fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Wasabi Cloud Storage Service Knocked Offline For Hosting Malware

Wasabi Cloud Storage Service Knocked Offline For Hosting Malware

Source: Wasabi.com

Cloud storage provider Wasabi suffered an outage after a domain used for storage endpoints was suspended for hosting malware.

Wasabi is a cloud storage provider that competes with solutions like Amazon S3 by offering significantly cheaper services, not charging egress or API fees, and promising a 99.999999999% data durability.

Yesterday, at approximately 2:30 PM EST, Wasabi users suddenly found that they could no longer access their storage buckets [123] hosted on the wasabisys.com domain.

Wasabi acknowledged the issue in an outage report stating that DNS resolutions were causing “degraded performance.”

“We are currently investigating reports of issues resolving some endpoints including s3.eu-central-1.wasabisys.com s3.us-west-1.wasabisys.com and s3.wasabisys.com. We are investigating to try to determine the source of the issue. We will update this page as soon as we have more details,” Wasabi stated in the status report.

Also Read: Going Beyond DPO Meaning: Ever Heard of Outsourced DPO?

According to the status report, their domain registrar attempted to contact Wasabi about malicious content hosted on the wasabisys.com domain. When sending the abuse report, the registrar forwarded it to the wrong email, and Wasabi was never notified.

This mishap led to the registrar suspending the domain, effectively knocking the storage service offline as almost all of their storage buckets utilize the wasabisys.com domain.

After learning of the abuse report, Wasabi suspended the client hosting the malicious content and asked the registrar to reactivate the domain. The domain’s reinstatement took thirteen hours to complete, with it finally being restored today, at 12:57 PM EST.

“Upon learning of the malicious content report, Wasabi did immediately suspend the associated customer account for terms of service violations. We also contacted the domain name registrar as soon as we identified the problem. However, despite our escalation attempts, it took over 13 hours for them to reactivate the wasabisys.com domain,” Wasabi stated.

Threat actors are known to abuse legitimate cloud hosting services to host malware, and Wasabi is no exception. It is unknown what malicious content, or potentially false positives, triggered the domain’s suspension.

BleepingComputer reached out to Wasabi earlier today with questions about the outage but never received a reply.

Also Read: Limiting Location Data Exposure: 8 Best Practices

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us