fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week in Ransomware – June 11th 2021 – Under Pressure

The Week in Ransomware – June 11th 2021 – Under Pressure

It has been quite the week when it comes to ransomware, with ransoms being paid, ransoms being taken back, and a ransomware gang shutting down.

This week’s biggest news was the FBI announcing that they were able to recover the majority of the $4.4 million ransom payment paid by Colonial Pipeline. It is not entirely clear how they obtained the private key for the cryptocurrency wallet, but it is believed DarkSide stored it on a seized server.

We also learned that JBS paid $11 million to the REvil ransomware operation to retrieve a decryptor and prevent stolen files from being leaked.

In a bit of good news, the Avaddon ransomware operation shut down and released the decryption keys of close to 3,000 victims to BleepingComputer. Using these, cybersecurity firm Emsisoft was able to release a free decryptor.

Finally, news broke this week that memory maker ADATA and food services supplier Edward Don suffered ransomware attacks.

Contributors and those who provided new ransomware information and stories this week include: @Ionut_Ilascu@demonslay335@FourOctets@Seifreed@fwosar@jorntvdw@BleepinComputer@struppigel@malwrhunterteam@PolarToffee@serghei@DanielGallagher@LawrenceAbrams@VK_Intel@malwareforme@jonallendc@kevincollier@RobertScammell@KimZetter@RakeshKrish12@fbgwls245@Jirehlov@SecurityJoes@Kangxiaopao, and @GrujaRS.

June 5th 2021

New BigLock ransomware

dnwls0719 found a new ransomware named BigLock that appends the .nermer extension and drops a ransom note named PROTECT_INFO.TXT.

June 6th 2021

New Evil Corp ransomware mimics PayloadBin gang to evade US sanctions

The new PayloadBIN ransomware has been attributed to the Evil Corp cybercrime gang, rebranding to evade sanctions imposed by the US Treasury Department’s Office of Foreign Assets Control (OFAC).

New Findnotefile ransomware

Jirehlov Solace found a new Findnotefile ransomware variant that appends the .reddot extension.

Also Read: The DNC Registry Singapore: 5 Things You Must Know

New ransomware hunt

Michael Gillespie is looking for a ransomware that appends the .ramsome.encrypt(rsw).nat extension and drops a note named readme-instructions.txt. The ransomware turns files into password-protected RAR archives.

June 7th 2021

US recovers most of Colonial Pipeline’s $4.4M ransomware payment

The US Department of Justice has recovered the majority of the $4.4 million ransom payment paid by Colonial Pipeline to the DarkSide ransomware operation.

Fujifilm refuses to pay ransomware demand, restores network from backups

Japanese multinational conglomerate Fujifilm said it has refused to pay a ransom demand to the cyber gang that attacked its network in Japan last week and is instead relying on backups to restore operations.

June 8th 2021

Computer memory maker ADATA hit by Ragnar Locker ransomware

Taiwan-based leading memory and storage manufacturer ADATA says that a ransomware attack forced it to take systems offline after hitting its network in late May.

New HimalayA Ransomware-as-a-Service

RAKESH KRISHNAN found a new RaaS named HimalayA advertised on the darkweb.

June 9th 2021

New Ryuk impersonator

Security Joes found a .NET Ryuk impersonator that can be customized with a ransomware builder.

June 10th 2021

JBS paid $11 million to REvil ransomware, $22.5M first demanded

JBS, the world’s largest beef producer, has confirmed that they paid an $11 million ransom after the REvil ransomware operation initially demanded $22.5 million.

CD Projekt: Data stolen in ransomware attack now circulating online

CD Projekt is warning today that internal data stolen during their February ransomware attack is circulating on the Internet.

Foodservice supplier Edward Don hit by a ransomware attack

Foodservice supplier Edward Don has suffered a ransomware attack that has caused the company to shut down portions of the network to prevent the attack’s spread.

New Vice Society ransomware

Michael Gillespie found a new Vice Society ransomware that appends the .v-society extension when encrypting Linux machines. Appears to be a spin-off of HelloKitty.

New Anubis ransomware variant

xiaopao found a new Anubis ransomware variant that appends the .ChupaCabra extension.

June 11th 2021

Avaddon ransomware shuts down and releases decryption keys

The Avaddon ransomware gang has shut down operation and released the decryption keys for their victims to BleepingComputer.com.

Relentless REvil, revealed: RaaS as variable as the criminals who use it

One of the ransomware-as-a-service (RaaS) we encounter most frequently, known alternately as Sodinokibi or REvil, is as conventional a ransomware as we’ve seen: Its routines, configuration, and behavior what we’ve come to expect from a mature family that’s, obviously, well used in the criminal underground.

Ransomware attack hit Teamsters in 2019 — but they refused to pay

When the Teamsters were hit by a ransomware attack over Labor Day weekend in 2019, the hackers asked for a seven-figure payment.

Also Read: How to Comply with PDPA: A Checklist for Businesses

Negotiating Ransoms: When to Play and When to Fold

An interview with the CEO of Coveware, which negotiates payments on behalf of ransomware victims.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us