fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Ransomware Gang Leaks Data From Stanford, Maryland Universities

Ransomware Gang Leaks Data From Stanford, Maryland Universities

Image: Dom Fou

Personal and financial information stolen from Stanford Medicine, University of Maryland Baltimore (UMB), and the University of California was leaked online by the Clop ransomware group.

The threat actors obtained the documents after hacking the universities’ Accellion File Transfer Appliance (FTA) software used to share and store sensitive information.

Data stolen in the attack targeting Stanford Medicine’s Accellion server includes names, addresses, email addresses, Social Security numbers, and financial information, reported the Stanford Daily.

“We discovered the breach earlier this week when the hackers posted evidence that they had accessed a limited number of files in our system containing some personally identifiable information,” UMB also told DataBreaches.net.

“UC has learned that it, along with other universities, government agencies, and private companies throughout the country, was recently subject to a cybersecurity attack,” a statement issued by the UC Office of the President reads.

“The attack involves the use of Accellion, a vendor used by many organizations for secure file transfer, in which an unauthorized individual appears to have copied and transferred UC files by exploiting a vulnerability in Accellion’s file-transfer service.”

Also Read: The 3 Main Benefits Of PDPA For Your Business

Colorado and Miami universities also hit

Since February, the ransomware operation has been leaking files stolen after compromising vulnerable Accellion FTA file-sharing servers.

The ransomware gang started leaking the universities’ data during late March, attempting to coerce them to pay ransoms to have the stolen data deleted and the leaks stopped.

Last month, the Clop ransomware gang leaked other data sets allegedly stolen from the University of Colorado and the University of Miami.

The attackers haven’t gained access to universities’ internal networks, with the incident only impacting their Accellion servers.

Clop leak site
Clop leak site

While still unclear if Clop is behind these Accellion attacks or they’re collaborating with another group, a joint statement from Mandiant and Accellion shed more light on these attacks also linking them to a second operation, the FIN11 cybercrime group.

BleepingComputer has reported multiple data breaches affecting companies and organizations after these threat actors successfully compromised their Accellion FTA servers and exfiltrated sensitive information.

Starting with January, we reported attacks on energy giant Shellcybersecurity firm Qualyssupermarket giant Kroger, the Reserve Bank of New ZealandSingtel, the Australian Securities and Investments Commission (ASIC), the Office of the Washington State Auditor (“SAO”), as well as multiple universities and other organizations.

Five Eyes members also issued a joint security advisory in February about ongoing attacks and extortion attempts targeting orgs that use vulnerable Accellion File Transfer Appliance (FTA) versions.

Also Read: What Do 4 Messaging Apps Get From You? Read The iOS Privacy App Labels

In related news, Brown University, a private Ivy League research university, is still working on bringing systems online after it had to disable them following a cyberattack on Tuesday.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us