Advisories

Joint Advisory on Technical Support Scams Involving the Impersonation of Microsoft

The Singapore Police Force (SPF) and the Cyber Security Agency of Singapore (CSA) would like to alert members of the public to remain vigilant against technical support scams involving impersonation of Microsoft.

Advisory

Advisory on Cybersecurity Risks of OpenClaw

Autonomous AI agents, such as OpenClaw, offer real productivity benefits but introduce serious cybersecurity risks. This advisory draws attention to IMDA's Case Study on the Responsible Deployment of OpenClaw, and highlights the key cybersecurity risks.

Advisory

Advisory on Risks associated with Frontier AI Models

Frontier Artificial Intelligence (AI) models are the most recent advanced AI models available. These frontier AI models can reportedly reduce the time taken to identify vulnerabilities and engineer exploits cutting short the duration from months to hours, but this capability could also be misused by cyber threat actors. This advisory outlines how organisations can plan ahead and strengthen their cybersecurity posture to guard against such risks.

Advisory

Advisory on Securing the Software Supply Chain and Development Workflows

Threat actors are increasingly targeting the software supply chain. A single compromised external tool can grant attackers deep access to internal systems, leading to data theft, operational downtime, and severe reputational damage. Organisations are strongly encouraged to enforce strict governance over their internal development environments.

Advisory

Protecting Your Website From Cyber-Attacks

Advisory

Advisory on Axios Supply Chain Attack via Compromised npm Account

A critical software supply chain compromise has been identified affecting the widely used JavaScript HTTP client Axios. Organisations using affected versions of the product are advised to assess their systems and networks for potential compromise.

Advisory

Ongoing 'TeamPCP' Supply-Chain Campaign

Security researchers have identified an ongoing supply-chain campaign compromising open-source projects to distribute malware. Organisations using affected components of such projects are advised to assess their environments for potential compromise.

Advisory

Joint Advisory On Safeguarding Against The Dangers Of Streaming Devices

CSA and Singapore Police Force have jointly issued an advisory to inform members of the public to be vigilant against the dangers of streaming devices commonly known as Android TV boxes.

Advisory

Advisory on New Endpoint Detection and Response (EDR) Killer Tool Used by Multiple Ransomware Groups

There have been reports of a new malicious tool, known as Endpoint Detection and Response (EDR) killer, being actively used by at least eight ransomware groups to disable EDR solutions.

Advisory

Defending Against Scams Targeting National Day Celebrations

With the ongoing celebrations in commemoration of SG60, there may be an increase in scams. Individuals are advised to stay vigilant during this period and take proactive measures to enhance your online defences from such scams.

Advisory