Advisories & Alerts

  • [SingCERT] Updated Advisory on Ransomware 13 October 2018

    Ransomware is a prevalent cyber threat to businesses and individuals. This advisory provides updated information on ransomware and additional measures organisations, businesses and members of public can take to prevent and recover from this threat.

    Ransomware is a type of malware that holds a victim’s files, computer system or mobile device ransom, restricting access until a ransom is paid. Some ransomware variants are also known to traverse across the network and encrypt all files stored in shared and/or network drives. By encrypting these files with a strong encryption, these files are rendered irrecoverable unless a decryption key is obtained.

  • [SingCERT] Alert on 12 Critical Microsoft Vulnerabilities for October 2018 Patch Tuesday 11 October 2018

    Microsoft has announced the release of over 50 security patches to address vulnerabilities affecting its operating system and other products. Twelve vulnerabilities were identified as critical and required immediate attention.

    Successful exploitation of these 12 critical vulnerabilities could allow remote code execution by attackers

  • [SingCERT] Alert on 47 Critical Vulnerabilities in Adobe Acrobat and Adobe Reader 03 October 2018

    Adobe has released security updates to address 86 vulnerabilities for both the Mac and Windows versions of Adobe Acrobat and Adobe Reader, of which 47 are classified as “critical”.

    Of the 47 “critical” vulnerabilities, 46 of them allow for remote code execution and one allows for the escalation of privileges.

  • [SingCERT] For Facebook Users: Alert on Facebook Security Breach 29 September 2018

    On 29 September 2018, Facebook published a security update regarding a breach that affected almost 50 million users.

    The attackers exploited a previously unknown vulnerability found on Facebook’s "View As" feature to gain unauthorised access to user accounts.

  • [SingCERT] Technical Advisory on DNSSEC Root Zone Key Signing Key Rollover 28 September 2018

    The Internet Corporation for Assigned Names and Numbers (ICANN) is planning to change the "top" pair of cryptographic keys used in the Domain Name System Security Extensions (DNSSEC) protocol, commonly known as the root zone Key Signing Key (KSK).

    Domain Name System (DNS) is a naming system for the Internet. It translates readable domain names (e.g. to information such as Internet Protocol (IP) addresses, and is an essential component of functionality on the Internet.

  • [SingCERT] Alert on 14 High-Severity Vulnerabilities in Cisco Products 28 September 2018

    Cisco has announced the release of several security updates to address vulnerabilities affecting its products.

    14 high-severity vulnerabilities were identified which require immediate attention.

  • [SingCERT] Alert on Microsoft JET Database Engine Vulnerabilities CVE-2018-8392 and CVE-2018-8393 24 September 2018

    Microsoft Joint Engine Technology (JET) Database Engine is the underlying component of a database on which several Microsoft products have been built. It was superseded by Microsoft Desktop Engine, and later by Structured Query Language (SQL) Server Express, but the JET Database Engine still resides within Windows operating systems.

    CVE-2018-8392 and CVE-2018-8393 Buffer Overflow Vulnerability
    Researchers from FortiGuard Labs and Zero Day Initiative discovered a buffer overflow vulnerability in the JET Database Engine, due to improper memory operations that are performed by the affected software. If successfully exploited, the vulnerability allows remote code execution on an affected system.

    Update: SingCERT was alerted to a new active phishing attack that leveraged these vulnerabilities. The attacker could exploit the vulnerabilities by means of a phishing email with an attachment, persuading email recipients to open or preview the attachment (usually an Excel file) that submits malicious input to the affected software.

  • [SingCERT] Alert on Critical Out-Of-Band Adobe Acrobat Vulnerability CVE-2018-12848 24 September 2018

    Adobe has released security updates for its Acrobat Reader and Document Cloud (DC) products to address several vulnerabilities.
    The most critical vulnerability, CVE-2018-12848, is an out-of-bounds write vulnerability with a severity rating of “critical” and could lead to arbitrary code execution.
    The other vulnerabilities (CVE-2018-12801, CVE-2018-12840, CVE-2018-12849, CVE-2018-12850, CVE-2018-12775, CVE-2018-12778), are out-of-bounds read vulnerabilities with severity ratings of “important”.

  • [SingCERT] Alert on Cisco Video Surveillance Manager Default Password Vulnerability CVE-2018-15427 24 September 2018

    Cisco Video Surveillance Manager (VSM) is a software that allows operations managers and system integrators to build customised video surveillance networks.

    Cisco has released a security patch to address a critical vulnerability found in its Cisco VSM software. This is an undocumented default system administrator account called “root”, which had an unremoved default password. A remote attacker could exploit this to gain unauthorised access into an affected system.

    This critical vulnerability has been assigned as CVE-2018-15427 with a Common Vulnerability Score System (CVSS) severity base score of 9.8 out of 10.

  • [SingCERT] Alert on Critical Microsoft Vulnerabilities CVE-2018-8440, CVE-2018-8475, CVE-2018-0965, CVE-2018-8439 & CVE-2018-8449 13 September 2018

    Microsoft has announced the release of 61 security patches to address vulnerabilities affecting its operating system and other products. 17 vulnerabilities were identified as critical and require immediate attention.