fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week In Ransomware – February 26th 2021 – Back From The Holidays

The Week In Ransomware – February 26th 2021 – Back From The Holidays

The number of attacks had slowed down after the winter holidays, but after the past two weeks, it’s evident that the ransomware attacks are back at full speed.

Over the past two weeks, we had some significant attacks, including attacks on Discount Car and Truck Rentals, an alleged attack on Kia Motors/HyundaiULTietoEVRYEcuador’s Ministry of Finance, and its largest bank, Banco Pichincha.

A recent ransomware attack at Automatic Funds Transfer Services (AFTS) also led to a series of data breach notifications from US cities that used them as a payment processor.

Finally, Mandiant reported that recent Accellion FTA breaches had been conducted by hackers affiliated with the Clop ransomware operation.

In a win for law enforcement, an operation between the USA, France, and Ukraine has led to numerous Egregor members’ arrests, practically shutting down the ransomware operation.

On the technical side, we learned that Ryuk now has worm-like functionality allowing it to spread to other Windows devices.

Contributors and those who provided new ransomware information and stories this week include: @jorntvdw@PolarToffee@DanielGallagher@LawrenceAbrams@demonslay335@VK_Intel@BleepinComputer@Ionut_Ilascu@malwareforme@fwosar@Seifreed@struppigel@serghei@malwrhunterteam@FourOctets@chum1ng0@cyb5r3Gene@Mandiant@CISecurity@JakubKroustek@coveware@fbgwls245@c3rb3ru5d3d53c@Amigo_A_@petrovic082@siri_urz, and @1ZRR4H.

Also Read: How To Check Data Breach And How Can We Prevent It

February 13th 2021

CD Projekt’s stolen source code allegedly sold by ransomware gang

A ransomware gang who says they stole unencrypted source code for the company’s most popular games and then encrypted CD Projekt’s servers claims to have sold the data.

Leading Canadian rental car company hit by DarkSide ransomware

Canadian Discount Car and Truck Rentals has been hit with a DarkSide ransomware attack where the hackers claim to have stolen 120GB of data.

Tortoise ransomware decryptor released

Cerberus released a decryptor for the Tortoise Ransomware.

February 14th 2021

Egregor ransomware affiliates arrested by Ukrainian, French police

A joint operation between French and Ukrainian law enforcement has reportedly led to the arrests of several members of the Egregor ransomware operation in Ukraine.

February 17th 2021

Kia Motors America suffers ransomware attack, $20 million ransom

Kia Motors America has suffered a ransomware attack by the DoppelPaymer gang, demanding $20 million for a decryptor and not to leak stolen data.

New Makop variant

Petrovic found a new variant of the Makop ransomware that appends the .vassago extension.

New Stop ransomware variant

Michael Gillespie found a new ransomware that appends the .cadq extension to encrypted files.

February 18th 2021

US cities disclose data breaches after vendor’s ransomware attack

A ransomware attack against the widely used payment processor ATFS has sparked data breach notifications from numerous cities and agencies within California and Washington.

February 19th 2021

CIS now offers free ransomware protection to all US hospitals

The Center for Internet Security (CIS), a non-profit dedicated to securing IT systems and data, has announced the launch of free ransomware protection for US private hospitals through the Malicious Domain Blocking and Reporting (MDBR) service.

Underwriters Laboratories (UL) certification giant hit by ransomware

UL LLC, better known as Underwriters Laboratories, has suffered a ransomware attack that encrypted its servers and caused them to shut down systems while they recover.

February 21st 2021

Lakehead University shuts down campus network after cyberattack

Canadian undergraduate research university Lakehead has been dealing with a cyberattack that forced the institution earlier this week to cut off access to its servers.

Also Read: Top 8 Main PDPA Obligations To Boost And Secure Your Business

New Dharma ransomware variant

Jakub Kroustek found a new Dharma ransomware variant that appends the .pauq extension to encrypted files.

February 22nd 2021

Global Accellion data breaches linked to Clop ransomware gang

Threat actors associated with financially-motivated hacker groups combined multiple zero-day vulnerabilities and a new web shell to breach up to 100 companies using Accellion’s legacy File Transfer Appliance and steal sensitive files.

New ‘Four’ Dharma ransomware variant

Jakub Kroustek found a new Dharma ransomware variant that appends the .four extension to encrypted files.

February 23rd 2021

Finnish IT services giant TietoEVRY discloses ransomware attack

Finnish IT services giant TietoEVRY has suffered a ransomware attack that forced them to disconnect clients’ services.

New ‘Urs’ Dharma ransomware variant

Emmanuel_ADC-Soft found a new Dharma ransomware variant that appends the .urs extension to encrypted files.

Q4 2020 Doxxing Victim Trends: Industrial Sector Emerges as Primary Ransom “Non-Payor”

The analysis that follows is based on an examination of ransomware doxxing victims whose identities were published between September and December of 2020. The data for this blog post was collected from 100% public sources. Unlike the majority of research on cyber extortion trends, which is based on information collected from self-identified victims of ransomware, these data points are collected from the threat actor’s own public ledgers of victims and are not subject to the same limitations of self-reporting. At this time one year ago, only two or three ransomware gangs had developed the practice of naming-and-shaming victims who failed to pay the ransom. 

New ThunderX/Ranzy variant

dnwls0719 found a new ThunderX/Ranzy ransomware variant that appends the .RANZYLOCKED extension to encrypted files.

February 24th 2021

Cyberpunk 2077 patch 1.2 delayed by CD Projekt ransomware attack

CD Projekt Red announced today that they are delaying the anticipated Cyberpunk 2077 Patch 1.2 to the second half of March 2021 due to their recent cyberattack.

Ransomware gang extorts jet maker Bombardier after Accellion breach

Business jet maker Bombardier is the latest company to suffer a data breach by the Clop ransomware gang after attackers exploited a zero-day vulnerability to steal company data.

New ‘Clman’ Dharma ransomware variant

Jakub Kroustek found a new Dharma ransomware variant that appends the .clman extension to encrypted files.

February 25th 2021

Dutch Research Council (NWO) confirms ransomware attack, data leak

The recent cyberattack that forced the Dutch Research Council (NWO) to take its servers offline and suspend grant allocation processes was caused by the DoppelPaymer ransomware gang.

Looking for the Snoopdoog ransomware

Michael Gillespie found a new ransomware that appends the .Snoopdoog and drops a ransom note named Decrypt-me.txt.

New Team Assist ransomware

S!ri found a new ransomware that appends the .assist extension.

Assist

February 26th 2021

Ryuk ransomware now self-spreads to other Windows LAN devices

A new Ryuk ransomware variant with worm-like capabilities that allow it to spread to other devices on victims’ local networks has been discovered by the French national cyber-security agency while investigating an attack in early 2021.

Ransomware gang hacks Ecuador’s largest private bank, Ministry of Finance

​A hacking group called ‘Hotarus Corp’ has hacked Ecuador’s Ministry of Finance and the country’s largest bank, Banco Pichincha, where they claim to have stolen internal data.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us