fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

DHS Orders Agencies To Urgently Patch Or Disconnect Exchange Servers

DHS Orders Agencies To Urgently Patch Or Disconnect Exchange Servers

The Department of Homeland Security’s cybersecurity unit has ordered federal agencies to urgently update or disconnect Microsoft Exchange on-premises products on their networks.

The Cybersecurity and Infrastructure Security Agency (CISA) issued the Emergency Directive 21-02 Wednesday after Microsoft patched four zero-day Exchange bugs in emergency out-of-band security updates and shared info on active exploitation in the wild.

“Successful exploitation of these vulnerabilities allows an attacker to access on-premises Exchange servers, enabling them to gain persistent system access and control of an enterprise network,” CISA said.

CISA “strongly” recommended federal agencies to examine their networks to detect malicious activity related to zero-day attacks targeting Exchange servers.

“If no indications of compromise have been found, agencies must immediately apply Microsoft patches for Microsoft Exchange servers and proceed to Action 5,” CISA added.

Agencies that identify indications of compromise should “immediately disconnect Microsoft Exchange on-premises servers” and “await guidance before rebuilding from trusted sources utilizing the latest version of the product available.”

Also Read: 10 Practical Benefits of Managed IT Services

CISA asked the agencies to immediately report incidents if any of the following criteria are met:

  • Identification of indicators of compromise as outlined in CISA Activity Alert.
  • Presence of web shellcode on a compromised Microsoft Exchange on-premises server.
  • Unauthorized access to or use of accounts.
  • Evidence of lateral movement by malicious actors with access to compromised systems.
  • Other indicators of unauthorized access or compromise.
  • Other indicators related to this issue to be shared by CISA in the Activity Alert.

Earlier this week, Microsoft and multiple cybersecurity firms disclosed ongoing attacks coordinated by several Chinese-backed hacking groups.

The attacks target US organizations from multiple industry sectors and are attempting to exploit Internet-exposed on-premises Exchange servers to steal sensitive information.

Slovak internet security firm ESET identified three state-sponsored threat actors: the Chinese-backed APT27, Bronze Butler (aka Tick), and Calypso.

The company added that it also detected several other APT groups it wasn’t able to identify.

Microsoft identified a fourth Chinese-backed group named Hafnium observed while attacking US orgs’ on-premises Exchange servers.

Active exploitation of these Microsoft Exchange zero-days began “as early as January 6, 2021,” as incident response firm Volexity revealed.

Also Read: What Legislation Exists in Singapore Regarding Data Protection and Security?

Microsoft is also urging administrators to “install these updates immediately” to defend vulnerable Exchange servers from ongoing attacks.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us