Advisory

Apple Security Update Fixes Vulnerabilities Linked To Pegasus Spyware

BACKGROUND

Apple has released security updates for iOS, macOS, iPadOS and watchOS to fix two zero-day vulnerabilities which have been exploited in the wild to compromise Apple products without any interaction from the victim. The exploit allows attackers to target victims with NSO Group’s Pegasus Spyware, without any interaction from the targeted user.

The two known vulnerabilities are tracked as CVE-2023-41064 and CVE-2023-41061. 

IMPACT

URGENT UPDATE FOR APPLE DEVICES TO ADDRESS ZERO-DAY BUG admin 17 Jul 2023

BACKGROUND

Apple users are strongly advised to install an urgent Rapid Security Response (RSR) update to address 
a vulnerability that impacts fully patched iPhones, Macs, and iPads. The RSR patches includes updates 
for the latest versions of macOS, iOS, iPadOS, and Safari.

IMPACT

Critical Vulnerability in FortiOS SSL-VPN Targeting Governments admin 30 Jan 2023

BACKGROUND

Fortinet has issued a warning on a vulnerability affecting several versions of Fortinet FortiOS used in its FortiGate secure socket layer virtual private network (SSL VPN) and firewall products. The security flaw is tracked as CVE-2022-42475 which is rated Critical and assigned a CVSS score of 9.3
out of 10. The attacks are said to be complex and highly targeted at “governmental or government-related targets.”

Dridex Malware Targeting MacOS admin 17 Jan 2023

BACKGROUND
 
Dridex, also known as Bugat and Cridex, is a banking malware that steals sensitive data from infected machines, and also deliver and execute malicious modules. Previously targeting Windows computers, it is now targeting Macs to spread by using email attachments that look like regular documents.
 
MODUS OPERANDI
 

WhatsApp Stolen Accounts admin 30 Nov 2022

An increasing number of local WhatsApp users have reported their accounts being hacked recently. The user would receive an SMS containing a 6-digit verification code, then someone on WhatsApp will ask for the code. Once the code is shared, the scammer will be able to login to your WhatsApp account, and you will be logged out.

High Severity OpenSSL Vulnerabilities admin 08 Nov 2022

Two new buffer overflow vulnerabilities with the formal assignments of CVE-2022-3602 and CVE-2022-3786 has just been disclosed in Open SSL version 3.0.0 to 3.0.6.

Authentication Bypass Vulnerability in Fortinet Products (CVE-2022-40684) admin 12 Oct 2022

In Brunei, there are over 200 Fortinet devices exposed to the Internet and it is strongly advisable that the affected agencies patch their devices the soonest. 

Zero Day Exchange Vulnerabilities / CVE-2022-41040 and CVE-2022-41082 admin 10 Oct 2022

Zero Day Exchange Vulnerabilities 
CVE-2022-41040 and CVE-2022-41082

BACKGROUND
      
Microsoft security researchers announced two new zero-day vulnerabilities, CVE-2022-41040 and CVE-2022-41082 affecting Microsoft Exchange Server. 
 
The first one, identified as CVE-2022-41040, is a server-side request forgery (SSRF) vulnerability, while the second one, identified as CVE-2022-41082, allows remote code execution (RCE) when Exchange PowerShell is accessible to the attacker.

Hacked Business Instagram Account admin 10 Oct 2022

BACKGROUND
 
BruCERT has received an alarming number of reports from users whose Instagram account has been taken over, with a demand for ransom to be paid in order to regain access to their account. The main targets are Instagram business accounts or personal accounts with many followers and their contact number in their profile.
 

“NullMixer” Infecting Windows PCs With Dozens Of Malware

BACKGROUND
      
Cybercriminals are targeting users who search for cracked software by promoting malicious websites to download installers which deploy a malware called NullMixer. This new malware dropper is infecting Windows devices with a dozen malware families simultaneously.
 
These infections range from password-stealing trojans, backdoors, spyware, bankers, fake Windows system cleaners, clipboard hijackers, cryptocurrency miners, and even further malware loaders.