fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week In Ransomware – March 5th 2021 – Targeting Service Providers

The Week In Ransomware – March 5th 2021 – Targeting Service Providers

This week we have seen ransomware attacks targeting online service providers and MSPs to not only encrypt the victim but also cause significant outages for their customers.

HR and payroll platform PrismHR suffered a ransomware attack this weekend that caused an outage for PEOs and their clients that utilize the system. We also saw CompuCom, a large US MSP, get hit with a DarkSide ransomware attack that led to significant outages for most of their customers.

Clop Ransomware continues to publish the stolen data of victims whose data was stolen from breached Accellion FTA devices in December. Unfortunately, due to the number of organizations that used this service, we will likely continue seeing Accellion-related breaches announced.

Finally, Universal Health Services, which suffered a massive Ryuk ransomware attack in September 2020, reported that the cyberattacks had an estimated cost of $67 million.

As for new ransomware, we continue to see new variants released and new in-development threats, such as a strange one that only decrypts victims if they join the threat actor’s Discord server.

Contributors and those who provided new ransomware information and stories this week include: @PolarToffee@VK_Intel@malwareforme@Seifreed@jorntvdw@fwosar@LawrenceAbrams@FourOctets@BleepinComputer@DanielGallagher@demonslay335@struppigel@malwrhunterteam@serghei@Ionut_Ilascu@GroupIB@Sophos@kjkwak12@JakubKroustek@siri_urz@Kangxiaopao@Amigo_A_@petrovic082@IntezerLabs@emsisoft, and @BrettCallow.

Also Read: Limiting Location Data Exposure: 8 Best Practices

March 1st 2021

Hackers use black hat SEO to push ransomware, trojans via Google

The delivery system for the Gootkit information stealer has evolved into a complex and stealthy framework, which earned it the name Gootloader, and is now pushing a wider variety of malware via hacked WordPress sites and malicious SEO techniques for Google results.

Universal Health Services lost $67 million due to Ryuk ransomware attack

Universal Health Services (UHS) said that the Ryuk ransomware attack it suffered during September 2020 had an estimated impact of $67 million.

NSW Transport agency extorted by ransomware gang after Accellion attack

The transport system for the Australian state of New South Wales has suffered a data breach after the Clop ransomware exploited a vulnerability to steal files.

New Dharma ransomware variants

Jakub Kroustek found new Dharma ransomware variants that appends the .oral and .urs extension to encrypted files.

New STOP Djvu ransomware variant

Michael Gillespie found a new STOP ransomware variant that appends the .ribd extension to encrypted files.

March 2nd 2021

Payroll giant PrismHR outage likely caused by ransomware attack

Leading payroll company PrismHR is suffering a massive outage after suffering a cyberattack this weekend that looks like a ransomware attack from conversations with customers.

New ‘Corona Locker’ Aurora ransomware variant

xiaopao found a new variant of the Aurora ransomware that calls itself ‘Corona Locker’ and appends the .systems32x extension.

New Makop ransomware variant

Petrovic found a new Makop ransomware variant that appends the .vassago extension to encrypted files.

When Viruses Mutate: Did SunCrypt Ransomware Evolve from QNAPCrypt?

This report uses both dark web research and malware analysis to investigate the connection between the affiliate ransomware service known as SunCrypt and the QNAPCrypt ransomware, the latter of which was used against QNAP and Synology devices back in 2019. While the two ransomware are operated by distinct different threat actors on the dark web, there are strong technical connections in code reuse and techniques, linking the two ransomware to the same author. Just because a malware is a derivative of another malware does not mean it will be deployed in exactly the same way. A new operator may use different targets, tactics, techniques and procedures (TTPs), which can include new evasion techniques. Defenders must remain vigilant.

March 3rd 2021

RansomTrojanLock discovered

S!ri found a new ransomware that appends the .RansomTrojanLock extension to encrypted files.

Beware the Fancy Bear ransomware

S!ri found a new ransomware that we will let the screenshot speak for itself.

New Help You Ransomware

xiaopao found a new ransomware that appends the .IQ_IQ and drops a ransom note named HOW_TO_RECOVERY_FILES.txt.

Also Read: 10 Practical Benefits of Managed IT Services

Emsisoft Aurora decryptor updated

Emsisoft has updated their Aurora decryptor to support the .systems32x extension.

March 4th 2021

CompuCom MSP hit by DarkSide ransomware cyberattack

US managed service provider CompuCom has suffered a DarkSide ransomware attack leading to service outages and customers disconnecting from the MSP’s network to prevent the spread of malware.

Ransomware is a multi-billion industry and it keeps growing

An analysis from global cybersecurity company Group-IB reveals that ransomware attacks more than doubled last year and increased in both scale and sophistication.

New JesusCrypt Ransomware

MalwareHunterTeam found a new in-development ransomware called JesusCrypt.

March 5th 2021

New ransomware only decrypts victims who join their Discord server

A new ransomware called ‘Hog’ encrypts users’ devices and only decrypts them if they join the developer’s Discord server.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us