NCERT | National Computer Emergency Response Team Philippines

Microsoft Releases March 2023 Patch Tuesday Security Updates

_____________________________ A. List of Vulnerabilities Microsoft OneDrive CVE-2023-24930 Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability Elevation of Privilege Important Microsoft OneDrive CVE-2023-24923 Microsoft OneDrive for Android Information Disclosure Vulnerability Information Disclosure Important Microsoft Dynamics CVE-2023-24922 Microsoft Dynamics 365 Information Disclosure Vulnerability Information Disclosure Important Microsoft Dynamics CVE-2023-24921 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability continue reading : Microsoft Releases March 2023 Patch Tuesday Security Updates

Updating of SSL Certificates for Government Websites

_____________________________ A. Background SSL certificates are used to establish a secure and encrypted connection between a user’s browser and their website or portal. This encryption helps to protect sensitive information, such as personal data and financial information, from being intercepted and accessed by unauthorized third parties. However, SSL certificates have an expiration date, and if continue reading : Updating of SSL Certificates for Government Websites

GlobeImposter Ransomware Being Distributed with MedusaLocker via RDP

_____________________________ A. Nature of Attack a. Installation of Ransomware Threat actors can use the obtained account credentials to log in to the system through Remote Desktop Protocol (RDP), allowing them to gain control over the system and perform malicious activities. The threat actors who install GlobeImposter are also assumed to use RDP as their attack continue reading : GlobeImposter Ransomware Being Distributed with MedusaLocker via RDP

Microsoft Releases February 2023 Patch Tuesday Security Updates

Microsoft has released its February 2023 patch Tuesday security updates to fix multiple vulnerabilities in its products, including three (3) Zero-day vulnerabilities (CVE-2023-21823, CVE-2023-21715, and CVE-2023-23376) that are currently reported to be exploited in the wild. Based on the official release notes from Microsoft, there are a total of 78 vulnerabilities. Of these vulnerabilities, 7 continue reading : Microsoft Releases February 2023 Patch Tuesday Security Updates

Apple Releases Security Updates To Fix Multiple Vulnerabilities to Apple Products

_____________________________ A. Nature of the Vulnerability CVE-2023-23514 CVE-2023-23522 CVE-2023-23529 _____________________________ B. Affected Versions iOS and iPadOS MacOS _____________________________ C. Actions to be Taken CERT-PH recommends the following actions be taken: