Advisories & Alerts

  • [SingCERT] CryptoPHP 28 November 2014

    CryptoPHP is a malware that is embedded in pirated versions of Joomla, Drupal and WordPress themes and plugins. It integrates itself into the Content Management System (CMS) when the software is installed and uses encryption to communicate with the command and control (C&C) server to execute codes. It also compromises their web servers and forces it to perform illegal search engine optimization (blackhat SEO) which is the use of unethical techniques to boost the search ranking of a website or webpage

  • [SingCERT] Out-of-Band Security Updates for Adobe Flash Player 26 November 2014

    Adobe has released security updates for Adobe Flash Player 15.0.0.223 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.418 and earlier versions for Linux.

  • [SingCERT] Malicious SMS 24 November 2014

    SingCERT has received reports of individuals receiving an SMS message from their contacts.

  • [SingCERT] Unsecured Webcams Online 10 November 2014

    A site, known as Insecam, has listed more than 73,000 unsecured webcams and is currently broadcasting the feeds/surveillance footage over the Internet.
    Insecam claims that they've been able to access the feeds because owners have not changed their passwords from the generic ones that come with the devices – like 1234, or admin.

  • [SingCERT] SSLv3 "POODLE" Vulnerability 16 October 2014

    The Secure Sockets Layer version 3.0 is an old version of security technology for establishing an encrypted link between a server and a client.

  • [SingCERT] Leaked Dropbox Passwords 14 October 2014

    Online reports have revealed that some Dropbox accounts have been compromised. According to Dropbox’s media statement, the usernames and passwords were stolen from other services and they have since reset the "small number" of affected accounts.

  • [SingCERT] Bash Vulnerability 26 September 2014

    On 24th of September 2014, a vulnerability (CVE-2014-6271) affecting all Bash version 4.3 and below was reported in GNU Bash. The GNU Bash command-line shell is used in UNIX Operating Systems, including AIX, HPUX, Linux, Solaris and OSX.

  • [SingCERT] Protecting your Personal Data 22 September 2014

    A group, by the name of “The Knowns”, posted the personal data of customers from a Singapore company online to express their displeasure over recent policy changes.

  • [SingCERT] Protection of Data 16 September 2014

    A group, by the name of “The Knowns”, posted the personal data of customers from a Singapore company online to express their displeasure over recent policy changes.