fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

US Govt Warns of Increased Ransomware Risks During Holidays

US Govt Warns of Increased Ransomware Risks During Holidays

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warned critical infrastructure partners and public/private sector organizations not to let down their defenses against ransomware attacks during the holiday season.

The two federal agencies’ warning was issued in the form of a joint advisory published Monday, “based on observations on the timing of high impact ransomware attacks that have occurred previously rather than a reaction to specific threat reporting.”

As previously observed, threat actors have often taken advantage of a decrease in readiness to respond to cybersecurity attacks during weekends and holidays to attempt breaches of critical networks and systems belonging to public and private sector orgs.

Also Read: Going Beyond DPO Meaning: Ever Heard of Outsourced DPO?

The two agencies also provide a list of mitigations, including the need to set up an IT security team ready to react to ransomware attacks even outside regular office hours.

Other best practices outlined in the joint alert include:

  • Implement multi-factor authentication for remote access and administrative accounts
  • Mandate strong passwords and ensure they are not reused across multiple accounts
  • If you use remote desktop protocol (RDP) or other potentially risky services, ensure it is secure and monitored      
  • Remind employees not to click on suspicious links, and conduct exercises to raise awareness
  • Review and, if needed, update incident response and communication plans that list actions an organization will take if impacted by a ransomware incident

“While we are not currently aware of a specific threat, we know that threat actors don’t take holidays,” said CISA Director Jen Easterly. “We urge all organizations to remain vigilant and report any cyber incidents to CISA or FBI.”

“The FBI is dedicated to combatting cyber-crimes targeting the American public and our private sector partners. Cyber criminals have historically viewed holidays as attractive times to strike,” added FBI Cyber Assistant Director Bryan Vorndran. 

Today’s warning follows a very similar one issued at the end of August, ahead of the Labor Day weekend, after noticing that highly impactful ransomware attacks commonly hit US organizations when offices are typically closed.

“CISA offers a range of no-cost cyber hygiene services—including vulnerability scanning and ransomware readiness assessments—to help critical infrastructure organizations assess, identify, and reduce their exposure to cyber threats,” the agencies added at the time.

Also Read: 5 Common Sections in an Agreement Form Example

“By taking advantage of these services, organizations of any size will receive recommendations on ways to reduce their risk and mitigate attack vectors.”

Last month, the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) had also revealed the scale of financial losses suffered by ransomware targets in the previous few years by linking almost $5.2 billion in outgoing BTC transactions to paid ransoms.

inCEN’s report came on the heels of governments worldwide saying in mid-October that they will crackdown on cryptocurrency payment channels used by ransomware gangs.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us