updates weekly!
Subscribe to our mailing list to get free tips on Data Protection and Cybersecurity updates weekly!