Advisories

Information on high-impact cybersecurity activity affecting Singapore

Filter By:
Joint Advisory on Protecting Yourself against Malware Scams during the Festive Season
The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) have issued a joint advisory to advise the public to stay vigilant against such festive-themed malware scams and how individuals can protect themselves.
Joint Advisory on Protecting Yourself against Malware Scams during the Festive Season
Common Cybersecurity Misconfigurations in Networks
Threat actors often target common cybersecurity misconfigurations in the networks of large organisations to gain unauthorised access, move laterally within the network and carry out various forms of cyberattacks. Addressing these common misconfigurations through proactive security measures, regular assessments, and ongoing monitoring is essential for improving network security in large organisations.
Common Cybersecurity Misconfigurations in Networks
SQL Injection Attacks Affecting Singapore Websites
Amidst global reports of ongoing website defacement campaigns, SingCERT has observed Structured Query Language (SQL) injection attacks against a few websites belonging to local organisations, which have led to unauthorised access, website defacement, and/or compromise of sensitive customer or organisational data. Organisations that maintain an online presence must remain vigilant against potential cyber-attacks on their websites.
SQL Injection Attacks Affecting Singapore Websites
How Organisations and Their Employees can Ensure Data and Device Security
As cyber threats evolve, it is important to remain vigilant and ensure the highest level of effective data and device security is not only a necessity but also a strategic asset for any organisation. Organisations are encouraged to take proactive measures to mitigate risks and safeguard their information assets.
How Organisations and Their Employees can Ensure Data and Device Security
Enhancing Your Cybersecurity Posture Amidst Developments in Israel-Hamas Conflict
Global concerns about cyber threats have arisen due to the recents Israel-Hamas conflict, with threat actors leveraging the situation to propagate disinformation and launch cyber-attacks, such as phishing, distributed denial-of-service (DDoS) and ransomware attack.
Enhancing Your Cybersecurity Posture Amidst Developments in Israel-Hamas Conflict
Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software
The Cybersecurity and Infrastructure Security Agency (CISA), along with 17 U.S. and international partners, published an update to “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software” that includes further detail on key principles, guidance. The updated guide is co-sealed by eight additional international cybersecurity agencies, including CSA.
Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software
Defending Against Lumma Information Stealer Malware
Lumma Information Stealer is a type of malware designed to steal sensitive information from compromised devices. The malware primarily targets cryptocurrency wallets and browser extensions to steal sensitive information such as cryptocurrency wallet data, browser cookies, connection history, credit card information and two-factor authentication (2FA) information.
Defending Against Lumma Information Stealer Malware
Advisory On Securing Your Routers
A router is a networking tool that connects the devices in your local network to the internet. It serves as a gateway for traffic between different devices and networks in a corporate environment. It is thus important to secure your routers as they are the first line of defence between your local network and external cyber threats.
Advisory On Securing Your Routers
Joint Advisory On Social Media Impersonation Scams Involving Telegram
The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) would like to alert members of the public to a social media impersonation scam variant involving the messaging app, Telegram.
Joint Advisory On Social Media Impersonation Scams Involving Telegram
Advisory on Cybersecurity during Elections for Voters
With the widespread adoption of digital usage, election candidates have started conducting campaign activities online to expand their reach to the voters. However, this provides cyber threat actors with more opportunities to conduct cyber-attacks through election lures to trick unsuspecting victims.
Advisory on Cybersecurity during Elections for Voters
How Organisations and Their Employees Can Stay Ahead of Cybersecurity Threats
As organisations continue to rely heavily on technology and digital infrastructure, cybersecurity has become increasingly important. Organisations are encouraged to take proactive measures to safeguard against any cybersecurity threats.
How Organisations and Their Employees Can Stay Ahead of Cybersecurity Threats
Joint Advisory on Malware Scams Affecting Android Users
The Singapore Police Force (SPF) and Cyber Security Agency of Singapore (CSA) have issued a joint advisory to raise awareness about the increasing prevalence of malware scams affecting Android users.
Joint Advisory on Malware Scams Affecting Android Users
Joint Advisory on the Importance of Reviewing Permissions for Applications in Android Devices
The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) would like to remind the public on the importance of reviewing permissions for applications in Android devices.
Joint Advisory on the Importance of Reviewing Permissions for Applications in Android Devices
Joint Advisory on Protecting Yourself from Malicious QR Codes
The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) would like to remind the public of the dangers of malicious Quick Response (QR) codes and the measures individuals can take to protect themselves.
Joint Advisory on Protecting Yourself from Malicious QR Codes
Joint Technical Advisory on LockBit 3.0
This joint advisory is the result of a collaborative effort between the Cyber Security Agency of Singapore (CSA), the Personal Data Protection Commission (PDPC) and the Singapore Police Force (SPF). It highlights the observed Tactics, Techniques and Procedures (TTPs) employed by LockBit to compromise their victims’ networks and provides some recommended measures for organisations to mitigate the threat posed.
Joint Technical Advisory on LockBit 3.0
Joint Advisory on Protecting Mobile Devices from Malicious Wireless and Wired Connections
The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) have issued a joint advisory to highlight the possible means by which mobile devices and the data within can be compromised through malicious wireless and wired connections, and the preventive measures which can be implemented to mitigate such threats.
Joint Advisory on Protecting Mobile Devices from Malicious Wireless and Wired Connections
Cybersecurity Advisory for Online Content Creators
This advisory highlights cyber threats that online content creators may face, and provides guidance on how they can protect themselves.
Cybersecurity Advisory for Online Content Creators
Importance of Using Secure Multi-Factor Authentication Methods
As cyber-attacks become more prevalent and sophisticated, relying solely on passwords to secure users’ online accounts may no longer be sufficient.
Importance of Using Secure Multi-Factor Authentication Methods
Joint Advisory on Tech Support Scams
The Singapore Police Force (SPF) and CSA have issued a joint advisory to alert members of the public to a recurring tech support scam modus operandi, and what individuals can do to protect themselves against such scams.
Joint Advisory on Tech Support Scams
Technical Advisory on Secure API Development
As the gateway to data and systems, Application Programming Interfaces (APIs) pose an ongoing security concern. Here’s why and what you can do to make your API more secure.
Technical Advisory on Secure API Development

Report a Cybersecurity Incident

SingCERT encourages the reporting of cybersecurity incidents as it enables us to better understand the scope and nature of cyber incidents in Singapore. This will enable us to issue alerts or advisories on relevant threats, and assist a broader range of individuals and organisations.
Report Incident