Pantropic Newsletter #23

Posted December 28, 2023

by Sarah



Pantropic Newsletter #23 (August 2023)

ShopBack fined S$74,400 over leak of more than 1.4 million customers’ personal data


ShopBack faced a hefty fine after a data breach exposed details of about 1.45 million users, including email addresses, bank account numbers, and partial credit card information. The company took immediate action, implementing security measures and engaging forensic experts. The Personal Data Protection Commission (PDPC) highlighted ShopBack’s inadequate AWS key management processes. ShopBack has since enhanced its security protocols.

(Source: Channel News Asia)


Microsoft OneDrive could pose a serious security threat to your business


Microsoft OneDrive’s app on Windows devices might pose a significant security risk. Research presented at the Black Hat conference revealed that hackers could exploit the cloud storage platform for ransomware attacks. The vulnerability lies in OneDrive’s app storing user logs that contain session tokens, potentially granting unauthorized access to local files.

(Source: Tech Radar)


Billions of Intel CPUs are leaking passwords and killing performance


A concerning vulnerability named “Downfall” has been identified in several Intel processors. Discovered by Google’s Daniel Moghimi, this flaw could allow hackers to access sensitive data, including passwords. While Intel has released a fix, it comes with a significant performance drop, affecting billions of chips.

(Source: Digital Trends)


Cloud hosting company customers lose all their data following ransomware attack


CloudNordic and Azero, two cloud hosting companies owned by Certiqa Holding, suffered a ransomware attack, resulting in a total data loss for their customers. The attackers encrypted all servers and backups, making data recovery impossible. The breach may have occurred during a server migration process.

(Source: Tech Radar)


Nearly 1,000 Organizations, 60 Million Individuals Impacted by MOVEit Hack


The Cl0p ransomware group’s MOVEit campaign has affected nearly 1,000 organizations and 60 million individuals. This includes both direct and indirect victims. Notable entities like Maximus, UCLA, and Siemens Energy were among the impacted. The cybercriminals have begun leaking data from non-compliant victims, with most affected organizations based in the U.S.

(Source: SecurityWeek)


ATEGO Enterprise – Deep MFA Protection


Hackers with stolen credentials will try delete you backups or shorten retention periods from days to hours. By requiring multi-factor authentication and workflow to enable crucial tasks like modifying the retention duration, ATEGO Enterprise with Deep MFA can foil their attempts.


Backup and Data Security Solutions


This “white glove” managed service is the next generation secure offsite backup you need right now. We monitor your backups daily, help you troubleshoot any problems, and can assist you with restorations when you need it. Our Data Security Module can perform bi-directional anti-malware scans, content disarm and reconstruction (CDR), and protect your backups with biometric Deep MFA and multi-person workflow, crucial in stopping stolen credential attacks.


Leading desktop and laptop backup solution providing automated and continuous data backup protection with unlimited capacity backup licensing and flexible deployment options. Ensures fast and complete backup and recovery anytime, anywhere.


A next-generation endpoint protection platform using AI and machine learning to effectively stop breaches including true NGAV, endpoint detection and response (EDR), threat intelligence management and automation.


World’s largest security awareness training platform with simulated phishing attacks, educating and empowering employees to strengthen IT security against cybercriminals.


Copyright © 2023 Pantropic Online Pte Ltd. All rights reserved.