fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

FBI Warns Of Vishing Attacks Stealing Corporate Accounts

FBI Warns Of Vishing Attacks Stealing Corporate Accounts

The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts and credentials for network access and privilege escalation from US and international-based employees.

Vishing (also known as voice phishing) is a social engineering attack where attackers impersonate a trusted entity during a voice call to persuade their targets into revealing sensitive information such as banking or login credentials.

According to the TLP:WHITE Private Industry Notification (PIN) shared on Friday [PDF], the threat actors are using Voice over Internet Protocol (VoIP) platforms (aka IP telephony services) to target employees of companies worldwide, ignoring their corporate level.

“During COVID-19 shelter-in-place and social distancing orders, many companies had to quickly adapt to changing environments and technology,” the PIN reads. “With these restrictions, network access and privilege escalation may not be fully monitored.”

Phishing sites used to collect VPN credentials

During the attacks, the attackers tricked the targeted employees into logging into a phishing webpage they controlled to harvest their usernames and passwords.

In multiple cases, once they gained access to the company’s network, the threat actors gained greater network access than expected allowing them to escalate privileges using the compromised employees’ accounts.

Also Read: Key PDPA Amendments 2019/2020 You Should Know

This allows them to gain further access into the infiltrated networks, oftentimes being able to generate significant financial damage.

“In one instance, the cybercriminals found an employee via the company’s chatroom, and convinced the individual to log into the fake VPN page operated by the cybercriminals,” the FBI said.

“The actors used these credentials to log into the company’s VPN and performed reconnaissance to locate someone with higher privileges.

“The cybercriminals were looking for employees who could perform username and e-mail changes and found an employee through a cloud-based payroll service.

“The cybercriminals used a chatroom messaging service to contact and phish this employee’s login credentials.”

Second corporate vishing warning in one year

This is the second warning alerting of active vishing attacks targeting employees issued by the FBI since the start of the pandemic after an increasing number of them have become teleworkers.

In August 2020, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory warning remote workers of an ongoing vishing campaign targeting companies from several US industry sectors.

“In mid-July 2020, cybercriminals started a vishing campaign — gaining access to employee tools at multiple companies with indiscriminate targeting—with the end goal of monetizing the access,” the agencies said at the time.

“Using vished credentials, cybercriminals mined the victim company databases for their customers’ personal information to leverage in other attacks.”

Also Read: The 5 Benefits Of Outsourcing Data Protection Officer Service

In the August attacks, the threat actors also used maliciously crafted sites cloning the targeted companies’ internal VPN login pages which also enabled them to harvest two-factor authentication (2FA) or one-time passwords (OTP).

After tricking the victims into approving the OTP or 2FA prompts, the scammers gained control of their cellphones and bypassed 2FA and OTP authentication in a SIM swap attack.

To help companies and employees mitigate this type of phishing attacks, the FBI shared a series of recommendations:

  • Implement multi-factor authentication (MFA) for accessing employees’ accounts in order to minimize the chances of an initial compromise.
  • When new employees are hired, network access should be granted on a least privilege scale. Periodic review of this network access for all employees can significantly reduce the risk of compromise of vulnerable and/or weak spots within the network.
  • Actively scanning and monitoring for unauthorized access or modifications can help detect a possible compromise in order to prevent or minimize the loss of data.
  • Network segmentation should be implemented to break up one large network into multiple smaller networks which allows administrators to control the flow of network traffic.
  • Administrators should be issued two accounts: one account with admin privileges to make system changes and the other account used for email, deploying updates, and generating reports.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us