fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

The Week in Ransomware – October 8th 2021 – Making Arrrests

The Week in Ransomware – October 8th 2021 – Making Arrrests

This week’s big news is the arrests of two ransomware operators in Ukraine responsible for hundreds of attacks targeting organizations worldwide.

The US is also proposing new bills and initiatives to force companies to disclose ransom payments and government contractors to disclose breaches.

Under the new Civil Cyber-Fraud Initiative, the US DOJ will allow government contractors to be sued if they don’t report a breach or fail to meet required cybersecurity standards.

Also Read: How to Send Mass Email Without Showing Addresses: 2 Great Workarounds

A new ‘Ransom Disclosure Act’ bill has been introduced to require any ransomware victims to report ransom payments within 48 hours.

Finally, some of the ransomware attacks revealed this week include SandHills GlobalWeir Group, and we finally have confirmation that Cox Media Group was attacked in June.

Contributors and those who provided new ransomware information and stories this week include: @struppigel@Seifreed@FourOctets@malwareforme@billtoulas@demonslay335@fwosar@VK_Intel@PolarToffee@serghei@Ionut_Ilascu@malwrhunterteam@LawrenceAbrams@BleepinComputer@DanielGallagher@jorntvdw@kaspersky@threatresearch@thepacketrat@vikas891@fbgwls245, and @Mandiant.

October 2nd 2021

Sandhills online machinery markets shut down by ransomware attack

Industry publication giant Sandhills Global has suffered a ransomware attack, causing hosted websites to become inaccessible and disrupting their business operations.

October 3rd 2021

New STOP Ransomware variant

dnwls0719 found a new STOP ransomware variant that appends the .tisc extension.

October 4th 2021

Ransomware operators behind hundreds of attacks arrested in Ukraine

Europol has announced the arrest of two men in Ukraine, said to be members of a prolific ransomware operation that extorted victims with ransom demands ranging between €5 to €70 million.

New Atom Silo ransomware targets vulnerable Confluence servers

Atom Silo, a newly spotted ransomware group, is targeting a recently patched and actively exploited Confluence Server and Data Center vulnerability to deploy their ransomware payloads.

October 5th 2021

Ransomware gang encrypts VMware ESXi servers with Python script

Operators of an unknown ransomware gang are using a Python script to encrypt virtual machines hosted on VMware ESXi servers.

October 6th 2021

U.S. govt to sue contractors who hide breach incidents

Under the new Civil Cyber-Fraud Initiative that the U.S. Department of Justice announced today, government contractors are accountable in a civil court if they don’t report a breach or fail to meet required cybersecurity standards.

Ransom Disclosure Act would give victims 48 hours to report payments

Victims of ransomware attacks in the United States may soon have to report any payments to hackers within 48 hours, according to a new legislation proposal titled the ‘Ransom Disclosure Act’.

BabyDuck Ransomware

xXToffeeXx found a “BabyDuck” ransomware that uses the .babyduck extension and drops a ransom note named #README.babyduck. No this is not a joke.

BabyDuck ransomware

October 7th 2021

FIN12 hits healthcare with quick and focused ransomware attacks

It can take less than two days for the FIN12 gang to execute on the target network a file-encrypting payload – most of the time Ryuk ransomware.

October 8th 2021

Engineering giant Weir Group hit by ransomware attack

Scottish multinational engineering firm Weir Group has disclosed an “attempted ransomware attack” that led to “significant temporary disruption” in September.

Russian orgs heavily targeted by smaller tier ransomware gangs

Even though American and European companies enjoy the lion’s share of ransomware attacks launched from Russian ground, companies in the country aren’t spared from having to deal with file encryption and double-extortion troubles of their own.

Cox Media Group confirms ransomware attack that took down broadcasts

American media conglomerate Cox Media Group (CMG) confirmed that it was hit by a ransomware attack that took down live TV and radio broadcast streams in June 2021.

That’s it for this week! Hope everyone has a nice weekend!

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us