Thousands of participants joined National Cyber Drill 2021

This year’s National Cyber Drill, anchored on the theme, “Cybersecurity Starts with You: Building a CyberSecure Society,” has brought together over a total of 2,255 participants from various walks of life, including employees and individuals from the private and government sectors and the academe.     The participation rate in the two-day event held last November 24-25 continue reading : Thousands of participants joined National Cyber Drill 2021

Microsoft Zero-Day Vulnerability (CVE-2021-41379)

Security researcher Abdelhamid Naceri discovered a Zero-Day vulnerability affecting all supported versions of Windows. The working proof of concept (POC) exploit for this vulnerability was published on GitHub. To address this vulnerability, Microsoft had already released a patch to fix the security flaw during its monthly security update in November. Unfortunately, Microsoft failed to fix the continue reading : Microsoft Zero-Day Vulnerability (CVE-2021-41379)

TA2722 Impersonates as a Government Entity from Philippines

An Advanced Persistent Threat (APT) Group dubbed as TA2722/Balikbayan Foxes was recently discovered impersonating as from DHL Philippines and Philippine Government entities including the Department of Health, the Philippine Overseas Employment Administration (POEA), and the Bureau of Customs, and the Manila embassy for the Kingdom of Saudi Arabia (KSA) targeting businesses from Shipping/Logistics Manufacturing, Business continue reading : TA2722 Impersonates as a Government Entity from Philippines

Microsoft Win32K Vulnerability (CVE-2021-40449)

Microsoft released a security fix to an elevation of privilege vulnerability in Win32K Kernel. The flaw can be used together with other browser exploits to escape sandboxes or achieve system privileges. In addition, the company identified that the vulnerability is under active exploitation by threat actors. ______________________________ A. Nature of the Vulnerability The nature of continue reading : Microsoft Win32K Vulnerability (CVE-2021-40449)

Apache Zero-Day Vulnerability (CVE-2021-41773)

Apache has released version 2.4.50 of the HTTP Web server that addresses two vulnerabilities (CVE-2021-41773 and CVE-2021-41524), wherein one of the flaws is discovered to be actively exploited in the wild. The exploitation of the vulnerabilities could allow threat actors to file traversal attacks or perform denial of service on the affected vulnerable servers. ______________________________ continue reading : Apache Zero-Day Vulnerability (CVE-2021-41773)