[ALERT] ADVISORY ON STAYING CYBER SAFE WHEN WORKING FROM HOME

Submitted by irteam on Fri, 04/03/2020 - 13:32

Background

With the ongoing COVID-19 outbreak and in view of Brunei's Ministry of Health advisory to implement social distancing measures, many organizations are encouraging or requiring staff to work from home for an indeterminate amount of time.

However, remote working creates additional opportunities for cyber threat actors to perform malicious cyber activities by exploring open vulnerabilities in less secured networks, thus gaining access to users’ data or the organization's network.

[ALERT] ADVISORY ON ZEUS SPHINX BANKING TROJAN

Submitted by irteam on Thu, 04/02/2020 - 07:21

BACKGROUND

Zeus Sphinx trojan first appeared in August 2015. Also known as Zloader or Terdot, it resurfaced in December 2019 and became aggressive in March 2020. Like other banking trojans, Sphinx’s main ability is to collect credentials for online banking sites and the newer version is looking to cash in on interest in government relief efforts around the Covid- 19 pandemic.

[ALERT] ADVISORY ON MICROSOFT TEAMS

Submitted by irteam on Mon, 03/30/2020 - 10:46

Threat Name:
MICROSOFT TEAMS


Background Description:
Many organizations and schools have moved to online platforms due to the global Covid-19 pandemic situation. One of the popular online platforms being used for communications is Microsoft Teams.
 

Impact:

  •  Use of weak passwords may lead to compromised account and personal information.
  • Allow unauthorized user access to the document

Recommendation:

[ALERT] ADVISORY ON GOOGLE CLASSROOM

Submitted by irteam on Mon, 03/30/2020 - 10:41

Threat Name
GOOGLE CLASSROOM

Background Description
As Brunei has implemented e-learning and e-teaching, various online platforms are being used to facilitate online studies. Google Classroom is one of the popular options being utilized.
 

Impact
Use of weak passwords may lead to compromised account and personal information.
 

Recommendation

[ALERT] ADVISORY ON WINDOWS TYPE 1 FONT PARSING REMOTE CODE EXECUTION VULNERABILITY

Submitted by irteam on Thu, 03/26/2020 - 07:17

Background Description
Microsoft has warned public that Windows code-execution zero day is under active exploit. The vulnerability consists of two code-execution flaws that can be triggered from improper handling of maliciously crafted master fonts in the Adobe Type 1 Postscript format. Attackers can exploit them by convincing a target to open a specially crafted document or viewing it in the Windows preview pane.


Impact

[ALERT] ADVISORY ON COVID-19 ONLINE FRAUD

Submitted by irteam on Tue, 03/17/2020 - 02:26

Background:

The Covid-19 outbreak has shown a very drastic effect globally, with no exception to Brunei Darussalam. As the virus continues to spread, online platforms are now a key target for scammers to reach potential victims through "Phishing”, (e.g. fake online shopping sites and email) and "Smishing" (via text messages in which scammers normally offer free face masks, or even cures, vaccine and treatment for COVID-19).

Impact:

[ALERT] ANDROID MALWARE CAN STEAL GOOGLE AUTHENTICATOR 2FA CODES

Submitted by irteam on Thu, 03/12/2020 - 02:06


Background
Last month, a cybersecurity firm discovered that this malware can now steal 2FA codes from Google Authenticator app and doing a simple technique by screenshotting the Authenticator app's interface.

Android banking trojan namely "Cerberus" malware has the capability to steal One-Time Password (OTP) generated through Google Authenticator app that's used as 2FA for many online accounts.

Impact
•    Possible loss of sensitive information especially your bank account credentials

[ALERT] ADVISORY ON COVID-19 FAKE NEWS

Submitted by irteam on Tue, 03/10/2020 - 08:44

Background

As Brunei announced its first case of COVID-19, some have taken advantage of the situation by creating and circulating fake news regarding the issue, in an attempt to create panic and cause distress. Be careful about what you share on social media and check your sources before forwarding messages.


Recommendations