Advisories & Alerts

  • [SingCERT] SingPass Lookalike Domain 11 July 2015

    IDA has alerted the public of a suspicious website which is spelt similarly to the official SingPass website. There are also login fields on the website.

  • [SingCERT] SingPass Phishing Alert 25 June 2015

    There have been several reports of phishing emails requesting users to verify their SingPass accounts.

  • [SingCERT] June 2015 Out-of-Band Security Updates for Adobe Flash Player 24 June 2015

    Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address a critical vulnerability (CVE-2015-3113) that could potentially allow an attacker to take control of the affected systems. Systems running Internet Explorer for Windows 7 and below, as well as Firefox on Windows XP are known targets.

  • [SingCERT] Security Flaws in Apple OS X and iOS 23 June 2015

    Six university researchers have revealed four vulnerabilities affecting Apple OS X and iOS. These vulnerabilities could allow attackers to steal passwords and other credentials if successfully exploited.

  • [SingCERT] Samsung Galaxy Devices MITM Vulnerability 19 June 2015

    A vulnerability has been reported in the update mechanism of Samsung keyboards in various Samsung Galaxy devices. Samsung keyboards are powered by SwiftKey through SwiftKey SDK and SwiftKey periodically checks for language packs updates over HTTP. As the HTTP requests are not encrypted, it is susceptible to man-in-the-middle (MITM) attacks. Additionally, the Samsung keyboards are operating with system privileges, which may allow an attacker to write arbitrary data to the vulnerable devices.

  • [SingCERT] Dyre Malware 17 April 2015

    Variants of Dyre (Dyreza) malware have been observed to be targeting the retail and banking customers. The malware spreads itself through phishing emails that contain malicious attachments.

  • [SingCERT] Adobe Flash Player Security Updates for April 2015 16 April 2015

    Adobe has released security updates for Adobe Flash Player and earlier versions for Windows and Macintosh and Adobe Flash Player and earlier versions for Linux.

  • [SingCERT] Microsoft Security Bulletin Summary for April 2015 16 April 2015

    Microsoft has released 11 bulletins this month that need to be patched to address vulnerabilities in Microsoft Windows, Microsoft Server Software and Internet Explorer.

  • [SingCERT] WordPress RevSlider Plugin Vulnerability 30 March 2015

    A vulnerable WordPress plugin (RevSlider) may be used to compromise websites to embed iframes and exploit kits, and websites may also be defaced.