fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Ryuk Successor Conti Ransomware Releases Data Leak Site

Ryuk Successor Conti Ransomware Releases Data Leak Site

Ransomware lock

Conti ransomware, the successor of the notorious Ryuk, has released a data leak site as part of their extortion strategy to force victims into paying a ransom.

In the past, when the TrickBot trojan infected a network, it would eventually lead to the deployment of the Ryuk ransomware as a final attack.

According to Advanced Intel’s Vitali Kremez, since July 2020, Ryuk is no longer being deployed, and in its place, the TrickBot-linked operators, are now deploying the Conti ransomware.

Conti is a relatively new private Ransomware-as-a-Service (RaaS) that has recruited experienced hackers to distribute the ransomware in exchange for a large share of the ransom payment.

Submissions to ransomware identification site ID Ransomware also show the increased activity of Conti ransomware since June 15th.

Conti submissions to ID-R
Conti submissions to ID-R

Ryuk on the other hand, has seen a steady decline since July.

Ryuk subnmissions
Ryuk subnmissions

Also read: How to Make Data Protection Addendum Template in Simple Way

Conti releases a data leak site

When human-operated ransomware operations attack a corporate network, they commonly steal unencrypted data before encrypting the files.

This stolen data is then used as leverage to get a victim to pay the ransom under threat that the files will be released on ransomware data leak sites.

Conti ransomware has been active since this summer, but it wasn’t until recently that it released its own ‘Conti.News’ data leak site.

Conti data leak site
Conti data leak site

This data leak site currently lists twenty-six victims, with some of the names being large and well-known companies.

For each victim listed, a dedicated page is created that contains samples of the stolen data.

Leaked data
Leaked data

The ransomware’s adoption stealing data to be used in extortion is also reflected in the latest ransom notes from Conti.

In the past, the ransomware operators would just include a message that the victim was encrypted, and include two email addresses to contact them.

Conti ransom notes now include specific language stating that they will publish a victim’s data if a ransom is not paid, as shown below. 

Conti ransom note
Conti ransom note

Other ransomware operations that steal or have stolen unencrypted files to extort their victims include Ako, Avaddon, Clop, CryLock, DoppelPaymer, Maze, MountLocker, Nemty, Nephilim, Netwalker, Pysa/Mespinoza, Ragnar Locker, REvil, Sekhmet, Snatch, and Snake.

Also read: AI Auditing Framework: Draft Guidance for Organizations

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us