Skip to main content

Alerts and Advisories

Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers

6 Feb 2023

A new wave of ransomware attacks targeting VMware ESXi hypervisors are exploiting a known vulnerability CVE-2021-21974 on unpatched systems. The issue is an Open Service Location Protocol (OpenSLP) heap-overflow vulnerability that can lead to remote code execution.

See more

Critical Vulnerability in FortiOS SSL-VPN Targeting Governments

27 Jan 2023

Fortinet has issued a warning on a vulnerability affecting several versions of Fortinet FortiOS used in its FortiGate secure socket layer virtual private network (SSL VPN) and firewall products. The security flaw is tracked as CVE-2022-42475 which is rated Critical and assigned a CVSS score of 9.3 out of 10. The attacks are said to be complex and highly targeted at “governmental or government-related targets.” FortiOS is a network security operating system developed by Fortinet, Inc which provides a comprehensive set of networking and security features for organizations across all industries.

See more

End-of-Life Cisco Business Routers Vulnerable to Remote Attacks

25 Jan 2023

Cisco has warned of two security vulnerabilities affecting Small Business Routers which have reached end-of-life (EoL). Both vulnerabilities could allow a remote attacker to bypass authentication or execute arbitrary commands on the underlying operating system of an affected device.

See more

Spike in Telegram Hijacking in Brunei

19 Jan 2023

Telegram takeover involving a money transfer scam has been active in Brunei Darussalam since last year and a recent spike in this scam has been reported to BruCERT in the past month. This is a worrying trend as a growing number of individuals have fallen victim and transferred funds ranging from $200 to $1,000 to the scammers. It is suspected that the number of unreported cases is much higher. The scam is initiated by hijacking a user’s Telegram account, then using the compromised account to request for money from people in the user’s contact list.

See more

Dridex Malware Targeting MacOS

10 Jan 2023

Dridex, also known as Bugat and Cridex, is a banking malware that steals sensitive data from infected machines, and also deliver and execute malicious modules. Previously targeting Windows computers, it is now targeting Macs to spread by using email attachments that look like regular documents.

See more

Securing your WhatsApp account

30 Nov 2022

WhatsApp is one of the most common communication methods used in our country. Therefore, it is of utmost importance to take precautionary measures to secure your account. Compromised WhatsApp accounts may lead to risks such as data leakage and identity theft, among others.

See more

Local Bank Phone Scam

10 Nov 2022

BruCERT has received several reports of a phone scam impersonating a local bank in an attempt to obtain sensitive information such as name, identity card number, credit card details and other personally identifiable information (PII).

See more

High Severity OpenSSL Vulnerabilities

3 Nov 2022

Two new buffer overflow vulnerabilities with the formal assignments of CVE-2022-3602 (“X.509 Email Address 4-byte Buffer Overflow”) and CVE-2022-3786 (“X.509 Email Address Variable Length Buffer Overflow”) has just been disclosed in Open SSL version 3.0.0 to 3.0.6.

See more

Group Privacy Settings for WhatsApp and Telegram

13 Oct 2022

Most instant messaging apps including WhatsApp and Telegram will allow anyone to message or add users to a group chat even if they are not in the user’s contact list.

See more

Authentication Bypass Vulnerability in Fortinet Products (CVE-2022-40684)

12 Oct 2022

Fortinet has released a critical warning of a high severity vulnerability, CVE-2022-40684, which is affecting FortiOS, FortiProxy and FortiSwitchManager.

See more

Zero Day Exchange Vulnerabilities CVE-2022-41040 and CVE-2022-41082

7 Oct 2022

Microsoft security researchers announced two new zero-day vulnerabilities, CVE-2022-41040 and CVE-2022-41082 affecting Microsoft Exchange Server.

See more

Hacked Business Instagram Account

6 Oct 2022

BruCERT has received an alarming number of reports from users whose Instagram account has been taken over, with a demand for ransom to be paid in order to regain access to their account.

See more