Advisories & Alerts

  • [SingCERT] Alert: Fake MOM Websites Found 24 November 2015

    Numerous fake MOM (Ministry of Manpower) websites have been reported. The official MOM corporate website has been duplicated to lead people into believing that they are on the official MOM website. MOM is working to bring down these websites.

  • [SingCERT] Defacement of .sg Websites 18 November 2015

    Recently, many .sg websites have been defaced. All of the websites are hosted on Windows 2000 Server and Windows Server 2003.

    Initial investigations suggest that unpatched WebDAV vulnerability may be the cause of defacement.

  • [SingCERT] Adobe Flash Zero Day Vulnerability 14 October 2015

    Trend Micro has reported that researchers have discovered a new Adobe Flash Player zero-day vulnerability. Currently, no patch is available.

  • [SingCERT] Business Email Frauds 09 October 2015

    Several businesses have been tricked into transferring substantial amounts of money to fraudulent bank accounts, resulting in financial loss.

  • [SingCERT] August 2015 Internet Explorer Out-of-Band Security Patch 19 August 2015

    Microsoft has released an out-of-band security update for Internet Explorer. The update addresses a critical vulnerability in Internet Explorer (CVE-2015-2502) that could potentially allow an attacker to execute arbitrary code on affected systems.

  • [SingCERT] Stagefright Vulnerability on Android OS 29 July 2015

    Researchers at Zimperium discovered a major vulnerability (named Stagefright) in Android operating system.
    A malicious media file can be specially crafted and delivered to a user’s mobile phone via MMS (Multimedia Messaging System) to download and execute malicious codes without requiring any user interaction. Users with devices using Android OS 2.2 and above are vulnerable.

  • [SingCERT] Phishing Emails about GeBIZ and SingNet 22 July 2015

    Phishing emails purported to be from support@gebiz.gov.sg are being sent to users.

  • [SingCERT] SingPass Lookalike Domain 11 July 2015

    IDA has alerted the public of a suspicious website which is spelt similarly to the official SingPass website. There are also login fields on the website.

  • [SingCERT] SingPass Phishing Alert 25 June 2015

    There have been several reports of phishing emails requesting users to verify their SingPass accounts.

  • [SingCERT] June 2015 Out-of-Band Security Updates for Adobe Flash Player 24 June 2015

    Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address a critical vulnerability (CVE-2015-3113) that could potentially allow an attacker to take control of the affected systems. Systems running Internet Explorer for Windows 7 and below, as well as Firefox on Windows XP are known targets.