Pantropic Newsletter #28

Posted April 10, 2024

by Sarah


Pantropic Newsletter #28 (January 2024)

Microsoft Teams hit by second outage in three days


Microsoft Teams, a critical tool for many businesses, stumbled again with connectivity issues and message delays plaguing users across North and South America, just days after a global outage. While localized, this repeat disruption underscores the vulnerability of cloud services, even for tech giants. Businesses in Asia, particularly reliant on the same or similar tools, should stay vigilant, consider redundancy measures to protect against potential communication breakdowns and ensure their data and service are protected.

(Source: Bleeping Computer)


Multi-factor authentication suffers from three major weaknesses


Despite its reputation, not all multi-factor authentication (MFA) are created equal. While traditional OTPs and Push 2FA add layers, they’re still vulnerable to phishing and session cookie hijacking. This exposes businesses to cyber threats like AiTM (Adversary-in-the-Middle) attacks, as seen in the Okta breach. The next generation of truly phish-proof MFA tackles these weaknesses by eliminating susceptible factors and embracing Zero Trust principles. Time to leave outdated MFA relics behind and embrace solutions that safeguard your entire identity, not just logins.

(Source: Tech Radar)


TeamViewer abused to breach networks in new ransomware attacks


Cybercriminals are exploiting the trusted remote access tool TeamViewer to infiltrate organizations and deploy LockBit ransomware. This resurgence exposes the hidden dangers lurking within seemingly harmless software. Hackers leverage weak security settings or stolen credentials to gain access, then unleash malicious payloads disguised as ordinary files. To combat this threat, organizations must tighten security around remote access tools, monitor activity closely, and never let their guard down.

(Source: Bleeping Computer)


RE&S latest Singapore-listed company to be hit by spate of ransomware attacks


Singapore’s business landscape has been tarnished by a recent wave of cyberattacks, with RE&S Holdings becoming the third listed company to fall victim to ransomware in just two weeks. This string of incidents serves as a stark reminder that no organization is immune, regardless of industry or size. The threat is not a matter of “if,” but “when,” and waiting for disaster to strike is not an option. Proactive measures and comprehensive cybersecurity solutions with expert guidance are crucial. Call us for a no-obligation consultation to assess your vulnerabilities and tailor a plan that fits your needs.

(Source: The Edge Singapore)


VMware confirms critical vCenter flaw now exploited in attacks


A patched vulnerability in VMware vCenter Server (CVE-2023-34048) is under active attack, exposing organizations to remote code execution threats. This critical flaw, discovered by Trend Micro, requires immediate patching for vulnerable servers. Leaving it unpatched puts your entire vSphere environment at risk, potentially allowing attackers to infiltrate and deploy ransomware. Network access brokers actively sell compromised VMware servers to ransomware gangs, highlighting the gravity of this exploit.

(Source: Bleeping Computer)


Backup and Data Security Solutions


This “white glove” managed service is the next generation secure offsite backup you need right now. We monitor your backups daily, help you troubleshoot any problems, and can assist you with restorations when you need it. Our Data Security Module can perform bi-directional anti-malware scans, content disarm and reconstruction (CDR), and protect your backups with biometric Deep MFA and multi-person workflow, crucial in stopping stolen credential attacks.


Leading desktop and laptop backup solution providing automated and continuous data backup protection with unlimited capacity backup licensing and flexible deployment options. Ensures fast and complete backup and recovery anytime, anywhere.


A next-generation endpoint protection platform using AI and machine learning to effectively stop breaches including true NGAV, endpoint detection and response (EDR), threat intelligence management and automation.


World’s largest security awareness training platform with simulated phishing attacks, educating and empowering employees to strengthen IT security against cybercriminals.


Copyright © 2024 Pantropic Online Pte Ltd. All rights reserved.