fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

US and allies officially accuse China of Microsoft Exchange attacks

US and allies officially accuse China of Microsoft Exchange attacks

US and allies, including the European Union, the United Kingdom, and NATO, are officially blaming China for this year’s widespread Microsoft Exchange hacking campaign.

These early 2021 cyberattacks targeted over a quarter of a million Microsoft Exchange servers, belonging to tens of thousands of organizations worldwide.

The Biden administration attributes “with a high degree of confidence that malicious cyber actors affiliated with PRC’s MSS conducted cyber espionage operations utilizing the zero-day vulnerabilities in Microsoft Exchange Server disclosed in early March 2021.”

Also Read: When to Appoint a Data Protection Officer

“In some cases, we are aware that PRC government-affiliated cyber operators have conducted ransomware operations against private companies that have included ransom demands of millions of dollars,” the White House added.

“The attack on Microsoft Exchange software was highly likely to enable large-scale espionage, including acquiring personally identifiable information and intellectual property,” the UK National Cyber Security Centre (NCSC) also said today.

“The National Cyber Security Centre – which is a part of GCHQ – assessed that it was highly likely that a group known as HAFNIUM, which is associated with the Chinese state, was responsible for the activity.”

The UK added that the Chinese Ministry of State Security (MSS) is also behind Chinese state-backed hacking groups tracked as APT40 and APT31.

The NSA, CISA, and FBI also issued a joint advisory containing more than 50 tactics, techniques, and procedures (TTPs) that Chinese state-sponsored cyber actors have used in attacks targeting the US and allied networks.

CISA and the FBI also published indicators of compromise and TTPs to help organizations detect and remediate APT40 intrusions and established footholds within their networks.

The US Department of Justice also announced criminal charges against four MSS hackers (indictment here) regarding activities part of a multi-year campaign targeting governments around the world and organizations from critical sectors.

“The attack on Microsoft Exchange servers is another serious example of a malicious act by Chinese state-backed actors in cyberspace,” the EU and its Member States added in a separate statement issued today.

“This kind of behavior is completely unacceptable, and alongside our partners we will not hesitate to call it out when we see it.”

APT40 operatives indicted by US DOJ
APT40 operatives indicted by US DOJ

Abused to deploy ransomware and cryptominers

In early March 2021, Microsoft disclosed four zero-days actively being exploited in attacks targeting on-premises Microsoft Exchange servers.

The vulnerabilities (collectively known as ProxyLogon) were exploited in indiscriminate attacks against organizations from multiple industry sectors worldwide, with the end goal of stealing sensitive information.

Threat actors behind ProxyLogon attacker have been observed while deploying web shellscryptomining malware, as well as DearCry and Black Kingdom ransomware payloads on compromised Exchange servers.

After Microsoft disclosed the attacks, Slovak internet security firm ESET discovered at least ten APT groups targeting vulnerable Exchange servers.

Microsoft said at the time that the Chinese state-sponsored hacking group known as Hafnium is behind these attacks.

“Historically, Hafnium primarily targets entities in the United States for the purpose of exfiltrating information from a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks and NGOs,” Microsoft said.

“While Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (VPS) in the United States.”

Also Read: 4 Things to Know When Installing CCTVs Legally

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us