Advisories & Alerts

  • [SingCERT] Oracle Critical Patch Update April 2019 for Administrators 18 April 2019

    Oracle has released a critical patch update containing 297 new security patches to address vulnerabilities found in its products.

    As many as 53 out of 297 of these patches fix vulnerabilities which have a severity rating of critical, and a Common Vulnerability Scoring System (CVSS) score higher than 9. Majority of these critical vulnerabilities are remotely exploitable with no authentication required, and can allow an attacker to gain unauthorised access to one's system and its connected networks.

  • [SingCERT] Remote Code Execution Vulnerability (CVE-2019-0232) in Apache Tomcat 12 April 2019

    A remote code execution (RCE) vulnerability (CVE-2019-0232) was found in Apache Tomcat, an open source Java web application server. When Tomcat runs on Windows Operating System (OS) with the “enableCmdLineArguments” enabled, its Common Gateway Interface (CGI) Servlet is found to be vulnerable to RCE due to a flaw in how the Java Runtime Environment (JRE) passes command line arguments to the underlying OS.

  • [SingCERT] Microsoft April 2019 Patch Tuesday 10 April 2019

    Microsoft has announced the release of over 74 security patches to address vulnerabilities affecting its operating system and products.

  • [SingCERT] Alert on Privilege Escalation Vulnerability (CVE-2019-0211) affecting Apache Web Server 04 April 2019

    A security researcher has discovered a critical privilege escalation vulnerability (CVE-2019-0211) affecting the Apache web server utilising the Multi-Processing Module (MPM), worker or prefork.

  • [SingCERT] Alert on Critical Remote Code Execution Vulnerabilities (CVE-2019-2027 and CVE-2019-2028) in Android Devices 03 April 2019

    Google has released the April 2019 Android security update to address multiple security vulnerabilities in the Android Open Source Project (AOSP).

    The two most critical vulnerabilities (CVE-2019-2027 and CVE-2019-2028) affect the Google Media framework which handles media content and Application Programming Interfaces that interact with the device’s multimedia hardware. The vulnerabilities could allow a remote attacker to use a specially crafted malicious file running with elevated privileges, to perform remote code execution on targeted devices.

  • [SingCERT] Alert on Multiple Critical Vulnerabilities in VMware Products 31 March 2019

    VMware has released an update to address multiple critical vulnerabilities in the VMware vCloud Director for Service Providers, VMware vSphere ESXi, VMware Workstation Pro / Player, and VMware Fusion Pro / Fusion.

  • [SingCERT] Alert on Critical SQL Injection Vulnerability in Magento software 30 March 2019

    The developers of Magento, an open-source e-commerce platform, were alerted to reports of active cyber attacks on online stores running its popular e-commerce platform.

    The ongoing attacks exploit a critical SQL Injection (SQLi) vulnerability uncovered in Magento’s e-commerce platform. Affected websites face significant risk from attacks which could lead to data breaches with no authentication required.

    Magento has released a new version to patch the flaw.

  • [SingCERT] Alert on Microsoft Windows 7 End-of-Life 22 March 2019

    From 14 January 2020, Microsoft will no longer provide technical support, software and security updates for computers running Windows 7.

  • [SingCERT] Alert on Credential Stuffing and Password Spraying Attacks 21 March 2019

    SingCERT observed an uptick in account compromises arising from successful ‘credential stuffing’ and ‘password spraying’ attacks.

    Credential stuffing is a type of cyber-attack that leverages leaked or stolen credentials obtained from past data breaches to ‘stuff’ into the login pages of online services. It takes advantage of end users who use the same username and password combination across different online accounts.

    Password spraying is a type of cyber-attack where attackers attempt to use a few of the most common passwords against multiple user accounts. This method allows attackers to identify accounts that use common passwords and is often effective to circumvent accounts that employ lockout functionality after a set number of login attempts.

  • [SingCERT] Alert on Cross-Site Request Forgery (CSRF) to Remote Code Execution Exploitation in WordPress 16 March 2019

    Security researchers at RIPS Technologies have uncovered a critical vulnerability in WordPress.

    An attacker can take over a WordPress site that has comments enabled by tricking its Administrator into visiting a malicious website embedded with a cross-site request forgery (CSRF) exploit. The exploit will run in the background and can allow the attacker to gain remote code execution leading to a full site take-over.