Advisories & Alerts

  • [SingCERT] Software Vulnerability in Symantec's Antivirus Engine 19 May 2016

    Symantec’s Antivirus Engine (AVE) has been reported as vulnerable to memory corruption due to a flaw when parsing a specially crafted Portable Executable (PE) file. On computers that are running Windows operating system, a successful exploitation of the vulnerability will result in a system crash – displaying a blue screen commonly known as Blue Screen of Death. This advisory is provided for users who are currently using Symantec Antivirus Engine on their computers.

  • [SingCERT] Ransomware 06 May 2016

    Ransomware is a type of malware that holds a victim’s files, computer system or mobile device ransom, restricting access until a ransom is paid. Operating systems that can be infected include Windows, Mac OS X and Linux. Some ransomware variants are also known to traverse across the network and encrypt all files stored in shared and/or network drives. The more prevalent type of ransomware today encrypts commonly-used files, such as user documents, images, audio, and video files. By encrypting these files with a strong encryption (2048-bit or more), these files are rendered irrecoverable unless a decryption key is obtained.

  • [SingCERT] Software Vulnerability Discovered by CISCO in their ASA Software 11 February 2016

    This vulnerability was discovered in the Cisco Adaptive Security Appliance (ASA) software. The Cisco ASA is an IP router which serves as an application-aware firewall, network antivirus, intrusion prevention system, and virtual private network (VPN) server. On 10 Feb 2016, CISCO published a security advisory to address this software vulnerability (CVE-2016-1287).

  • [SingCERT] Multiple Security Issues with Juniper ScreenOS 22 December 2015

    Juniper found two security issues with ScreenOS during an internal code review – one that could allow unauthorised control of the affected system and the other which could allow an attacker to decrypt VPN traffic.

  • [SingCERT] Malware Targeting Mobile Banking 15 December 2015

    The Association of Banks in Singapore (ABS) released an advisory on 1st December 2015, alerting consumers about the recent malware infection on Android smartphones used by mobile banking customers. It is noted that about 50 such incidents have been reported and the victims are predominantly customers of major banks in Singapore.

    The malware is downloaded when the user clicks on a malicious URL or has installed an application from untrusted sources. The malware disguises itself as a legitimate application such as Adobe Flash Player (which is misspelt as “Abode”) and tricks users into allowing it to be installed into the smartphone. Upon installation, the malware can access sensitive information such as user credentials and personal particulars. The malware affects Android users using Android version 2.3 and above.

  • [SingCERT] Fake Websites Hosted by 15 December 2015

    CSA has been alerted to mirrored faked websites hosted by “” (see below screenshot). Numerous Singapore agencies and companies have been found to be affected.

    The content of the genuine websites have been copied to these fake websites and additional URL links have been appended below. Android mobile users have also encountered pop-up dialog boxes when they accessed these websites.

  • [SingCERT] Alert: Fake MOM Websites Found 24 November 2015

    Numerous fake MOM (Ministry of Manpower) websites have been reported. The official MOM corporate website has been duplicated to lead people into believing that they are on the official MOM website. MOM is working to bring down these websites.

  • [SingCERT] Defacement of .sg Websites 18 November 2015

    Recently, many .sg websites have been defaced. All of the websites are hosted on Windows 2000 Server and Windows Server 2003.

    Initial investigations suggest that unpatched WebDAV vulnerability may be the cause of defacement.

  • [SingCERT] Adobe Flash Zero Day Vulnerability 14 October 2015

    Trend Micro has reported that researchers have discovered a new Adobe Flash Player zero-day vulnerability. Currently, no patch is available.

  • [SingCERT] Business Email Frauds 09 October 2015

    Several businesses have been tricked into transferring substantial amounts of money to fraudulent bank accounts, resulting in financial loss.