fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

France Warns of Nobelium Cyberspies Attacking French Orgs

France Warns of Nobelium Cyberspies Attacking French Orgs

The French national cyber-security agency ANSSI said today that the Russian-backed Nobelium hacking group behind last year’s SolarWinds hack has been targeting French organizations since February 2021.

While ANSSI (short for Agence Nationale de la Sécurité des Systèmes d’Information) has not determined how Nobelium compromised email accounts belonging to French orgs, it added that the hackers used them to deliver malicious emails targeting foreign institutions.

In turn, French public orgs were also the targets of spoofed emails sent from servers belonging to foreign entities, believed to be compromised by the same threat actor.

The infrastructure used by Nobelium in the attacks against French entities was mainly set up using virtual private servers (VPS) from different hosting companies (favoring servers from OVH and located close to the targeted countries).

Also Read: Lessons from PDPC Incident and Undertaking: August 2021 Cases

“Overlaps have been identified in the tactics, techniques & procedures (TTP) between the phishing campaigns monitored by ANSSI and the SOLARWINDS supply chain attack in 2020,” ANSSI explained in a report published today.

To defend against this hacking group’s attacks, ANSSI recommends restricting the execution of email attachments to block malicious files delivered in phishing campaigns.

The French cyber-security agency also advises at-risk organizations to tighten Active Directory security (and AD servers in particular) using its Active Directory security hardening guide.

CERT-FR Nobelium attacks

Nobelium and its high profile targets

Nobelium, the hacking group behind last year’s SolarWinds supply-chain attack, which led to the breach of multiple US federal agencies, is the hacking division of the Russian Foreign Intelligence Service (SVR), also tracked as APT29, The Dukes, or Cozy Bear.

The US government formally accused the SVR division in April of orchestrating the “broad-scope cyber espionage campaign” that hit SolarWinds.

Cybersecurity firm Volexity also linked the attacks to the same threat actor based on tactics observed in incidents starting with 2018.

Also Read: Data Minimization; Why Bigger is Not Always Better

In May, the Microsoft Threat Intelligence Center (MSTIC) shared info on a Nobelium phishing campaign targeting government agencies from 24 countries worldwide.

As further reported by Microsoft in recent months, Nobelium is still targeting the global IT supply chain, having attacked 140 managed service providers (MSPs) and cloud service providers and breached at least 14 since May 2021.

Nobelium also targeted Active Directory Federation Services (AD FS) servers, attempting to compromise governments, think tanks, and private companies from the US and Europe using a new passive and highly targeted backdoor dubbed FoggyWeb.

Microsoft revealed in October that Nobelium was the most active Russian hacking group between July 2020 and June 2021, coordinating the attacks behind 92% of alerts Microsoft sent to customers regarding Russia-based threat activity.

Earlier today, Mandiant linked the hacking group to attempts to breach government and enterprise networks around the world by targeting their MSPs with a new backdoor dubbed Ceeloader designed to deploy further malware and harvest sensitive info of political interest to Russia.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us