Alerts & Advisories
16 Aug 2021
Attackers are now actively exploiting Microsoft Exchange Servers using ProxyShell vulnerability to install backdoors for later access, which uses three chained MS vulnerabilities to perform unauthenticated, remote code execution. These chained vulnerabilities are exploited remotely through Microsoft Exchange's Client Access Service (CAS) running on port 443 in IIS.
11 Aug 2021
Researchers have identified a new Android trojan named FlyTrap, which has affected more than 10,000 victims in over 140 countries since March. It has been able to spread through social media hijacking, third-party app stores, and sideloaded applications.
11 Aug 2021
In view of the recent directive for organizations to activate their business continuity plan (BCP) protocols, most organizations are requiring employees to work from home (WFH). Remote working creates additional opportunities for cyber threat actors to perform malicious cyber activities by exploring open vulnerabilities in less secured networks, thus gaining access to users’ data or the organization's network.
4 Aug 2021
PetitPotam is a newly uncovered security flaw in the Windows operating system which can be used to attack remote Windows servers including Domain Controllers, to authenticate with a malicious destination, allowing an attacker to stage an NTLM relay attack and completely take over a Windows domain.
23 Jul 2021
MosaicLoader is a Trojan horse-style malware which is being delivered through paid ads in search results designed to lure users looking for cracked software. Links to the malware will appear at the top of search results when people search for cracked versions of popular software.
19 Jul 2021
A WhatsApp message is now making its rounds claiming that phones will get hacked if the victim answers the call and follows the instruction given. The message, believed to originate from India, informs about receiving a call from the number “912250041117” for vaccine feedback and upon pressing 1, the phone will be blocked and hacked.
4 Jul 2021
Known vulnerabilities in Windows Print Spooler service can allow a total compromise of Windows systems. The print spooler is an executable file that manages the printing process. Management of printing involves retrieving the location of the correct printer driver, loading that driver, spooling high-level function calls into a print job, scheduling the print job for printing, and so on.
29 Jun 2021
Hacking group Nobelium which has caused concern for a lot of companies all over the world due to its ongoing malicious activity and sophisticated phishing attacks, is once again targeting IT and government organizations in various countries.
25 May 2021
Irresponsible party has been spreading messages via SMS throughout the country which eventually auto add a user to an online gambling WhatsApp group once the link provided is clicked. An example of the message "Tahniah Anda Kena Random Bonus. Anda Akan Dpt Antara 20%-200%. Top Up Utk Aktifkan Bonus Anda. Click to Claim: bit.ly/xxxx. Cepat claim dalam 24 jam".
9 Apr 2021
BruCERT has recently received a number of reports on a scam called “MARISEWABANK”. The scammer contacts victims via SMS containing a WhatsApp link. Once the link is clicked, the victim would be lured into online gambling by promising a profit of 100% to 350% depending on the bank that the victim deposits their money into.
7 Apr 2021
BruCERT has received several complaints recently about a tele-survey phone scam allegedly from a company named Prolific, asking people for their personal email address purportedly to send a survey through email. However, the real purpose is to collect sensitive and personal information.
12 Mar 2021
According to a study, 91% of cyber-attacks start with an email. Scammers hack email accounts so that they can send messages from a trusted email address in hopes of getting the recipients to take action. Their main goal is to get these email contacts to send money, reveal personal information, or click on a link that installs malware, spyware, or a virus.