NCERT | National Computer Emergency Response Team Philippines

Remote Code Execution Vulnerability in Sophos Firewall (CVE-2022-1040)

A British-based security provider, Sophos, has addressed a critical vulnerability in Sophos Firewall product after security researchers responsibly disclosed it through Sophos bug bounty program. All Sophos Firewall prior to versions 18.5 MR3 (18.5.3) are affected by the security flaw, which users/administrators should already get the hotfixes automatically by default. ______________________________ A. Nature of the continue reading : Remote Code Execution Vulnerability in Sophos Firewall (CVE-2022-1040)

Cyclops Blink Targeting Asus Routers

ASUS has released a security advisory to provide information and mitigation for the Russian-linked advanced persistent threat (APT)) group Sandworm or Voodoo Bear malware dubbed as Cyclops Blink. Based on a report by Trend Micro, they’ve acquired a variant of the Cyclops Blink targeting multiple ASUS routers that are believed to establish persistence to the continue reading : Cyclops Blink Targeting Asus Routers

CISA Adds 95 Known Exploited Vulnerabilities to Catalog

CISA has added 95 new vulnerabilities to its known exploited vulnerabilities catalog. Based on the evidence, the security flaws listed are currently actively exploited in the wild used for a cyber-attack that may pose a significant risk to enterprises. CERT-PH urges agencies using products listed below to check, and remediate the issues presented in a continue reading : CISA Adds 95 Known Exploited Vulnerabilities to Catalog

ESET Local Privilege Escalation Vulnerability (CVE-2021-37852)

Internet Security Company, ESET, has fixed the local privilege escalation in multiple ESET products for Windows. Through the coordination of Michael DePlante, a security researcher from Trend Micro’s Zero Day Initiative team, ESET became aware of the vulnerability and mitigated it by releasing a fixed product version. According to ESET, there are no existing exploits continue reading : ESET Local Privilege Escalation Vulnerability (CVE-2021-37852)

Earth Lusca Targets Organization including the Philippine Government

Based on a report issued by Trend Micro, malicious campaigns target organizations globally including the Philippine government. The adversary was dubbed as Earth Lusca, a financially motivated elusive threat actor based in China, that uses traditional social engineering such as spear phishing and watering holes. Telemetry data gathered by Trend Micro revealed that Earth Lusca continue reading : Earth Lusca Targets Organization including the Philippine Government