NCERT | National Computer Emergency Response Team Philippines

SharpPanda: APT Group Targeting Southeast Asian Countries

An ongoing cyber espionage and surveillance campaign of an APT Group, SharpPanda, was discovered and identified to be targeting Southeast Asian government with a newly deployed backdoor malware. The malware was said to be developed, tested, and deployed over the past three years in order to compromise systems of a Southeast Asian government’s Ministry of continue reading : SharpPanda: APT Group Targeting Southeast Asian Countries

CERT-PH Cyber Incident Drill (CCID) 2021

DICT Cybersecurity Bureau thru the National Computer Emergency Response Team (CERT-PH) is inviting Government Agencies and Organizations from the Critical Information Infrastructure (CII) Sector of HEALTHCARE, MEDIA, TRANSPORTATION AND LOGISTICS, and WATER to register and participate in the upcoming CERT-PH Cyber Incident Drill (CCID) 2021 on June 24, 2021, with the theme: “ENHANCING THE COLLABORATION continue reading : CERT-PH Cyber Incident Drill (CCID) 2021

Adobe Reader Zero-day Vulnerability (CVE-2021-28550)

Adobe released its monthly security update that addressed several vulnerabilities in its products, including a zero-day vulnerability impacting its Acrobat Reader products for Windows systems that is reported to be actively exploited in the wild. Successful exploitation of the flaw could allow attackers to arbitrary code execution. ______________________________ A. Nature of the Vulnerability Description of continue reading : Adobe Reader Zero-day Vulnerability (CVE-2021-28550)

Dell Driver Vulnerabilities (CVE-2021-21551)

Dell has addressed vulnerabilities in its BIOS driver software used across its desktop and laptop PCs, notebooks, and tablet products. The vulnerable driver, dbutil_2_3.sys, is used in firmware update utility packages, Dell Command Update, Dell Update, Alienware Update, Dell System Inventory Agent, or Dell Platform Tags to update drivers, BIOS, and firmware for Dell products. continue reading : Dell Driver Vulnerabilities (CVE-2021-21551)

21Nails, A Collection of Exim Vulnerabilities

A collection of critical vulnerabilities was found in Exim mail server that consisted of twenty-one flaws that can be exploited locally and remotely. some of which when chained together, could allow attackers to execute arbitrary code, modify email settings and configuration, create new accounts, even gain root privilege on affected mail servers with default or continue reading : 21Nails, A Collection of Exim Vulnerabilities