Skip to main content

Alerts and Advisories

BIBD phishing COVID-19 relief fund

9 Nov 2021

BruCERT has received reports of a phishing email which claims to be from "BIBD Bank Darussalam Brunei" offering a COVID-19 relief fund to its customers.

See more

Brunei Postal Services Dept Phishing Scam

1 Nov 2021

BruCERT has received a report of a phishing scam involving Brunei Postal Services Department. An SMS message which appears to be from "Brunei Post" informs the recipient that their package has been relocated to a post office branch due to unpaid postage fees. The message includes a shortened link which will redirect the user to a fake website post-bn.com where they will be asked to enter their full name and credit card details.

See more

School Website Compromised with Trojan in Phishing Attack

23 Sep 2021

BruCERT has received a report of a phishing website which claims to be St Andrew's School Brunei. The link which appears as https://saintandrew.edu.bn/wp-content/plugins/wp-embed- uses a common WordPress vulnerability which has been tested and found that it is able to run malicious activities in the system background.

See more

Fake COVID-19 Relief Fund

18 Sep 2021

BruCERT has received reports of scam text messages shared via WhatsApp, offering a COVID-19 relief fund from the government. The message includes a malicious link which appears as http://bit.ly/COVID19_SUPPORT-FUND

See more

Critical security update for Apple devices

17 Sep 2021

Apple has released security updates for iPhones, iPads, Apple Watches and Mac computers to address vulnerabilities (CVE-2021-30860 and CVE-2021-30858) that were being exploited by Pegasus spyware. The bug allowed for a "zero-click" install of the spyware which is capable of stealing data, passwords, and activating a phone's microphone or camera.

See more

Extortion scheme

24 Aug 2021

An extortion scam is being spread through spam emails, claiming to have hacked users by utilizing a 'zero-click' vulnerability to install Pegasus spyware software on their phone.

See more

Extortion scam utilizing Pegasus spyware

24 Aug 2021

An extortion scam is being spread through spam emails, claiming to have hacked users by utilizing a 'zeroclick' vulnerability to install Pegasus spyware software on their phone.

See more

Fake Fast Food Delivery Website

18 Aug 2021

Due to the challenging pandemic situation in Brunei Darussalam where the population is advised to stay at home, cybercriminals are taking the opportunity to phish sensitive and confidential information by creating a fake websites for well known fast food chains.

See more

Microsoft Exchange Server Vulnerability 'ProxyShell'

16 Aug 2021

Attackers are now actively exploiting Microsoft Exchange Servers using ProxyShell vulnerability to install backdoors for later access, which uses three chained MS vulnerabilities to perform unauthenticated, remote code execution. These chained vulnerabilities are exploited remotely through Microsoft Exchange's Client Access Service (CAS) running on port 443 in IIS.

See more

Android Trojan 'FlyTrap'

11 Aug 2021

Researchers have identified a new Android trojan named FlyTrap, which has affected more than 10,000 victims in over 140 countries since March. It has been able to spread through social media hijacking, third-party app stores, and sideloaded applications.

See more

Staying Cyber Safe When Working From Home

11 Aug 2021

In view of the recent directive for organizations to activate their business continuity plan (BCP) protocols, most organizations are requiring employees to work from home (WFH). Remote working creates additional opportunities for cyber threat actors to perform malicious cyber activities by exploring open vulnerabilities in less secured networks, thus gaining access to users’ data or the organization's network.

See more

Petitpotam Attack

4 Aug 2021

PetitPotam is a newly uncovered security flaw in the Windows operating system which can be used to attack remote Windows servers including Domain Controllers, to authenticate with a malicious destination, allowing an attacker to stage an NTLM relay attack and completely take over a Windows domain.

See more