[ALERT] FACEAPP PRIVACY ISSUE

Submitted by irteam on Mon, 07/22/2019 - 08:29

FaceApp’s viral challenge had attracted around 80 million users for both IOS and Android which uses artificial intelligence to digitally transform a face to make it smile, look younger, look older or change gender.Its Privacy policy states that it could collects location information and details about users' browsing activities
Information gathered will be share to third-party advertisement partners to deliver targeted ads.It could collect data without user permissions

Affected System
IOS and Android


Recommendations

[ALERT] ADVISORY ON WHATSAPP VULNERABILITY

Submitted by irteam on Wed, 05/15/2019 - 08:43

Background

A vulnerability is discovered in WhatsApp messaging app that exploit and inject spyware onto Android and IOS phones. By just simply calling the target,The spyware (known as NSO Pegasus), can be installed without trace and without the target answering the call.
Once installed, the spyware can turn on a phone’s camera and mic, scan emails and messages, and collect the user’s location data.
WhatsApp is urging its 1.5 billion global users to update the app immediately to close the security hole.

[ALERT] ADVISORY ON REMOTE CODE EXECUTION (CVE-2019-0232) IN APACHE TOMCAT

Submitted by irteam on Mon, 04/15/2019 - 21:12

Background

Apache Software Foundation has released security updates for Apache Tomcat to address vulnerability. A Remote Code Execution vulnerability (CVE-2019-0232) resides in the Common Gateway Interface (CGI) Servlet when running on Windows with enableCMDLineArguments enabled. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system.

Affected System

  1. Apache Tomcat 9.0.0.M1 to 9.0.17
  2. Apache Tomcat 8.5.0 to 8.5.39
  3. Apache Tomcat 7.0.0. to 7.0.93

Recommendations

Microsoft released April 2019 Security Updates

Submitted by irteam on Thu, 04/11/2019 - 21:10

Microsoft has released April 2019 Security Updates to address vulnerabilities in its Windows Operating System and other products in which 13 of it are rated critical and the others are rated important in severity.

Users and System Administrators are highly recommended to install the latest security patches to avoid hackers or cybercriminals from taking control of their computers.

[ALERT] ADVISORY ON PHISHING CAMPAIGN RELATED TO BRUNEI SYARIAH LAW IMPLEMENTATION

Submitted by irteam on Fri, 04/05/2019 - 08:52

Background
As Brunei recently announced the implementation of Syariah law, it has been discovered that some parties are taking advantage of the current situation to carry out phishing campaigns. Phishing emails appear to have a subject matter related to the implementation of Syariah law. Such emails may contain malicious attachments or a link to a phishing website.

[ALERT] ADVISORY ON WINDOWS 7 END OF SUPPORT

Submitted by irteam on Tue, 03/26/2019 - 20:48

Background

Microsoft will no longer provide security updates or technical support for PCs running Windows 7 after January 14, 2020.

Affected System

Microsoft Windows 7 

Impact

Computer that are running Windows 7 will still operating even after the support ends. However, there will be a greater risk to viruses, threats and attacks as users using unsupported software.  

Recommendations