Alerts & Advisories
11 Nov 2023
Members of the public have reported receiving suspicious calls from a foreign telephone number (e.g. +92++++++) impersonating a local telco. The caller speaks with a foreign accent and claims that the telco customer’s account has expired. Such calls are suspected to be attempts at phishing personal details such as full name, identity card number, telco account details and other Personal Identifiable Information (PII).
10 Nov 2023
An Instagram account named hal_ehwal_dalam_negeri is impersonating the Ministry of Home Affairs (MOHA) of Brunei Darussalam, claiming to offer free assistance (Bantuan Percuma) from the government, in the form of job opportunities, health insurance, business capital and education funding.
1 Nov 2023
A Proof-of-Concept (PoC) exploit has been published for a Microsoft Exchange Server vulnerability, identified as CVE-2023-36745, which can allow remote attackers to execute code.
23 Oct 2023
BruCERT has received reports of a new phishing scam involving Brunei Postal Services Department. A message which appears to be from “Brunei Postal Services” claims that there is a parcel which cannot be delivered to the recipient due to incomplete address information. The message includes a link that requires the recipient to confirm their address.
17 Oct 2023
Ransomware groups including LockBit and Akira are reportedly exploiƟng a zero-day vulnerability (CVE-2023- 20269) in the VPN feature of Cisco’s Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) software, to gain access to corporate networks.
17 Oct 2023
Akira is a ransomware group which was first observed in March 2023. Akira ransomware actors typically gain access to victims’ devices by using compromised credentials. Its operators use multi-extortion tactics, steal victims’ critical data and encrypts devices and files before demanding outrageous ransom payments. Victims who fail to comply with their demands will be listed on their TOR-based website along with the stolen data.
12 Oct 2023
cURL, powered by libcurl, is a popular command-line tool for transferring data specified with URL syntax. It supports a wide range of protocols such as FTP(S), HTTP(S), IMAP(S), LDAP(S), MQTT, POP3, RTMP(S), SCP, SFTP, SMB(S), SMTP(S), TELNET, WS, and WSS. Almost every single internet-connected device uses cURL or libcurl (directly or indirectly). This includes almost all Linux based OS and other OS, servers, printers, Android devices, cars, smart devices, all IoT devices, etc.
11 Sep 2023
Apple has released security updates for iOS, macOS, iPadOS and watchOS to fix two zero-day vulnerabilities which have been exploited in the wild to compromise Apple products without any interaction from the victim. The exploit allows attackers to target victims with NSO Group’s Pegasus Spyware, without any interaction from the targeted user.
16 Jul 2023
Apple users are strongly advised to install an urgent Rapid Security Response (RSR) update to address a vulnerability that impacts fully patched iPhones, Macs, and iPads. The RSR patches includes updates for the latest versions of macOS, iOS, iPadOS, and Safari.
9 Mar 2023
Organizations in critical infrastructure sectors including communications, education, public healthcare, and manufacturing are facing increasing threat by attacks involving Royal ransomware.
6 Feb 2023
A new wave of ransomware attacks targeting VMware ESXi hypervisors are exploiting a known vulnerability CVE-2021-21974 on unpatched systems. The issue is an Open Service Location Protocol (OpenSLP) heap-overflow vulnerability that can lead to remote code execution.
27 Jan 2023
Fortinet has issued a warning on a vulnerability affecting several versions of Fortinet FortiOS used in its FortiGate secure socket layer virtual private network (SSL VPN) and firewall products. The security flaw is tracked as CVE-2022-42475 which is rated Critical and assigned a CVSS score of 9.3 out of 10. The attacks are said to be complex and highly targeted at “governmental or government-related targets.” FortiOS is a network security operating system developed by Fortinet, Inc which provides a comprehensive set of networking and security features for organizations across all industries.