Advisory | BruCERT

Organisations Are Encouraged To Urgently Strengthen Cyber Security Posture

Read more about Organisations Are Encouraged To Urgently Strengthen Cyber Security Posture

Cyber threats are expected to increase globally as a result of the current conflict in Europe. All organizations in Brunei Darussalam are advised to increase awareness and strengthen all critical systems to safeguard data against potential cyber-attacks, such as website defacement, distributed denial of service (DDoS), and ransomware attacks.

RECOMMENDATIONS

BruCERT recommends that the following immediate actions should be taken.

System hardening

Good Practices to Protect your Instagram Account

Read more about Good Practices to Protect your Instagram Account

BACKGROUND

Instagram is one of the most popular social media used in Negara Brunei Darussalam, with almost half of the population is using it for communicating. Losing access to your account can be a nightmare scenario for users.

TIPS FOR STAYING SAFE WHILE ON INSTAGRAM

Emergency fix for Exchange Y2K Bug

Read more about Emergency fix for Exchange Y2K Bug

BACKGROUND

Microsoft has released an emergency fix for a year 2022 bug that is breaking email delivery on on-premise Microsoft Exchange servers. Email is getting stuck in the queue, and these errors are caused by Microsoft Exchange checking the version of the FIP-FS antivirus scanning engine and attempting to store the date in a signed int32 variable.

FluBot Malware

Read more about FluBot Malware

BACKGROUND

Malicious text messages are being spammed to mobile users, containing a link which redirects Android users to download FluBot malware. The language and wording of the text message can vary, such as:
•   You have a voicemail message.
•   Your parcel is out for delivery. Click the link to track your parcel.
•   Someone would like to share a photo album with you.
•   Your Android device is infected with malware. You must install this security update to remove the malware.

Telephone Interview for Population and Housing Census (BPP) 2021

Read more about Telephone Interview for Population and Housing Census (BPP) 2021

BACKGROUND

BIBD COVID-19 Relief Fund Phishing Scam

Read more about BIBD COVID-19 Relief Fund Phishing Scam

BruCERT has received reports of a phishing email that claims to be from "BIBD Bank Darussalam Brunei" offering a COVID-19 relief fund to its customers.

BIBD COVID-19 Relief Fund Phishing Scam

Brunei Postal Services Department Phishing Scam

Read more about Brunei Postal Services Department Phishing Scam

BACKGROUND

BruCERT has received a report of a phishing scam involving Brunei Postal Services Department. An SMS message which appears to be from "Brunei Post" informs the recipient that their package has been relocated to a post office branch due to unpaid postage fees. The message includes a shortened link that will redirect the user to a fake website post-bn.com where they will be asked to enter their full name and credit card details.

IMPACT

Fake COVID-19 Relief Fund

Read more about Fake COVID-19 Relief Fund

BACKGROUND

Critical security update for Apple devices

Read more about Critical security update for Apple devices

BACKGROUND

Apple has released security updates for iPhones, iPads, Apple Watches and Mac computers to address vulnerabilities (CVE-2021-30860 and CVE-2021-30858) that were being exploited by Pegasus spyware.
The bug allowed for a "zero-click" install of the spyware which is capable of stealing data, passwords, and activating a phone's microphone or camera.

IMPACT

May lead to arbitrary code execution on affected products.

SYSTEM AFFECTED

Apple devices running iOS, macOS and watchOS.

Extortion scam utilizing Pegasus spyware

Read more about Extortion scam utilizing Pegasus spyware

BACKGROUND