fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week in Ransomware – February 11th 2022 – Maze, Egregor Decryptors

The Week in Ransomware – February 11th 2022 – Maze, Egregor Decryptors

We saw the Maze ransomware developers reemerge briefly this week as they shared the master decryption keys for the Egregor, Maze, and Sekhmet ransomware operations.

After the Maze ransomware operation began shutting down in October 2020, it was always hoped that they would publicly release decryption keys to allow remaining victims to recover their files.

Tuesday night, almost fourteen months later, the alleged ransomware developer released the decryption keys in a BleepingComputer forum post.

While the developer says they had always planned to publish the keys, it is generally believed that they did it now as a gesture of goodwill due to the recent arrests and server seizures.

Using these keys, cybersecurity firm Emsisoft created a decryptor allowing victims to recover their files for free.

The other big news is the sentencing of a Netwalker ransomware affiliate from Canada, who obtained more than $27.6 million by attacking companies worldwide. After pleading guilty, the affiliate was sentenced to six years and eight months in prison.

This week’s other interesting ransomware news includes publishing LockBit 2.0 ransomware technical details by the FBI, a free decryptor for the TargetCompany ransomware, and Puma announcing a data breach due to the Kronos ransomware attack.

Also Read: This Educator Aims to Make Good Cyber Hygiene a Household Practice

Contributors and those who provided new ransomware information and stories this week include: @Seifreed@billtoulas@malwareforme@VK_Intel@BleepinComputer@FourOctets@DanielGallagher@serghei@malwrhunterteam@jorntvdw@fwosar@Ionut_Ilascu@PolarToffee@LawrenceAbrams@demonslay335@struppigel@chainalysis@emsisoft@Avast@LadislavZezula@coveware@ddd1ms@BrettCallow@pcrisk@USCERT_gov, and @CISAgov.

February 5th 2022

BlackCat (ALPHV) ransomware linked to BlackMatter, DarkSide gangs

The Black Cat ransomware gang, also known as ALPHV, has confirmed they are former members of the notorious BlackMatter/DarkSide ransomware operation.

FBI shares Lockbit ransomware technical details, defense tips

The Federal Bureau of Investigation (FBI) has released technical details and indicators of compromise associated with LockBit ransomware attacks in a new flash alert published this Friday.

February 6th 2022

Law enforcement action push ransomware gangs to surgical attacks

The numerous law enforcement operations leading to the arrests and takedown of ransomware operations in 2021 have forced threat actors to narrow their targeting scope and maximize the efficiency of their operations.

February 7th 2022

Free decryptor released for TargetCompany ransomware victims

Czech cybersecurity software firm Avast has released a decryption utility to help TargetCompany ransomware victims recover their files for free.

Puma hit by data breach after Kronos ransomware attack

Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021.

New STOP Ransomware variants

PCrisk found new STOP ransomware variants that append the .cuag and .avyu extensions.

Also Read: The 5 Phases of Penetration Testing You Should Know

February 8th 2022

NetWalker ransomware affiliate sentenced to 80 months in prison

Sebastien Vachon-Desjardins, a Canadian man charged by the US for his involvement in NetWalker ransomware attacks, was sentenced to 6 years and 8 months in prison after pleading guilty before an Ontario judge to multiple offenses linked to attacks on 17 Canadian victims.

February 9th 2022

Ransomware dev releases Egregor, Maze master decryption keys

The master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations were released last night on the BleepingComputer forums by the alleged malware developer.

Forum post

Emsisoft releases a decryptor for Maze / Sekhmet / Egregor

Emsisoft created a decryptor allowing Maze, Sekhmet, and Egregor victims to recover their files for free.

New Phobos Ransomware variants

PCrisk found a new Phobos ransomware variant that appends the .ZOZL extension.

2021 Trends Show Increased Globalized Threat of Ransomware

In 2021, cybersecurity authorities in the United States,[1][2][3] Australia,[4] and the United Kingdom[5] observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) observed incidents involving ransomware against 14 of the 16 U.S. critical infrastructure sectors, including the Defense Industrial Base, Emergency Services, Food and Agriculture, Government Facilities, and Information Technology Sectors. The Australian Cyber Security Centre (ACSC) observed continued ransomware targeting of Australian critical infrastructure entities, including in the Healthcare and Medical, Financial Services and Markets, Higher Education and Research, and Energy Sectors. The United Kingdom’s National Cyber Security Centre (NCSC-UK) recognizes ransomware as the biggest cyber threat facing the United Kingdom. Education is one of the top UK sectors targeted by ransomware actors, but the NCSC-UK has also seen attacks targeting businesses, charities, the legal profession, and public services in the Local Government and Health Sectors.

February 10th 2022

As Ransomware Payments Continue to Grow, So Too Does Ransomware’s Role in Geopolitical Conflict

Sure enough, we updated our ransomware numbers a few times throughout 2021, reflecting new payments we hadn’t identified previously. As of January 2022, we’ve now identified just over $692 million in 2020 ransomware payments — nearly double the amount we initially identified at the time of writing last year’s report.

Chainalysis In Action: How FBI Investigators Traced DarkSide’s Funds Following the Colonial Pipeline Ransomware Attack

One month later, there was good news: The Department of Justice announced that it had managed to seize $2.3 million worth of Bitcoin from Colonial’s ransom payment following an FBI investigation. Chainalysis is proud to say that our tools aided the FBI, and that we can now share details of how investigators tracked the funds following the attack.

February 11th 2022

.NET ransomware impersonates REvil

Karsten Hahn found a .NET ransomware that impersonates REvil by copying the ransom note and Tor site.

New STOP Ransomware variants

PCrisk found new STOP ransomware variants that append the .iips and .ccps extensions.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us