Alerts & Advisories

Filter By:
Ongoing Fake CVE Phishing Campaign Targeting WordPress
There are reports regarding an ongoing phishing campaign targeting WordPress. Users and administrators are advised to be vigilant towards such phishing attempts and to not click on any links in the reported email. Read the alert here.
Ongoing Fake CVE Phishing Campaign Targeting WordPress
Active Exploitation of Zero-Day Vulnerabilities in Apple WebKit
Apple has released security updates to address two zero-day vulnerabilities. The vulnerabilities are reportedly being actively exploited. Users of affected Apple's products are advised to update to the latest versions immediately
Active Exploitation of Zero-Day Vulnerabilities in Apple WebKit
Active Exploitation of Zero-Day Vulnerability in Google Chrome
Google has released security updates addressing a zero-day vulnerability (CVE-2023-6345) in Google Chrome.
Active Exploitation of Zero-Day Vulnerability in Google Chrome
Security Bulletin 29 Nov 2023
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 29 Nov 2023
Critical Vulnerabilities in ownCloud File Sharing Application
ownCloud has released security updates to address three critical vulnerabilities in its open source file sharing software. CVE-2023-49103 and CVE-2023-49105 have a Common Vulnerability Scoring System (CVSS) score of 10 out of 10 and 9.8 out of 10 respectively.
Critical Vulnerabilities in ownCloud File Sharing Application
Active Exploitation of Critical Vulnerability in Apache ActiveMQ
Apache has released updates to address a critical vulnerability (CVE-2023-46604) in Apache ActiveMQ.
Active Exploitation of Critical Vulnerability in Apache ActiveMQ
Security Bulletin 22 Nov 2023
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 22 Nov 2023
Critical Vulnerability in Fortinet’s FortiSIEM Product
Fortinet has released security updates to address a critical vulnerability (CVE-2023-36553) in their FortiSIEM report server.
Critical Vulnerability in Fortinet’s FortiSIEM Product
Critical Vulnerability in VMWare Cloud Director Appliance
VMWare has released security updates to address a critical vulnerability (CVE-2023-34060) in their VMware Cloud Director Appliance (VCD Appliance).
Critical Vulnerability in VMWare Cloud Director Appliance
Nov 2023 Monthly Patch
Microsoft has released security patches to address multiple vulnerabilities in their software and products.
Nov 2023 Monthly Patch
Security Bulletin 15 Nov 2023
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 15 Nov 2023
Joint Advisory on Protecting Yourself against Malware Scams during the Festive Season
The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) have issued a joint advisory to advise the public to stay vigilant against such festive-themed malware scams and how individuals can protect themselves.
Joint Advisory on Protecting Yourself against Malware Scams during the Festive Season
Security Bulletin 8 Nov 2023
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 8 Nov 2023
Active Exploitation of High Severity Vulnerability in GNU C Library
Security researchers have disclosed a high severity vulnerability, known as Looney Tunables (CVE-2023-4911), in GNU C library which is commonly used in Linux kernel-based systems.
Active Exploitation of High Severity Vulnerability in GNU C Library
Critical Vulnerabilities in QNAP QTS Operating System and Applications
QNAP has released security updates to address two critical vulnerabilities (CVE-2023-23368 and CVE-2023-23369) that impact multiple versions of the QTS Operating System (OS) and applications on its network-attached storage (NAS) devices.
Critical Vulnerabilities in QNAP QTS Operating System and Applications
Critical Vulnerabilities in Veeam ONE
Veeam has released security updates to address two critical vulnerabilities (CVE-2023-38547 and CVE-2023-38548) in their Veeam ONE platform, an IT infrastructure monitoring and analytics platform.
Critical Vulnerabilities in Veeam ONE
Critical Vulnerability in F5's BIG-IP Traffic Management User Interface (TMUI)
F5 has released security updates to address a critical vulnerability (CVE-2023-46747) in their BIG-IP Traffic Management User Interface (TMUI).
Critical Vulnerability in F5's BIG-IP Traffic Management User Interface (TMUI)
Critical Vulnerability in Atlassian Confluence Data Center and Server
Atlassian has released security updates to address a critical vulnerability (CVE-2023-22518) in their Confluence Data Center and Server products.
Critical Vulnerability in Atlassian Confluence Data Center and Server
Security Bulletin 1 Nov 2023
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 1 Nov 2023
Common Cybersecurity Misconfigurations in Networks
Threat actors often target common cybersecurity misconfigurations in the networks of large organisations to gain unauthorised access, move laterally within the network and carry out various forms of cyberattacks. Addressing these common misconfigurations through proactive security measures, regular assessments, and ongoing monitoring is essential for improving network security in large organisations.
Common Cybersecurity Misconfigurations in Networks