Cybersecurity News in Asia

Features
- Featured
  
  Bridging the data science talent gap for national cyber defenses: Urgent action needed
  
  Monday, April 29, 2024, 10:16 AM Asia/Singapore | Features
- Featured
  
  AI adoption in India: A balancing act worth chatting about
  
  Thursday, April 25, 2024, 2:53 PM Asia/Singapore | Features, Newsletter
- Featured
  
  AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
  
  Monday, April 22, 2024, 4:40 PM Asia/Singapore | Case Study, Features
News
- Featured
  
  Understanding the “multiplier effect” of digital fraud in the region
  
  Thursday, May 2, 2024, 2:05 PM Asia/Singapore | News, Newsletter
- Featured
  
  Cyber resilience requires leaders that manage risk with full organizational support: report
  
  Thursday, May 2, 2024, 10:11 AM Asia/Singapore | News, Newsletter
- Featured
  
  Sophisticated China-linked DNS threat actor exposed
  
  Thursday, May 2, 2024, 9:03 AM Asia/Singapore | News, Newsletter
Opinions
Tips
Whitepapers
Awards 2024
Directory
E-Learning

News

Maze ransomware strikes tech giant Canon

By CybersecAsia editors and webmaster webmaster | Tuesday, August 11, 2020, 9:58 AM Asia/Singapore

A nasty group that has hit even a US nuclear missile contractor has just disrupted the global technology innovator’s operations

Technology giant Canon has been hit by Maze ransomware, suffering an outage impacting users of the image.canon photo storage site. There are unconfirmed reports that the ransomware attack involved the theft of 10TBs of data across multiple services.

A report lists a total of 24 Canon domains that appear to have been impacted, including canonhelp.com, which showed an internal server error message when accessed. Canon had apparently issued a company-wide notification from the IT Service Center informing employees that there are “widespread system issues” affecting applications and emails—amongst other corporate services.

According to John Shier, Senior Security Advisor, Sophos, the ransomware attack on Canon is yet another example of the Maze gang’s sustained and brazen targeting of enterprises. “Following other recent high-profile attacks, this latest salvo should be a wake-up call to all the enterprises that have not (reassessed) their security posture and bolstered their defenses against these pernicious adversaries.”

A Maze hiding in plain sight

Shier said that many of these attacks start by exploiting external services or via simple phishing campaigns. The successful campaigns will often be followed by living-off-the-land techniques, abusing over-privileged and under-protected accounts, and hiding in plain sight. “Enterprises must take the time to ensure they’ve built a strong security foundation (e.g. principle of least privilege, multi-factor authentication everywhere, patching, user training, etc.), which includes investment in both prevention and detection technologies today if they don’t want to be a victim tomorrow.”

SophosLabs has studied the Maze group—notoriously known for double extortion threats:

Pay up to get the decryption key to recover your precious files that have been scrambled
Pay to stop us releasing your precious data that could harm your business

For organizations alarmed by the Maze exploits, their other stealthy tactics, techniques and procedures are worth a look.

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Securing Industry 4.0
The world is advancing to Industry 4.0 in full swing, and this is a key …Download Whitepaper
Secure Access Service Edge (SASE) Solutions for Today’s Work-From-Anywhere (WFA) Environment
Organizations are turning to Secure Access Service Edge (SASE) solutions for securing remote work environments, …Download Whitepaper
Identity Has Breached the Ecosystem
This whitepaper explores the dual nature of identity in cybersecurity, emphasizing its role in both …Download Whitepaper
Fortanix Buyers Guide for Modern Key Management and Data Security
This document underscores the pressing challenges in key management and data securityDownload Whitepaper

Middle-sidebar-banner

Case Studies

How medical devices manufacturer Tuttnauer protects patient and personal-data safety
In running a cloud-based portal to link its smart medical equipment, the firm has also …Read more
AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
To test the safety/security of a generative AI feature, what unchartered bugs and human testing …Read more
Real estate logistics provider GLP steps up to zero trust architecture
With its physical and digital footprint growing, the global firm’s outdated legacy security stack has …Read more
Identity security woes now a thing of the past for Heng Leong Hang
The retail chain was grappling with numerous cyber risks in its IT infrastructure until it …Read more

Cybersecurity News in Asia

Featured

Bridging the data science talent gap for national cyber defenses: Urgent action needed

Featured

AI adoption in India: A balancing act worth chatting about

Featured

AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming

Featured

Understanding the “multiplier effect” of digital fraud in the region

Featured

Cyber resilience requires leaders that manage risk with full organizational support: report

Featured

Sophisticated China-linked DNS threat actor exposed

Maze ransomware strikes tech giant Canon

A Maze hiding in plain sight

Related Posts

Leave a reply Cancel reply

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Middle-sidebar-banner

Case Studies

Bottom sidebar