Advisories

Information on high-impact cybersecurity activity affecting Singapore

Filter By:
Joint Threat Advisory on GhostR
The Cyber Security Agency of Singapore (CSA), the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC) have received several reports from organisations affected by the cyber threat actor GhostR in the last three months. This advisory provides information on observed Tactics, Techniques and Procedures (TTPs) employed by GhostR to compromise their victims’ networks and recommends measures for organisations to mitigate the threats.
Joint Threat Advisory on GhostR
Advisory on Extortion Emails
In August 2024, at least 33 reports of extortion emails were made to SingCERT from individuals and organisations.
Advisory on Extortion Emails
Best Practices for Event Logging and Threat Detection
The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) has published an advisory on "Best Practices for Event Logging and Threat Detection" in cooperation with 14 other international partners from 8 countries including the Cyber Security Agency of Singapore (CSA).
Best Practices for Event Logging and Threat Detection
How Individuals and Organisations Can Ensure Data Resilience
In an increasingly digitalised world, ensuring data resilience has become increasingly important.
How Individuals and Organisations Can Ensure Data Resilience
Building Digital Resilience for Organisations
In light of the July 2024 global IT outage affecting Crowdstrike software which disrupted a wide array of digital services worldwide, it is critical for businesses to bolster their digital resilience and minimise disruptions to our citizens.
Building Digital Resilience for Organisations
Joint Technical Advisory on Akira
CSA, the Singapore Police Force (SPF) and the Personal Data Protection Commission (PDPC) have jointly issued an advisory on Akira ransomware. It highlights the observed Tactics, Techniques and Procedures (TTPs) employed by Akira threat group to compromise their victims’ networks and provides some recommended measures for organisations to mitigate the threat posed.
Joint Technical Advisory on Akira
Protecting Your IoT Devices
Internet of Things (IoT) devices are transforming the way we live and interact with the world around us. However, with the proliferation of IoT, it also makes them convenient and attractive targets for threat actors. As such,it is crucial to secure IoT devices to safeguard sensitive data, maintain personal privacy, and prevent compromise.
Protecting Your IoT Devices
Using Personal VPN Services Safely
A Virtual Private Network (VPN) is a technology that allows the user to establish a secure and protected network connection over the Internet, ensuring the confidentiality and integrity of the data being transmitted.
Using Personal VPN Services Safely
Defending Against Cyber Threats Leveraging Microsoft Graph API
There has been a rising number of reports involving cybercriminals leveraging Microsoft Graph Application Programming Interface (API) to communicate with and host their command-and-control (C2) infrastructure on Microsoft cloud services.
Defending Against Cyber Threats Leveraging Microsoft Graph API
Protect Your Organisation Against Malware Threats Spread Through USB Devices
USB drives are small, portable, and readily available storage devices. These characteristics bring great convenience for data transfer and device connectivity. However, USB drives also harbour the potential to introduce malicious software into an organisation's systems.
Protect Your Organisation Against Malware Threats Spread Through USB Devices
How Organisations Can Secure Their Network Attached Storage (NAS) Systems
There have been increasing instances of attackers targeting organisations' Network Attached Storage (NAS) systems. Upon gaining access, the attackers will either encrypt the files within the network by injecting malware into the compromised network, or delete data stored on the NAS system before leaving a ransom note in the system. Therefore, securing your NAS systems is crucial as it safeguards sensitive data from unauthorised access, ensuring confidentiality and integrity.
How Organisations Can Secure Their Network Attached Storage (NAS) Systems
Joint Advisory On Ransom Incidents Involving Network Attached Storage (NAS) Systems
The Singapore Police Force (SPF), Personal Data Protection Commission (PDPC) and CSA have issued a joint advisory on ransom incidents involving Network Attached Storage (NAS) systems, detailing the Tactics, Techniques and Procedures (TTPs) employed by the threat actors, how victims can respond to such incidents, and recommended measures to mitigate the threat posed.
Joint Advisory On Ransom Incidents Involving Network Attached Storage (NAS) Systems
Advisory on Detecting and Responding to Deepfake Scams
Artificial Intelligence (AI) is being used to produce increasingly convincing deepfakes that are indistinguishable even to the trained eye.
Advisory on Detecting and Responding to Deepfake Scams
Joint Advisory On Protecting Yourself From Compromised PayPal Accounts
The Singapore Police Force (SPF) and CSA have issued a joint advisory on cases involving PayPal accounts being compromised by cyber criminals. Members of the public are advised to adopt precautionary measures to protect themselves.
Joint Advisory On Protecting Yourself From Compromised PayPal Accounts
Importance of Cybersecurity Risk Management for Organisations
In the era of rapid digitalisation and increased connectivity, it is crucial that organisations with online presence are aware of the corresponding cybersecurity risks that arise from such presence and work to manage them through effective cybersecurity risk management.
Importance of Cybersecurity Risk Management for Organisations
Immediate Actions to Protect Against Multiple Zero-day Vulnerabilities in Ivanti Products
Ivanti has flagged multiple zero-day vulnerabilities affecting Ivanti Connect Secure (ICS) and Ivanti Policy Secure and Ivanti Neurons for Zero Trust Access (ZTA) gateways. There are reports that the vulnerabilities are actively exploited by threat actors.
Immediate Actions to Protect Against Multiple Zero-day Vulnerabilities in Ivanti Products
Joint Advisory on Protecting Yourself From Crypto Drainers
The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) have issued a joint advisory to raise awareness on the use of crypto drainers to facilitate cryptocurrency theft affecting owners of cryptocurrency wallets.
Joint Advisory on Protecting Yourself From Crypto Drainers
Joint Advisory on Protecting Yourself against Malware Scams during the Festive Season
The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) have issued a joint advisory to advise the public to stay vigilant against such festive-themed malware scams and how individuals can protect themselves.
Joint Advisory on Protecting Yourself against Malware Scams during the Festive Season
Common Cybersecurity Misconfigurations in Networks
Threat actors often target common cybersecurity misconfigurations in the networks of large organisations to gain unauthorised access, move laterally within the network and carry out various forms of cyberattacks. Addressing these common misconfigurations through proactive security measures, regular assessments, and ongoing monitoring is essential for improving network security in large organisations.
Common Cybersecurity Misconfigurations in Networks
SQL Injection Attacks Affecting Singapore Websites
Amidst global reports of ongoing website defacement campaigns, SingCERT has observed Structured Query Language (SQL) injection attacks against a few websites belonging to local organisations, which have led to unauthorised access, website defacement, and/or compromise of sensitive customer or organisational data. Organisations that maintain an online presence must remain vigilant against potential cyber-attacks on their websites.
SQL Injection Attacks Affecting Singapore Websites

Report a Cybersecurity Incident

SingCERT encourages the reporting of cybersecurity incidents as it enables us to better understand the scope and nature of cyber incidents in Singapore. This will enable us to issue alerts or advisories on relevant threats, and assist a broader range of individuals and organisations.
Report Incident