NCERT | National Computer Emergency Response Team Philippines

Microsoft Win32K Vulnerability (CVE-2021-40449)

Microsoft released a security fix to an elevation of privilege vulnerability in Win32K Kernel. The flaw can be used together with other browser exploits to escape sandboxes or achieve system privileges. In addition, the company identified that the vulnerability is under active exploitation by threat actors. ______________________________ A. Nature of the Vulnerability The nature of continue reading : Microsoft Win32K Vulnerability (CVE-2021-40449)

Apache Zero-Day Vulnerability (CVE-2021-41773)

Apache has released version 2.4.50 of the HTTP Web server that addresses two vulnerabilities (CVE-2021-41773 and CVE-2021-41524), wherein one of the flaws is discovered to be actively exploited in the wild. The exploitation of the vulnerabilities could allow threat actors to file traversal attacks or perform denial of service on the affected vulnerable servers. ______________________________ continue reading : Apache Zero-Day Vulnerability (CVE-2021-41773)

CERT-PH Cyber Incident Drill (CCID) 2021

DICT Cybersecurity Bureau thru the National Computer Emergency Response Team (CERT-PH) is inviting Government Agencies and Organizations from the Critical Information Infrastructure (CII) Sectors of BANKING, BUSINESS PROCESS OUTSOURCING, FINANCIAL, and TELECOMMUNICATIONS to register and participate in the upcoming CERT-PH Cyber Incident Drill (CCID) 2021 on August 29, 2021, with the theme: “ENHANCING THE COLLABORATION continue reading : CERT-PH Cyber Incident Drill (CCID) 2021

Zimbra Webmail Server Vulnerabilities (CVE-2021-35208 and CVE-2021-35209)

Zimbra has addressed two vulnerabilities in its webmail server that could allow threat actors to gain unrestricted access to employee’s email accounts. This could lead to attackers having access to confidential information and documents, email contacts, and information, and can be used to conduct phishing and other malicious email campaigns. The vulnerabilities could be chained continue reading : Zimbra Webmail Server Vulnerabilities (CVE-2021-35208 and CVE-2021-35209)

Advanced Persistent Threat Group, LuminousMoth Targeting Government Organizations from the Philippines

An Advanced Persistent Threat (APT) Group, dubbed as LuminousMoth, was observed to be conducting a large-scale campaign targeting government entities and organizations from South East Asian countries, including Myanmar and the Philippines. The APT group is also associated with a known Chinese-speaking threat group, HoneyMyte/Mustang Panda, which was attributed to malicious campaigns targeting local high continue reading : Advanced Persistent Threat Group, LuminousMoth Targeting Government Organizations from the Philippines