Advisories & Alerts

  • [SingCERT] Adobe Flash Zero Day Vulnerability 14 October 2015

    Trend Micro has reported that researchers have discovered a new Adobe Flash Player zero-day vulnerability. Currently, no patch is available.

  • [SingCERT] Business Email Frauds 09 October 2015

    Several businesses have been tricked into transferring substantial amounts of money to fraudulent bank accounts, resulting in financial loss.

  • [SingCERT] August 2015 Internet Explorer Out-of-Band Security Patch 19 August 2015

    Microsoft has released an out-of-band security update for Internet Explorer. The update addresses a critical vulnerability in Internet Explorer (CVE-2015-2502) that could potentially allow an attacker to execute arbitrary code on affected systems.

  • [SingCERT] Stagefright Vulnerability on Android OS 29 July 2015

    Researchers at Zimperium discovered a major vulnerability (named Stagefright) in Android operating system.
    A malicious media file can be specially crafted and delivered to a user’s mobile phone via MMS (Multimedia Messaging System) to download and execute malicious codes without requiring any user interaction. Users with devices using Android OS 2.2 and above are vulnerable.

  • [SingCERT] Phishing Emails about GeBIZ and SingNet 22 July 2015

    Phishing emails purported to be from are being sent to users.

  • [SingCERT] SingPass Lookalike Domain 11 July 2015

    IDA has alerted the public of a suspicious website which is spelt similarly to the official SingPass website. There are also login fields on the website.

  • [SingCERT] SingPass Phishing Alert 25 June 2015

    There have been several reports of phishing emails requesting users to verify their SingPass accounts.

  • [SingCERT] June 2015 Out-of-Band Security Updates for Adobe Flash Player 24 June 2015

    Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address a critical vulnerability (CVE-2015-3113) that could potentially allow an attacker to take control of the affected systems. Systems running Internet Explorer for Windows 7 and below, as well as Firefox on Windows XP are known targets.

  • [SingCERT] Security Flaws in Apple OS X and iOS 23 June 2015

    Six university researchers have revealed four vulnerabilities affecting Apple OS X and iOS. These vulnerabilities could allow attackers to steal passwords and other credentials if successfully exploited.

  • [SingCERT] Samsung Galaxy Devices MITM Vulnerability 19 June 2015

    A vulnerability has been reported in the update mechanism of Samsung keyboards in various Samsung Galaxy devices. Samsung keyboards are powered by SwiftKey through SwiftKey SDK and SwiftKey periodically checks for language packs updates over HTTP. As the HTTP requests are not encrypted, it is susceptible to man-in-the-middle (MITM) attacks. Additionally, the Samsung keyboards are operating with system privileges, which may allow an attacker to write arbitrary data to the vulnerable devices.