Advisories

How Organisations Can Secure Their Network Attached Storage (NAS) Systems

There have been increasing instances of attackers targeting organisations' Network Attached Storage (NAS) systems. Upon gaining access, the attackers will either encrypt the files within the network by injecting malware into the compromised network, or delete data stored on the NAS system before leaving a ransom note in the system. Therefore, securing your NAS systems is crucial as it safeguards sensitive data from unauthorised access, ensuring confidentiality and integrity.

Joint Advisory On Ransom Incidents Involving Network Attached Storage (NAS) Systems

The Singapore Police Force (SPF), Personal Data Protection Commission (PDPC) and CSA have issued a joint advisory on ransom incidents involving Network Attached Storage (NAS) systems, detailing the Tactics, Techniques and Procedures (TTPs) employed by the threat actors, how victims can respond to such incidents, and recommended measures to mitigate the threat posed.

Advisory on Detecting and Responding to Deepfake Scams

Artificial Intelligence (AI) is being used to produce increasingly convincing deepfakes that are indistinguishable even to the trained eye.

Joint Advisory On Protecting Yourself From Compromised PayPal Accounts

The Singapore Police Force (SPF) and CSA have issued a joint advisory on cases involving PayPal accounts being compromised by cyber criminals. Members of the public are advised to adopt precautionary measures to protect themselves.

Importance of Cybersecurity Risk Management for Organisations

In the era of rapid digitalisation and increased connectivity, it is crucial that organisations with online presence are aware of the corresponding cybersecurity risks that arise from such presence and work to manage them through effective cybersecurity risk management.

Immediate Actions to Protect Against Multiple Zero-day Vulnerabilities in Ivanti Products

Ivanti has flagged multiple zero-day vulnerabilities affecting Ivanti Connect Secure (ICS) and Ivanti Policy Secure and Ivanti Neurons for Zero Trust Access (ZTA) gateways. There are reports that the vulnerabilities are actively exploited by threat actors.

Joint Advisory on Protecting Yourself From Crypto Drainers

The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) have issued a joint advisory to raise awareness on the use of crypto drainers to facilitate cryptocurrency theft affecting owners of cryptocurrency wallets.

Joint Advisory on Protecting Yourself against Malware Scams during the Festive Season

The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) have issued a joint advisory to advise the public to stay vigilant against such festive-themed malware scams and how individuals can protect themselves.

Common Cybersecurity Misconfigurations in Networks

Threat actors often target common cybersecurity misconfigurations in the networks of large organisations to gain unauthorised access, move laterally within the network and carry out various forms of cyberattacks. Addressing these common misconfigurations through proactive security measures, regular assessments, and ongoing monitoring is essential for improving network security in large organisations.

SQL Injection Attacks Affecting Singapore Websites

Amidst global reports of ongoing website defacement campaigns, SingCERT has observed Structured Query Language (SQL) injection attacks against a few websites belonging to local organisations, which have led to unauthorised access, website defacement, and/or compromise of sensitive customer or organisational data. Organisations that maintain an online presence must remain vigilant against potential cyber-attacks on their websites.

How Organisations and Their Employees can Ensure Data and Device Security

As cyber threats evolve, it is important to remain vigilant and ensure the highest level of effective data and device security is not only a necessity but also a strategic asset for any organisation. Organisations are encouraged to take proactive measures to mitigate risks and safeguard their information assets.

Enhancing Your Cybersecurity Posture Amidst Developments in Israel-Hamas Conflict

Global concerns about cyber threats have arisen due to the recents Israel-Hamas conflict, with threat actors leveraging the situation to propagate disinformation and launch cyber-attacks, such as phishing, distributed denial-of-service (DDoS) and ransomware attack.

Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software

The Cybersecurity and Infrastructure Security Agency (CISA), along with 17 U.S. and international partners, published an update to “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software” that includes further detail on key principles, guidance. The updated guide is co-sealed by eight additional international cybersecurity agencies, including CSA.

Defending Against Lumma Information Stealer Malware

Lumma Information Stealer is a type of malware designed to steal sensitive information from compromised devices. The malware primarily targets cryptocurrency wallets and browser extensions to steal sensitive information such as cryptocurrency wallet data, browser cookies, connection history, credit card information and two-factor authentication (2FA) information.

Advisory On Securing Your Routers

A router is a networking tool that connects the devices in your local network to the internet. It serves as a gateway for traffic between different devices and networks in a corporate environment. It is thus important to secure your routers as they are the first line of defence between your local network and external cyber threats.

Joint Advisory On Social Media Impersonation Scams Involving Telegram

The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) would like to alert members of the public to a social media impersonation scam variant involving the messaging app, Telegram.

Advisory on Cybersecurity during Elections for Voters

With the widespread adoption of digital usage, election candidates have started conducting campaign activities online to expand their reach to the voters. However, this provides cyber threat actors with more opportunities to conduct cyber-attacks through election lures to trick unsuspecting victims.

How Organisations and Their Employees Can Stay Ahead of Cybersecurity Threats

As organisations continue to rely heavily on technology and digital infrastructure, cybersecurity has become increasingly important. Organisations are encouraged to take proactive measures to safeguard against any cybersecurity threats.

Joint Advisory on Malware Scams Affecting Android Users

The Singapore Police Force (SPF) and Cyber Security Agency of Singapore (CSA) have issued a joint advisory to raise awareness about the increasing prevalence of malware scams affecting Android users.

Joint Advisory on the Importance of Reviewing Permissions for Applications in Android Devices

The Cyber Security Agency of Singapore (CSA) and the Singapore Police Force (SPF) would like to remind the public on the importance of reviewing permissions for applications in Android devices.