fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week in Ransomware – January 21st 2022 – Arrests, Wipers, and More

The Week in Ransomware – January 21st 2022 – Arrests, Wipers, and More

It has been quite a busy week with ransomware, with law enforcement making arrests, data-wiping attacks, and the return of the Qlocker ransomware.

This week’s biggest news is Russia’s arrest of fourteen suspected members of the REvil ransomware operation. In addition, a senior Biden administration official said that one of the fourteen suspects is responsible for the Colonial Pipeline ransomware attack.

Europol also conducted a law enforcement operation against VPNLab, a platform commonly used by ransomware gangs. Law enforcement operatives seized 15 servers used by the VPNLab.net service and took down its main site, making the platform no longer available.

While it was a good week for law enforcement, sadly, new attacks were discovered.

Microsoft disclosed attacks on Ukrainian organizations using data-wiping malware disguised as ransomware. This malware is named “WhisperGate,” and has been attributed by Ukrainian officials as being conducted by, or at the behest, of the Russian government.

For consumers and small businesses, we saw the unfortunate return of Qlocker, notorious ransomware that encrypted thousands of QNAP NAS devices last year.

Finally, in research released by security companies we learned that White Rabbit ransomware is linked to FIN8 hackers, new analysis of the BlackCat/ArchV and Avaddon ransomware operations, and the FBI linking Diavol to the TrickBot Group.

Contributors and those who provided new ransomware information and stories this week include: @serghei@VK_Intel@billtoulas@struppigel@Ionut_Ilascu@malwareforme@jorntvdw@Seifreed@FourOctets@PolarToffee@DanielGallagher@malwrhunterteam@fwosar@LawrenceAbrams@BleepinComputer@demonslay335@fbgwls245@Amigo_A_,@JakubKroustek@pcrisk@TrendMicro@LabsSentinel@MsftSecIntel@Mandiant, and @GrujaRS.

January 15th 2022

Qlocker ransomware returns to target QNAP NAS devices worldwide

Threat actors behind the Qlocker ransomware are once again targeting Internet-exposed QNAP Network Attached Storage (NAS) devices worldwide.

Russia charges 8 suspected REvil ransomware gang members

Eight members of the REvil ransomware operation that have been detained by Russian officers are currently facing criminal charges for their illegal activity.

January 16th 2022

Microsoft: Fake ransomware targets Ukraine in data-wiping attacks

Microsoft is warning of destructive data-wiping malware disguised as ransomware being used in attacks against multiple organizations in Ukraine.

January 17th 2022

New STOP ransomware variants

PCrisk found two new STOP ransomware variants that append the .vfgj and .fhkf extensions.

New Chaos Ransomware variant

dnwls0719 found a new Chaos ransomware variant that appends the .AZ extension.

January 18th 2022

New White Rabbit ransomware linked to FIN8 hacking group

A new ransomware family called ‘White Rabbit’ appeared in the wild recently, and according to recent research findings, could be a side-operation of the FIN8 hacking group.

Fashion giant Moncler confirms data breach after ransomware attack

Italian luxury fashion giant Moncler confirmed that they suffered a data breach after files were stolen by the AlphV/BlackCat ransomware operation in December and published today on the dark web.

Europol shuts down VPN service used by ransomware groups

Law enforcement authorities from 10 countries took down VPNLab.net, a VPN service provider used by ransomware operators and malware actors.

BlackCat Ransomware | Highly-Configurable, Rust-Driven RaaS On The Prowl For Victims

BlackCat (aka AlphaVM, AlphaV) is a newly established RaaS (Ransomware as a Service) with payloads written in Rust. While BlackCat is not the first ransomware written in the Rust language, it joins a small (yet growing) sliver of the malware landscape making use of this popular cross-platform language.

New Dharma Ransomware variant

dnwls0719 found a new Dharma ransomware variant that appends the .MTX extension.

January 19th 2022

Marketing giant RRD confirms data theft in Conti ransomware attack

RR Donnelly has confirmed that threat actors stole data in a December cyberattack, confirmed by BleepingComputer to be a Conti ransomware attack.

Also Read: Personal Data Protection Act Singapore: Is Your Business Compliant?

One Source to Rule Them All: Chasing AVADDON Ransomware

This blog post explores activity, similarities and overlaps between multiple ransomware families related to AVADDON ransomware, serving as a case study to understand how ransomware operators think and continue to turn a profit in a constantly evolving cybercrime ecosystem.

New Dharma ransomware variant

PCrisk found a new Dharma ransomware variant that appends the .cip extension.

January 20th 2022

FBI links Diavol ransomware to the TrickBot cybercrime group

The FBI has formally linked the Diavol ransomware operation to the TrickBot Group, the malware developers behind the notorious TrickBot banking trojan.

New STOP Ransomware variant

Jakub Kroustek found a new STOP ransomware variant that appends the .maak extension.

New Trap ransomware discovered

Amigo-A spotted the new Trap ransomware that appends the .trap extension and drops a ransom note named RESTORE.txt.

New Makop ransomware variant

GrujaRS found a new Makop ransomware variant that appends the .factfull extension.

January 21st 2022

New Phobos ransomware variant

PCrisk found a new Phobos ransomware variant that appends the .ELBOW extension.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us