Alerts & Advisories

Filter By:
Active Exploitation of Critical Vulnerability in Palo Alto Networks PAN-OS Software
Palo Alto Networks has disclosed a critical vulnerability affecting their PAN-OS software used in its GlobalProtect gateways. The vulnerability has a Common Vulnerability Scoring System (CVSSv3) score of 10.0 and is reportedly being actively exploited.
Active Exploitation of Critical Vulnerability in Palo Alto Networks PAN-OS Software
How Organisations Can Secure Their Network Attached Storage (NAS) Systems
There have been increasing instances of attackers targeting organisations' Network Attached Storage (NAS) systems. Upon gaining access, the attackers will either encrypt the files within the network by injecting malware into the compromised network, or delete data stored on the NAS system before leaving a ransom note in the system. Therefore, securing your NAS systems is crucial as it safeguards sensitive data from unauthorised access, ensuring confidentiality and integrity.
How Organisations Can Secure Their Network Attached Storage (NAS) Systems
Active Exploitation of Vulnerabilities in D-Link Products
D-Link has disclosed two vulnerabilities (CVE-2024-3272 & CVE-2024-3273) in their network-attached storage (NAS) devices.
Active Exploitation of Vulnerabilities in D-Link Products
Critical Vulnerability in Rust Standard Library
Rust has released an update to address a critical vulnerability (CVE-2024-24576) affecting the Rust standard library.
Critical Vulnerability in Rust Standard Library
Security Bulletin 11 Apr 2024
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 11 Apr 2024
Apr 2024 Monthly Patch
Microsoft has released security patches to address multiple vulnerabilities in their software and products.
Apr 2024 Monthly Patch
Multiple Vulnerabilities in HTTP/2 Protocol
A security researcher has disclosed a new Denial-of-Service (DoS) attack method which exploits HTTP/2 protocols affected by a class of vulnerabilities, codenamed HTTP/2 CONTINUATION Flood.
Multiple Vulnerabilities in HTTP/2 Protocol
Joint Advisory On Ransom Incidents Involving Network Attached Storage (NAS) Systems
The Singapore Police Force (SPF), Personal Data Protection Commission (PDPC) and CSA have issued a joint advisory on ransom incidents involving Network Attached Storage (NAS) systems, detailing the Tactics, Techniques and Procedures (TTPs) employed by the threat actors, how victims can respond to such incidents, and recommended measures to mitigate the threat posed.
Joint Advisory On Ransom Incidents Involving Network Attached Storage (NAS) Systems
Critical Vulnerability in WordPress LayerSlider Plugin
LayerSlider has released updates to address a critical vulnerability (CVE-2024-2879) affecting their LayerSlider plugin for WordPress. The vulnerability has a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10.
Critical Vulnerability in WordPress LayerSlider Plugin
Security Bulletin 03 Apr 2024
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 03 Apr 2024
Multiple High Severity Vulnerabilities in Cisco IOS and IOS XE Software
Cisco has released updates addressing multiple high severity vulnerabilities (CVE-2024-20311, CVE-2024-20314, CVE-2024-20307, CVE-2024-20308, CVE-2024-20259, CVE-2024-20303) affecting their IOS and IOS XE Software.
Multiple High Severity Vulnerabilities in Cisco IOS and IOS XE Software
Critical Vulnerability in XZ Utils
Security researchers have disclosed a critical vulnerability in XZ Utils used in Linux distributions. Users and administrators are advised to downgrade to XZ versions 5.4.x or disable SSH services immediately.
Critical Vulnerability in XZ Utils
Vulnerability Affecting User Datagram Protocol Implementations
Security researchers have disclosed a vulnerability (CVE-2024-2169) affecting implementations of User Datagram Protocol (UDP).
Vulnerability Affecting User Datagram Protocol Implementations
Ongoing Malware Campaign Targeting WordPress Websites
There are reports of an ongoing malware campaign, Sign1, targeting WordPress sites. The campaign entails attackers gaining access to WordPress websites through brute force attacks and exploiting vulnerabilities in their plugins.
Ongoing Malware Campaign Targeting WordPress Websites
Security Bulletin 27 Mar 2024
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 27 Mar 2024
Active Exploitation of Critical Vulnerability in JetBrains TeamCity On-Premises
JetBrains has released updates addressing a critical vulnerability (CVE-2024-27198) affecting JetBrains TeamCity On-Premises.
Active Exploitation of Critical Vulnerability in JetBrains TeamCity On-Premises
Advisory on Detecting and Responding to Deepfake Scams
Artificial Intelligence (AI) is being used to produce increasingly convincing deepfakes that are indistinguishable even to the trained eye.
Advisory on Detecting and Responding to Deepfake Scams
Critical Vulnerabilities in Unitronics Products
Unitronics has released security updates to address critical vulnerabilities in their Unistream Unilogic software. Users and administrators of affected product versions are advised to update to the latest versions immediately.
Critical Vulnerabilities in Unitronics Products
Security Bulletin 20 Mar 2024
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 20 Mar 2024
Critical Vulnerability in QNAP Products
QNAP has released security updates to address a critical vulnerability (CVE-2024-21899) affecting their QTS, QuTS hero, QuTScloud, and myQNAPcloud products. The vulnerability has a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10.
Critical Vulnerability in QNAP Products