Skip to main content

Alerts and Advisories

Microsoft Exchange Server Vulnerability 'ProxyShell'

16 Aug 2021

Attackers are now actively exploiting Microsoft Exchange Servers using ProxyShell vulnerability to install backdoors for later access, which uses three chained MS vulnerabilities to perform unauthenticated, remote code execution. These chained vulnerabilities are exploited remotely through Microsoft Exchange's Client Access Service (CAS) running on port 443 in IIS.

See more

Android Trojan 'FlyTrap'

11 Aug 2021

Researchers have identified a new Android trojan named FlyTrap, which has affected more than 10,000 victims in over 140 countries since March. It has been able to spread through social media hijacking, third-party app stores, and sideloaded applications.

See more

Staying Cyber Safe When Working From Home

11 Aug 2021

In view of the recent directive for organizations to activate their business continuity plan (BCP) protocols, most organizations are requiring employees to work from home (WFH). Remote working creates additional opportunities for cyber threat actors to perform malicious cyber activities by exploring open vulnerabilities in less secured networks, thus gaining access to users’ data or the organization's network.

See more

Petitpotam Attack

4 Aug 2021

PetitPotam is a newly uncovered security flaw in the Windows operating system which can be used to attack remote Windows servers including Domain Controllers, to authenticate with a malicious destination, allowing an attacker to stage an NTLM relay attack and completely take over a Windows domain.

See more

MosaicLoader malware distributed via ads in search results

23 Jul 2021

MosaicLoader is a Trojan horse-style malware which is being delivered through paid ads in search results designed to lure users looking for cracked software. Links to the malware will appear at the top of search results when people search for cracked versions of popular software.

See more

HOAX ALERT: Vaccine Feedback Call WhatsApp Message

19 Jul 2021

A WhatsApp message is now making its rounds claiming that phones will get hacked if the victim answers the call and follows the instruction given. The message, believed to originate from India, informs about receiving a call from the number “912250041117” for vaccine feedback and upon pressing 1, the phone will be blocked and hacked.

See more

PrintNightmare Bug

4 Jul 2021

Known vulnerabilities in Windows Print Spooler service can allow a total compromise of Windows systems. The print spooler is an executable file that manages the printing process. Management of printing involves retrieving the location of the correct printer driver, loading that driver, spooling high-level function calls into a print job, scheduling the print job for printing, and so on.

See more

Nobelium cyberattacks targeting IT and government organizations

29 Jun 2021

Hacking group Nobelium which has caused concern for a lot of companies all over the world due to its ongoing malicious activity and sophisticated phishing attacks, is once again targeting IT and government organizations in various countries.

See more

Online Gambling Scam Messages

25 May 2021

Irresponsible party has been spreading messages via SMS throughout the country which eventually auto add a user to an online gambling WhatsApp group once the link provided is clicked. An example of the message "Tahniah Anda Kena Random Bonus. Anda Akan Dpt Antara 20%-200%. Top Up Utk Aktifkan Bonus Anda. Click to Claim: Cepat claim dalam 24 jam".

See more

“MariSewaBank” Scam

9 Apr 2021

BruCERT has recently received a number of reports on a scam called “MARISEWABANK”. The scammer contacts victims via SMS containing a WhatsApp link. Once the link is clicked, the victim would be lured into online gambling by promising a profit of 100% to 350% depending on the bank that the victim deposits their money into.

See more

Tele-survey Scam

7 Apr 2021

BruCERT has received several complaints recently about a tele-survey phone scam allegedly from a company named Prolific, asking people for their personal email address purportedly to send a survey through email. However, the real purpose is to collect sensitive and personal information.

See more

Hacked Email Account: What to do and how to prevent it

12 Mar 2021

According to a study, 91% of cyber-attacks start with an email. Scammers hack email accounts so that they can send messages from a trusted email address in hopes of getting the recipients to take action. Their main goal is to get these email contacts to send money, reveal personal information, or click on a link that installs malware, spyware, or a virus.

See more