Advisories & Alerts

  • [SingCERT] Alert on Linksys E Series Routers Vulnerabilities (CVE-2018-3953, CVE-2018-3954, and CVE-2018-3955) 18 October 2018

    Linksys E Series is a line of routers designed for small businesses and home offices. The routers are designed to connect home computers, internet-ready TVs, game consoles, smartphones and other devices to the Wi-Fi network. Three vulnerabilities (CVE-2018-3953, CVE-2018-3954, and CVE-2018-3955) were discovered in the Linksys E Series line of routers. Successful exploitation of these vulnerabilities via specially crafted requests to the network configuration could allow attackers to perform arbitrary code execution.

  • [SingCERT] Alert on PHP 5.6 and 7.0 End-of-Life 16 October 2018

    Hypertext Preprocessor (PHP) is a programming language designed for use in web-based applications with Hypertext Markup Language (HTML) content. PHP supports a wide variety of platforms and is used by numerous web-based software applications such as WordPress.

    PHP versions 5.6 and 7.0 will no longer be supported from 31 December 2018 and 3 December 2018 onwards. The deadlines will not be extended and it is critical that PHP based websites are upgraded to ensure that security support is provided.

  • [SingCERT] Alert on Multiple Vulnerabilities in PHP 16 October 2018

    Hypertext Preprocessor (PHP) is a programming language designed for use in web-based applications with Hypertext Markup Language (HTML) content. PHP supports a wide variety of platforms and is used by numerous web-based software applications such as WordPress.

  • [SingCERT] Updated Advisory on Ransomware 13 October 2018

    Ransomware is a prevalent cyber threat to businesses and individuals. This advisory provides updated information on ransomware and additional measures organisations, businesses and members of public can take to prevent and recover from this threat.

    Ransomware is a type of malware that holds a victim’s files, computer system or mobile device ransom, restricting access until a ransom is paid. Some ransomware variants are also known to traverse across the network and encrypt all files stored in shared and/or network drives. By encrypting these files with a strong encryption, these files are rendered irrecoverable unless a decryption key is obtained.

  • [SingCERT] Alert on 12 Critical Microsoft Vulnerabilities for October 2018 Patch Tuesday 11 October 2018

    Microsoft has announced the release of over 50 security patches to address vulnerabilities affecting its operating system and other products. Twelve vulnerabilities were identified as critical and required immediate attention.

    Successful exploitation of these 12 critical vulnerabilities could allow remote code execution by attackers

  • [SingCERT] Alert on 47 Critical Vulnerabilities in Adobe Acrobat and Adobe Reader 03 October 2018

    Adobe has released security updates to address 86 vulnerabilities for both the Mac and Windows versions of Adobe Acrobat and Adobe Reader, of which 47 are classified as “critical”.

    Of the 47 “critical” vulnerabilities, 46 of them allow for remote code execution and one allows for the escalation of privileges.

  • [SingCERT] For Facebook Users: Alert on Facebook Security Breach 29 September 2018

    On 29 September 2018, Facebook published a security update regarding a breach that affected almost 50 million users.

    The attackers exploited a previously unknown vulnerability found on Facebook’s "View As" feature to gain unauthorised access to user accounts.

  • [SingCERT] Technical Advisory on DNSSEC Root Zone Key Signing Key Rollover 28 September 2018

    The Internet Corporation for Assigned Names and Numbers (ICANN) is planning to change the "top" pair of cryptographic keys used in the Domain Name System Security Extensions (DNSSEC) protocol, commonly known as the root zone Key Signing Key (KSK).

    Domain Name System (DNS) is a naming system for the Internet. It translates readable domain names (e.g. icann.org) to information such as Internet Protocol (IP) addresses, and is an essential component of functionality on the Internet.

  • [SingCERT] Alert on 14 High-Severity Vulnerabilities in Cisco Products 28 September 2018

    Cisco has announced the release of several security updates to address vulnerabilities affecting its products.

    14 high-severity vulnerabilities were identified which require immediate attention.

  • [SingCERT] Alert on Microsoft JET Database Engine Vulnerabilities CVE-2018-8392 and CVE-2018-8393 24 September 2018

    Microsoft Joint Engine Technology (JET) Database Engine is the underlying component of a database on which several Microsoft products have been built. It was superseded by Microsoft Desktop Engine, and later by Structured Query Language (SQL) Server Express, but the JET Database Engine still resides within Windows operating systems.

    CVE-2018-8392 and CVE-2018-8393 Buffer Overflow Vulnerability
    Researchers from FortiGuard Labs and Zero Day Initiative discovered a buffer overflow vulnerability in the JET Database Engine, due to improper memory operations that are performed by the affected software. If successfully exploited, the vulnerability allows remote code execution on an affected system.

    Update: SingCERT was alerted to a new active phishing attack that leveraged these vulnerabilities. The attacker could exploit the vulnerabilities by means of a phishing email with an attachment, persuading email recipients to open or preview the attachment (usually an Excel file) that submits malicious input to the affected software.