fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Kaseya Warns of Phishing Campaign Pushing Fake Security Updates

Kaseya Warns of Phishing Campaign Pushing Fake Security Updates

Kaseya has warned customers that an ongoing phishing campaign attempts to breach their networks by spamming emails bundling malicious attachments and embedded links posing as legitimate VSA security updates.

“Spammers are using the news about the Kaseya Incident to send out fake email notifications that appear to be Kaseya updates. These are phishing emails that may contain malicious links and/or attachments,” the company said in an alert issued on Thursday evening.

“Do not click on any links or download any attachments claiming to be a Kaseya advisory. Moving forward, Kaseya email updates will not contain any links or attachments.”

Attackers try to backdoor recipients’ systems

While the company did not provide additional details regarding these attacks, the warning perfectly lines up with another series of malspam emails targeting Kaseya customers with Cobalt Strike payloads.

As BleepingComputer first reported, Malwarebytes Threat Intelligence researchers have recently discovered a series of phishing attacks trying to take advantage of the ongoing Kaseya ransomware crisis.

“A malspam campaign is taking advantage of Kaseya VSA ransomware attack to drop CobaltStrike,” Malwarebytes researchers said.

Also Read: Got Hacked? Here Are 5 Ways to Handle Data Breaches

“It contains an attachment named ‘SecurityUpdates.exe’ as well as a link pretending to be security update from Microsoft to patch Kaseya vulnerability!”

Kaseya phishing email sample (Malwarebytes)
Kaseya phishing email sample (Malwarebytes)

The attackers’ end goal is to deploy Cobal Strike beacons on the recipients’ devices to backdoor them and steal sensitive info or deliver more malware payloads.

Once the targets run the malicious attachment or download and execute the fake Microsoft update on their devices, the attackers gain persistent remote access to the now compromised systems.

In June, following the Colonial Pipeline attack, threat actors also used fake systems updates claiming to help block ransomware infections.

These two campaigns highlight that cybercriminals behind phishing attacks keep up with the latest news to push lures relevant to recent events to boost their campaigns’ success rates.

Given that Kaseya has so far failed to deploy a fix for the VSA zero-day exploited by REvil, some of its customers might fall for this campaign’s tricks in their effort to protect their networks from attacks.

Light at the end of the tunnel

The highly-publicized REvil ransomware attack that hit Kaseya and approximately 1,500 of their direct customers and downstream businesses makes for a perfect lure theme.

After the attack was disclosed, CISA and the FBI have shared guidance on how to deal with the attack’s aftermath, and the White House National Security Council is urging victims to follow the guidance issued by Kaseya and report incidents to the FBI.

Also Read: Compliance Course Singapore: Spotlight on the 3 Offerings

However, despite the attack’s massive reach, which has led to some calling the largest ransomware attack ever, multiple victims told BleepingComputer that their backups were not affected, and they are restoring systems rather than paying a ransom.

Victims who do ultimately pay REvil’s ransoms will likely only do so because their backups failed or they had no backups, to begin with.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us