BruCERT - Alerts & Advisories

Infographic Advisory on Phone Scam Impersonating Local Telco

admin — Mon, 13 Nov 2023 03:10:46 +0000

Infographic Advisory on Phone Scam Impersonating Local Telco admin 13 Nov 2023

Read more about Infographic Advisory on Phone Scam Impersonating Local Telco

Fake Message Impersonating Ministry of Culture Youth and Sports (MCYS)

admin — Wed, 01 Nov 2023 00:59:15 +0000

Fake Message Impersonating Ministry of Culture Youth and Sports (MCYS) admin 01 Nov 2023

Read more about Fake Message Impersonating Ministry of Culture Youth and Sports (MCYS)

Akira Ransomware

admin — Thu, 19 Oct 2023 00:50:55 +0000

Akira Ransomware admin 19 Oct 2023

Read more about Akira Ransomware

BACKGROUND

Akira is a ransomware group which was first observed in March 2023. Akira ransomware actors typically gain access to victims’ devices by using compromised credentials. Its operators use multi-extortion tactics, steal victims’ critical data and encrypts devices and files before demanding outrageous ransom payments. Victims who fail to comply with their demands will be listed on their TOR-based website along with the stolen data.

Ransomware Exploiting Zero-Day Vulnerability in Cisco ASA and FTD Software

admin — Tue, 17 Oct 2023 03:26:03 +0000

Ransomware Exploiting Zero-Day Vulnerability in Cisco ASA and FTD Software admin 17 Oct 2023

Read more about Ransomware Exploiting Zero-Day Vulnerability in Cisco ASA and FTD Software

BACKGROUND

Ransomware groups including LockBit and Akira are reportedly exploiting a zero-day vulnerability (CVE-2023-20269) in the VPN feature of Cisco’s Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) software, to gain access to corporate networks.

Apple Security Update Fixes Vulnerabilities Linked To Pegasus Spyware

admin — Tue, 12 Sep 2023 07:27:45 +0000

Apple Security Update Fixes Vulnerabilities Linked To Pegasus Spyware admin 12 Sep 2023

Read more about Apple Security Update Fixes Vulnerabilities Linked To Pegasus Spyware

BACKGROUND

Apple has released security updates for iOS, macOS, iPadOS and watchOS to fix two zero-day vulnerabilities which have been exploited in the wild to compromise Apple products without any interaction from the victim. The exploit allows attackers to target victims with NSO Group’s Pegasus Spyware, without any interaction from the targeted user.

The two known vulnerabilities are tracked as CVE-2023-41064 and CVE-2023-41061.

IMPACT

URGENT UPDATE FOR APPLE DEVICES TO ADDRESS ZERO-DAY BUG

admin — Mon, 17 Jul 2023 01:31:15 +0000

URGENT UPDATE FOR APPLE DEVICES TO ADDRESS ZERO-DAY BUG admin 17 Jul 2023

Read more about URGENT UPDATE FOR APPLE DEVICES TO ADDRESS ZERO-DAY BUG

BACKGROUND

Apple users are strongly advised to install an urgent Rapid Security Response (RSR) update to address
a vulnerability that impacts fully patched iPhones, Macs, and iPads. The RSR patches includes updates
for the latest versions of macOS, iOS, iPadOS, and Safari.

IMPACT

Critical Vulnerability in FortiOS SSL-VPN Targeting Governments

admin — Mon, 30 Jan 2023 03:10:07 +0000

Critical Vulnerability in FortiOS SSL-VPN Targeting Governments admin 30 Jan 2023

Read more about Critical Vulnerability in FortiOS SSL-VPN Targeting Governments

BACKGROUND

Fortinet has issued a warning on a vulnerability affecting several versions of Fortinet FortiOS used in its FortiGate secure socket layer virtual private network (SSL VPN) and firewall products. The security flaw is tracked as CVE-2022-42475 which is rated Critical and assigned a CVSS score of 9.3
out of 10. The attacks are said to be complex and highly targeted at “governmental or government-related targets.”

[TLP:WHITE] Alert On Spike In Telegram Hijacking In Brunei

admin — Thu, 19 Jan 2023 03:05:44 +0000

[TLP:WHITE] Alert On Spike In Telegram Hijacking In Brunei admin 19 Jan 2023

Read more about [TLP:WHITE] Alert On Spike In Telegram Hijacking In Brunei

Dridex Malware Targeting MacOS

admin — Tue, 17 Jan 2023 01:41:26 +0000

Dridex Malware Targeting MacOS admin 17 Jan 2023

Read more about Dridex Malware Targeting MacOS

BACKGROUND

Dridex, also known as Bugat and Cridex, is a banking malware that steals sensitive data from infected machines, and also deliver and execute malicious modules. Previously targeting Windows computers, it is now targeting Macs to spread by using email attachments that look like regular documents.

MODUS OPERANDI

WhatsApp Stolen Accounts

admin — Wed, 30 Nov 2022 01:48:41 +0000

WhatsApp Stolen Accounts admin 30 Nov 2022

Read more about WhatsApp Stolen Accounts

An increasing number of local WhatsApp users have reported their accounts being hacked recently. The user would receive an SMS containing a 6-digit verification code, then someone on WhatsApp will ask for the code. Once the code is shared, the scammer will be able to login to your WhatsApp account, and you will be logged out.