fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week in Ransomware – February 4th 2022 – Critical Infrastructure

The Week in Ransomware – February 4th 2022 – Critical Infrastructure

Critical infrastructure suffered ransomware attacks, with threat actors targeting an oil petrol distributor and oil terminals in major ports in different attacks.

Earlier this week, German petrol distributor Oiltanking suffered a ransomware attack allegedly by the new ALPHV/BlackCat ransomware operation.

Soon after, oil terminals in major ports disclosed that they too suffered ransomware attacks. However, officials do not believe the attacks are linked.

If critical infrastructure was not bad enough, the Conti ransomware gang attacked British snacks giant KP Snacks, causing disruptions in the supply chain.

The UK’s HHS released a summary of the findings from the attack on Ireland’s HSE and said that 80% of the IT systems were encrypted during the attack.

Also Read: 4 Trends on data protection strategy in 2022 to watch for

Finally, RecordedFuture conducted an interview with the ALPHV ransomware gang, which provides some interesting insights into their new operation.

Contributors and those who provided new ransomware information and stories this week include: @jorntvdw@demonslay335@PolarToffee@malwrhunterteam@struppigel@serghei@billtoulas@Ionut_Ilascu@FourOctets@malwareforme@VK_Intel@LawrenceAbrams@fwosar@DanielGallagher@BleepinComputer@Seifreed@cybereason@Ax_Sharma@Walmarttech@JakubKroustek@Amigo_A_@mattburgess1@fbgwls245@pcrisk@ddd1ms@AdamJanofsky, and @BrettCallow.

January 31st 2022

QNAP: DeadBolt ransomware exploits a bug patched in December

Taiwan-based network-attached storage (NAS) maker QNAP urges customers to enable firmware auto-updating on their devices to defend against active attacks.

New Phobos Ransomware variant

PCrisk found a Phobos ransomware variant that appends the .makop extension. Makop is the name of a different ransomware operation.

February 1st 2022

German petrol supply firm Oiltanking paralyzed by cyber attack

Oiltanking GmbH, a German petrol distributor who supplies Shell gas stations in the country, has fallen victim to a cyberattack that severely impacted its operations.

Cyberspies linked to Memento ransomware use new PowerShell malware

An Iranian state-backed hacking group tracked as APT35 (aka Phosphorus or Charming Kitten) is now deploying a new backdoor called PowerLess and developed using PowerShell.

Inside Trickbot, Russia’s Notorious Ransomware Gang

Internal messages WIRED has viewed shed new light on the operators of one of the world’s biggest botnets.

New STOP Ransomware variant

Amigo-A found a new STOP ransomware variant that appends the .bbbw extension.

February 2nd 2022

KP Snacks giant hit by Conti ransomware, deliveries disrupted

KP Snacks, a major producer of popular British snacks has been hit by the Conti ransomware group affecting distribution to leading supermarkets.

Also Read: Top 5 cybersecurity and data protection articles you loved in 2021

Business services provider Morley discloses ransomware incident

Morley Companies Inc. disclosed a data breach after suffering a ransomware attack on August 1st, 2021, allowing threat actors to steal data before encrypting files.

New STOP Ransomware variants

Jakub Kroustek found two new STOP ransomware variants that append the .bbbr or .bbbe extensions.

New STOP ransomware variant

PCRisk found a new STOP ransomware variant that appends the .maiv extension.

New ransomware requires YouTube subscriptions

MalwareHunterTeam found a new ransomware that requires you to subscribe to a YouTube channel to decrypt your files. Seems more like a joke.

Ghost Cyber Team

February 3rd 2022

New STOP ransomware variant

PCRisk found a new STOP ransomware variant that appends the .qqqr extension.

European oil port terminals hit by cyberattack

Major oil terminals in some of Western Europe’s biggest ports have fallen victim to a cyberattack at a time when energy prices are already soaring, sources confirmed on Thursday.

String of cyberattacks on European oil and chemical sectors likely not coordinated, officials say

The attacks targeted organizations in Belgium, the Netherlands, and Germany, including some of the largest ports in the region. Cybersecurity officials from those countries on Thursday said they do not have reason to believe that the attacks are linked to one another.

February 4th 2022

Swissport ransomware attack delays flights, disrupts operations

Aviation services company Swissport International has disclosed a ransomware attack that has impacted its IT infrastructure and services, causing flights to suffer delays.

HHS: Conti ransomware encrypted 80% of Ireland’s HSE IT systems

A threat brief published by the US Department of Health and Human Services (HHS) on Thursday paints a grim picture of how Ireland’s health service, the HSE, was overwhelmed and had 80% of its systems encrypted during last year’s Conti ransomware attack.

A look at the new Sugar ransomware demanding low ransoms

A new Sugar Ransomware operation actively targets individual computers, rather than corporate networks, with low ransom demands.

An ALPHV (BlackCat) representative discusses the group’s plans for a ransomware ‘meta-universe’

A representative from the group, which has also been called BlackCat in some reports, agreed to talk to Recorded Future analyst Dmitry Smilyanets about the group’s background, intentions, and plans for the future. The interview was conducted in Russian via TOX messaging, and was translated to English with the help of a linguist from Recorded Future’s Insikt Group. It has been lightly edited for clarity.

New SG1995 Ransomware

dnwls0719 found a new ransomware that appends the .SG1995 extension.

Spiderman

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us