fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

NFL’s San Francisco 49ers hit by Blackbyte Ransomware Attack

NFL’s San Francisco 49ers hit by Blackbyte Ransomware Attack

The NFL’s San Francisco 49ers team is recovering from a cyberattack by the BlackByte ransomware gang who claims to have stolen data from the American football organization. 

The 49ers confirmed the attack in a statement to BleepingComputer and said it caused a temporary disruption to portions of their IT network.

While the 49ers did not confirm whether hackers successfully deployed the ransomware, they said they are still in the process of recovering systems, indicating that devices were likely encrypted.

Also Read: Got Hacked? Here Are 5 Ways to Handle Data Breaches

“The San Francisco 49ers recently became aware of a network security incident that resulted in temporary disruption to certain systems on our corporate IT network. Upon learning of the incident, we immediately initiated an investigation and took steps to contain the incident.

Third-party cybersecurity firms were engaged to assist, and law enforcement was notified.

While the investigation is ongoing, we believe the incident is limited to our corporate IT network; to date, we have no indication that this incident involves systems outside of our corporate network, such as those connected to Levi’s Stadium operations or ticket holders.

As the investigation continues, we are working diligently to restore involved systems as quickly and as safely as possible.”

To conduct a ransomware attack, threat actors breach a corporate network and silently spread to other devices while stealing data. The hackers ultimately deploy malware that encrypts all of the devices on the network, while leaving ransom notes demanding a cryptocurrency payment to receive a decryptor.

The ransomware gangs then use the stolen files as leverage, threatening to release them if they are not paid a ransom.

The BlackByte gang claimed responsibility for the 49er’s attack yesterday, right as the NFL gets ready for Super Bowl 2022, by beginning to leak files that they claim are stolen files.

 BlackByte ransomware leaking the San Francisco 49ers data
 BlackByte ransomware leaking the San Francisco 49ers’ data
Source: BleepingComputer

The leaked data is a 292MB archive of files that the threat actors say are stolen 2020 invoices from the 49ers’ network.

BlackByte usually releases its victims’ data in increasing amounts to further pressure the victim into paying.

While it is not known how much data has been stolen during the attack on the 49ers, BlackByte has stolen gigabytes of data from previous victims.

Also Read: Compliance Course Singapore: Spotlight on the 3 Offerings

Who is BlackByte?

The BlackByte ransomware operation launched in July 2021 when it began targeting corporate victims worldwide.

The ransomware gang is not particularly active compared to other groups, but they have conducted numerous successful attacks, meaning the enterprise should not ignore them.

Example BlackByte ransom note
Example BlackByte ransom note
Source: BleepingComputer

The ransomware gang is known to utilize vulnerabilities to gain initial access to a corporate network, illustrating the need to always have the latest software updates installed.

In October 2021, the BlackByte operation made the significant mistake of reusing the same decryption/encryption key in multiple attacks.

While BlackByte quickly fixed the bug, it allowed cybersecurity firm Trustwave to create a free decryptor allowing some victims to recover their files for free.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us