Published on Wednesday, 09 August 2017 22:10 BackgroundSingCERT has observed an increase in defacement activities affecting websites hosted in Singapore in early August 2017. A website defacement is an attack on a website that changes the visual appearance of the site or a webpage. This is usually done by exploiting Continue Reading

Published on Friday, 14 July 2017 16:33 BackgroundApache Struts is a popular, free, open-source web application framework for developing Java web applications. Struts is well-known for its extensible “plug-in” architecture. On 9th July 2017, the Apache Software Foundation announced that a high-risk security vulnerability (S2-048) was discovered in its Apache Continue Reading

10 Jul 2017 INTRODUCTION The Ministry of Communications and Information (MCI) and the Cyber Security Agency of Singapore (CSA) would like to invite the public to provide feedback on the draft Cybersecurity Bill. SCOPE OF CONSULTATION 2          Cyber-attacks are getting increasingly frequent, sophisticated and impactful. Globally, we have also seen Continue Reading

10 Jul 2017 The Ministry of Communications and Information (MCI) and the Cyber Security Agency of Singapore (CSA) invite the public to provide feedback on the proposed Cybersecurity Bill. The public consultation exercise will run from 10 July to 3 August 2017.  Fast-evolving cybersecurity landscape  Cyber-attacks are getting increasingly frequent, Continue Reading

Published on Saturday, 08 July 2017 22:03 BackgroundBerkeley Internet Name Domain (BIND) is a DNS implementation solution developed by the Internet Software Consortium (ISC) that is widely used in Unix and Linux operating systems. A Domain Name System or Service or Server (DNS) acts like yellow pages for the Internet. Continue Reading

06 Jul 2017 Singapore and Germany today signed a Joint Declaration on strengthening cybersecurity cooperation in conjunction with Prime Minister Lee Hsien Loong’s official visit to Berlin, Germany.  The Joint Declaration was signed by Mr David Koh, Chief Executive, Cyber Security Agency of Singapore (CSA), and Dr. Thomas Fitschen, Director Continue Reading

Published on Friday, 23 June 2017 14:51 BackgroundRecently, SingCERT has noted an increase in the number of reports on phishing emails sent from fake logistics companies.   Phishing is one of the simplest and more effective ways of obtaining sensitive information from users. The information includes passwords, bank account details Continue Reading

Published on Wednesday, 28 June 2017 22:07 BackgroundOn 27th June 2017, SingCERT was alerted to the occurrence of a Petya variant also known as Petna, which has impacted organisations in Ukraine and other parts of Europe. Petya/Petna works by modifying Window’s Master Boot Record (MBR), causing the system to crash. Continue Reading

Published on Wednesday, 28 June 2017 00:30 BackgroundOn 27th June 2017, SingCERT was alerted to a new variant of the Petya malware known as Petna, which spreads via the Microsoft Windows SMB protocol based on the ETERNALBLUE exploit. This is a similar exploit to the WannaCrypt/WannaCry ransomware earlier in May Continue Reading

Published on Monday, 15 May 2017 21:56 BackgroundOn 12th May 2017, there was a global wide-spread infection of a ransomware known as “WannaCry”, aka. WanaCrypt0r. This ransomware exploits a known critical Microsoft Windows Server Message Block 1.0 (SMB) vulnerability (MS17-010), which allows remote code execution, providing a worm-like capability to Continue Reading