Advisory

Spell-Jacking: Chrome and Edge Web Browsers Leaking Sensitive Information admin 27 Sep 2022

BACKGROUND
Researchers have found that add-on spellchecking features added to popular web browsers Google
Chrome and Microsoft Edge have been leaking sensitive information back to their parent companies
Google and Microsoft respectively. The transmitted data includes Personally Identifiable Information
(PII) such as name, address, email, date of birth, contact information, bank and payment information,
username and passwords.
Both browsers have basic built-in spellcheckers enabled by default, which do not transmit data back

Malicious Gaming Videos on YouTube Spreading Malware admin 21 Sep 2022

A new malware bundle uses victims' YouTube channels to upload malicious video tutorials advertising fake cheats for popular video games. The videos contain links to download the fake cracks and cheats which will actually install a collection of self-spreading malware.

 

Zero-click Hikvision Cameras RCE Flaw (CVE-2021-36260) admin 01 Sep 2022

BACKGROUND

More than 80,000 Hikvision cameras have been discovered to be vulnerable to exploitation and
exposed on the public Internet. These vulnerabilities were fixed by Hikvision last year, however there
are still cameras that have not been updated with the latest firmware thus remain unfixed. Hikvision
has released four repair firmware since the first repair.

Telegram Takeover admin 12 Aug 2022

BACKGROUND
 
An increasing number of local Telegram users have reported to BruCERT since April this year that their accounts had been hacked or taken over. It is suspected that the number of unreported cases could be much higher. 
 
MODUS OPERANDI
•     The user receives a message from Telegram containing a 5-digit login code as a result of the scammer trying to register the user’s phone number.

Organisations Are Encouraged To Urgently Strengthen Cyber Security Posture admin 17 Mar 2022

Cyber threats are expected to increase globally as a result of the current conflict in Europe. All organizations in Brunei Darussalam are advised to increase awareness and strengthen all critical systems to safeguard data against potential cyber-attacks, such as website defacement, distributed denial of service (DDoS), and ransomware attacks. 

RECOMMENDATIONS

BruCERT recommends that the following immediate actions should be taken. 

S​ystem hardeni​ng

Good Practices to Protect your Instagram Account admin 17 Mar 2022

BACKGROUND

Instagram is one of the most popular social media used in Negara Brunei Darussalam, with almost half of the population is using it for communicating. Losing access to your account can be a nightmare scenario for users.

TIPS FOR STAYING SAFE WHILE ON INSTAGRAM

Emergency fix for Exchange Y2K Bug admin 04 Jan 2022

BACKGROUND
 
Microsoft has released an emergency fix for a year 2022 bug that is breaking email delivery on on-premise Microsoft Exchange servers. Email is getting stuck in the queue, and these errors are caused by Microsoft Exchange checking the version of the FIP-FS antivirus scanning engine and attempting to store the date in a signed int32 variable.

FluBot Malware admin 08 Dec 2021

BACKGROUND

Malicious text messages are being spammed to mobile users, containing a link which redirects Android users to download FluBot malware. The language and wording of the text message can vary, such as: 
•    You have a voicemail message.
•    Your parcel is out for delivery. Click the link to track your parcel.
•    Someone would like to share a photo album with you.
•    Your Android device is infected with malware. You must install this security update to remove the malware.

Telephone Interview for Population and Housing Census (BPP) 2021 admin 15 Nov 2021

BACKGROUND

BIBD COVID-19 Relief Fund Phishing Scam admin 09 Nov 2021

BruCERT has received reports of a phishing email that claims to be from "BIBD Bank Darussalam Brunei" offering a COVID-19 relief fund to its customers.

BIBD COVID-19 Relief Fund Phishing Scam