Microsoft has released an emergency fix for a year 2022 bug that is breaking email delivery on on-premise Microsoft Exchange servers. Email is getting stuck in the queue, and these errors are caused by Microsoft Exchange checking the version of the FIP-FS antivirus scanning engine and attempting to store the date in a signed int32 variable.
Malicious text messages are being spammed to mobile users, containing a link which redirects Android users to download FluBot malware. The language and wording of the text message can vary, such as:
• You have a voicemail message.
• Your parcel is out for delivery. Click the link to track your parcel.
• Someone would like to share a photo album with you.
• Your Android device is infected with malware. You must install this security update to remove the malware.
BruCERT has received reports of a phishing email that claims to be from "BIBD Bank Darussalam Brunei" offering a COVID-19 relief fund to its customers.
BruCERT has received a report of a phishing scam involving Brunei Postal Services Department. An SMS message which appears to be from "Brunei Post" informs the recipient that their package has been relocated to a post office branch due to unpaid postage fees. The message includes a shortened link that will redirect the user to a fake website post-bn.com where they will be asked to enter their full name and credit card details.
Apple has released security updates for iPhones, iPads, Apple Watches and Mac computers to address vulnerabilities (CVE-2021-30860 and CVE-2021-30858) that were being exploited by Pegasus spyware.
The bug allowed for a "zero-click" install of the spyware which is capable of stealing data, passwords, and activating a phone's microphone or camera.
May lead to arbitrary code execution on affected products.
Apple devices running iOS, macOS and watchOS.
Due to the challenging pandemic situation in Brunei Darussalam where the population is advised to stay at home, cybercriminals are taking the opportunity to phish sensitive and confidential information by creating a fake website for well-known fast-food chains.
https:// bn-mcdelivery .ru
This website appears to be hosted in Russia, and offers meals at a very low price, with many menu items that are not available in Brunei outlets.
Attackers are now actively exploiting Microsoft Exchange Servers using ‘ProxyShell’ vulnerability to install backdoors for later access, which uses three chained MS vulnerabilities to perform unauthenticated, remote code execution. These chained vulnerabilities are exploited remotely through Microsoft Exchange's Client Access Service (CAS) running on port 443 in IIS.
The three chained vulnerabilities used in ‘ProxyShell’ attacks are: