Alerts and Advisories

Telegram Takeover

5 Aug 2022

An increasing number of local Telegram users have reported to BruCERT since April this year that their accounts had been hacked or taken over. It is suspected that the number of unreported cases could be much higher.

See more

Microsoft Ransomware Targeting OneDrive and SharePoint Files By Abusing Versioning Configurations

19 Jul 2022

A proof-of-concept exploit could give hackers access to Office 365 or Microsoft 365 documents stored on OneDrive or SharePoint and make it inaccessible to the compromised user. It involves “file versioning” which is a feature in both OneDrive and SharePoint where a document is autosaved whenever an edit is made.

See more

Microsoft Support Diagnostic Tool Vulnerability

6 Jun 2022

A remote code execution (RCE) vulnerability CVE-2022-30190, known as "Follina", is affecting the Microsoft Support Diagnostic Tool (MSDT) in Windows. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application.

See more