NCERT | National Computer Emergency Response Team Philippines

Advanced Persistent Threat Group, LuminousMoth Targeting Government Organizations from the Philippines

An Advanced Persistent Threat (APT) Group, dubbed as LuminousMoth, was observed to be conducting a large-scale campaign targeting government entities and organizations from South East Asian countries, including Myanmar and the Philippines. The APT group is also associated with a known Chinese-speaking threat group, HoneyMyte/Mustang Panda, which was attributed to malicious campaigns targeting local high continue reading : Advanced Persistent Threat Group, LuminousMoth Targeting Government Organizations from the Philippines

State-Sponsored Threat Group, TAG-22, Targeting Government and CII Sectors

A Chinese state-sponsored group, tracked as Threat Activity Group 22 (TAG-22), was observed to be targeting telecommunications, academia, research and development, and government organizations in Nepal, the Philippines, Taiwan, and more historically, Hong Kong. In its recent activities, the threat group was monitored to be targeting vulnerable GlassFish servers and uses open-source tools to gain continue reading : State-Sponsored Threat Group, TAG-22, Targeting Government and CII Sectors

Kaseya Supply‑Chain Attack

Kaseya, an IT systems management solution provider, had disclosed that it suffered a sophisticated cyberattack affecting multiple managed service providers (MSPs) and their clients. The attack was attributed to REvil gang, an infamous cybercriminal group that is known to operate via Ransomware-as-a-Service, wherein the group compromised both providers and their clients’ system with their ransomware. continue reading : Kaseya Supply‑Chain Attack

PrintNightmare Zero-Day Vulnerability (CVE-2021-34527)

Microsoft has issued a security advisory following the leakage of the Proof-of-Concept (PoC) of a zero-day vulnerability found in Windows Spooler Driver that impacts all versions of Windows. In addition, the company identified that the vulnerability is under active exploitation by threat actors. As of this writing, there is no security update available that addresses continue reading : PrintNightmare Zero-Day Vulnerability (CVE-2021-34527)

CERT-PH Cyber Incident Drill (CCID) 2021

DICT Cybersecurity Bureau thru the National Computer Emergency Response Team (CERT-PH) is inviting Government Agencies and Organizations from the Critical Information Infrastructure (CII) Sector of GOVERNMENT AND EMERGENCY SERVICES and POWER to register and participate in the upcoming CERT-PH Cyber Incident Drill (CCID) 2021 on July 29, 2021, with the theme: “ENHANCING THE COLLABORATION AMONG continue reading : CERT-PH Cyber Incident Drill (CCID) 2021