Advisories & Alerts

  • [SingCERT] Alert on Intel Active Management Technology (AMT) Issue 13 January 2018

    On 12 January 2018, security firm F-Secure reported an insecure default behaviour within Intel Active Management Technology (AMT) that could allow an attacker to bypass login processes and take control of a user's computer.

  • [SingCERT] Advisory on Important Microsoft vulnerabilities affecting Office, .NET Framework and ASP.NET Core 12 January 2018

    On 9 January 2018, Microsoft announced the release of several security patches to fix vulnerabilities affecting Microsoft Office, the .NET Framework, and ASP.NET Core, amongst others.

  • [SingCERT] Advisory On Critical Zero-day Vulnerabilities Within Dell EMC Data Protection Suite 09 January 2018

    On 5 January 2018, a group of security researchers published the discovery of a set of critical zero-day vulnerabilities within the Dell EMC Data Protection Suite Family products, which authorises attackers to fully compromise systems. The Dell EMC Data Protection Suite is a product set for enterprises to protect data and critical applications.

  • [SingCERT] Alert on Western Digital NAS Drive Vulnerabilities 09 January 2018

    Western Digital's My Cloud (WDMyCloud) is a popular Network-Attached Storage (NAS) drive used by individuals and businesses to host files, automatically backup and sync with various cloud and web-based services. The drive lets users not only share files in a home network, but the private cloud feature also allows them to access their data from anywhere at any time.

  • [SingCERT] Alert on Digital Currency Mining Malware 08 January 2018

    SingCERT has observed an increase in cases where attackers used malicious malware to remotely harness computing power to mine for digital currency, which may cause damage to users’ hardware or slow down their computing performance. The attackers exploit vulnerable systems to hijack personal computers, Android devices, servers, and Content Management Systems (CMS) with weak passwords, and use them for digital currency mining.

  • [SingCERT] Alert on Security Flaws Found in Central Processing Units (CPUs) 04 January 2018

    On 3 January 2018, a group of security researchers published the discovery of two vulnerabilities dubbed “Meltdown” and “Spectre” affecting desktop computers, smartphones, tablets and cloud services. The vulnerabilities enable attackers to steal any data processed by the computer.

  • [SingCERT] Tips to Stay Safe Online in 2018 29 December 2017

    In 2017, major cyber incidents such as the WannaCry ransomware attack, Equifax hack, Uber data breach and multiple phishing scams were found to have affected millions of people worldwide. Singapore has also experienced its fair share of cyber incidents such as local data breaches and various phishing scams involving fake Government websites which have resulted in victims incurring monetary losses and their personal data compromised. To avoid falling prey to cyber criminals, practising good cyber hygiene will help safeguard our devices and information.

  • [SingCERT] Alert on Digital Currency Mining Campaign "ZEALOT" 19 December 2017

    On 15 December 2017, security researchers detected a malicious cyber campaign, known as “Zealot”, that hijacks the computing power of compromised Internet-facing servers to mine for "Monero", a type of digital currency.

  • [SingCERT] Alert on the Return Of Bleichenbacher's Oracle Threat (ROBOT) Attack 14 December 2017

    On 12 December 2017, a group of security researchers published findings that indicated that Transport Layer Security (TLS) implementation using RSA ciphers are vulnerable and may lead to information disclosure risk. TLS is a widely used internet security protocol that provides data privacy and integrity between two communicating applications (i.e. browser and Internet Banking website).

    This happens when applications with TLS implementation using RSA ciphers are subjected to adaptive-chosen-ciphertext attack. An attacker could send multiple selective ciphertexts to a victim for decryption. The results are then recorded and used to select subsequent ciphertexts, which will help to derive the TLS session keys. This vulnerability is named Return Of Bleichenbacher's Oracle Threat (ROBOT) Attack after Daniel Bleichenbacher who was the first person to discover this class of cryptosystem vulnerability 19 years ago (1998).

  • [SingCERT] Alert on HP Notebook Keylogger 12 December 2017

    A keylogger*-type feature was found in the Synaptics touchpad driver installed in several HP notebook models. Although this feature is disabled by default, an attacker with local administrative rights could still obtain the keystrokes by modifying the system to enable the keylogger feature on an affected notebook.

    *A keylogger is a type of surveillance technology used to monitor and record each keystroke typed on a specific computer’s keyboard.