fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Google: Chinese State Hackers Keep Targeting Russian Govt Agencies

Google: Chinese State Hackers Keep Targeting Russian Govt Agencies

Google said today that a Chinese-sponsored hacking group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF) is targeting Russian government agencies.

The company’s Threat Analysis Group (TAG), a team of security experts that acts as a defense force for Google users from state-sponsored attacks, added in a report focused on Eastern Europe cyber activity that the APT group has also successfully breached several Russian companies. 

As revealed in previous Google TAG reports, this threat actor has been targeting government and military organizations from Russia, as well as those of other countries in the region like Ukraine, Kazakhstan, and Mongolia.

“In Russia, long running campaigns against multiple government organizations have continued, including the Ministry of Foreign Affairs,” Google TAG Security Engineer Billy Leonard said.

Also Read: 5 Simple Instructions on How to Access Request Form PDF

“Over the past week, TAG identified additional compromises impacting multiple Russian defense contractors and manufacturers and a Russian logistics company.”

Mustang Panda, another Chinese-backed state actor, was recently observed by cybersecurity company Secureworks targeting “officials or military personnel familiar with the region.”

Today’s report follows another one published in late March that revealed extensive phishing attacks coordinated by Russian-based threat groups against NATO and the European military.

Another report from early March about malicious activity linked to the Russian war in Ukraine exposed Russian, Chinese, and Belarus government hackers’ ongoing efforts to compromise Ukrainian and European organizations and officials.

Backdrop dominated by cyberattacks against Ukraine

Today, Leonard said that state-sponsored threat actors from China, Iran, North Korea, and Russia are still actively targeting critical infrastructure, including oil and gas, telecommunications, and manufacturing.

Google saw the Russian-backed APT28 and Turla hacking groups running credential phishing campaigns and attacks against defense and cybersecurity organizations. 

Another Russian APT group tracked as Coldriver (aka Callisto) uses Gmail accounts to deliver phishing emails targeting government and defense officials, NGOs, think tanks, and journalists.

Their attacks have been blocked so far by Google’s Safe Browsing service after their phishing domains were identified and tagged as malicious.

Ghostwriter, a Belarusian-backed threat actor, is also attempting to steal credentials from “high risk individuals in Ukraine” in phishing campaigns targeting their Gmail accounts.

Also Read: Unsolicited Electronic Messages Act Means for Businesses

“There were no accounts compromised from this campaign and Google will alert all targeted users of these attempts through our monthly government-backed attacker warnings,” Leonard added.

On Wednesday, Microsoft also revealed the true scale of Russia’s cyberattacks against Ukraine, with multiple Russian threat groups linked to the GRU, SVR, and FSB Russian intelligence services targeting the country’s infrastructure and citizens.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us