NCERT | National Computer Emergency Response Team Philippines

Updating of SSL Certificates for Government Websites

_____________________________ A. Background SSL certificates are used to establish a secure and encrypted connection between a user’s browser and their website or portal. This encryption helps to protect sensitive information, such as personal data and financial information, from being intercepted and accessed by unauthorized third parties. However, SSL certificates have an expiration date, and if continue reading : Updating of SSL Certificates for Government Websites

GlobeImposter Ransomware Being Distributed with MedusaLocker via RDP

_____________________________ A. Nature of Attack a. Installation of Ransomware Threat actors can use the obtained account credentials to log in to the system through Remote Desktop Protocol (RDP), allowing them to gain control over the system and perform malicious activities. The threat actors who install GlobeImposter are also assumed to use RDP as their attack continue reading : GlobeImposter Ransomware Being Distributed with MedusaLocker via RDP

Microsoft Releases February 2023 Patch Tuesday Security Updates

Microsoft has released its February 2023 patch Tuesday security updates to fix multiple vulnerabilities in its products, including three (3) Zero-day vulnerabilities (CVE-2023-21823, CVE-2023-21715, and CVE-2023-23376) that are currently reported to be exploited in the wild. Based on the official release notes from Microsoft, there are a total of 78 vulnerabilities. Of these vulnerabilities, 7 continue reading : Microsoft Releases February 2023 Patch Tuesday Security Updates

Apple Releases Security Updates To Fix Multiple Vulnerabilities to Apple Products

_____________________________ A. Nature of the Vulnerability CVE-2023-23514 CVE-2023-23522 CVE-2023-23529 _____________________________ B. Affected Versions iOS and iPadOS MacOS _____________________________ C. Actions to be Taken CERT-PH recommends the following actions be taken:

New Nevada Ransomware Targets Windows and VMware ESXi Systems

A new ransomware operation, known as “Nevada”, has been observed by security researchers that its functionality for the locker targeting Windows and VMware ESXi systems has improved. On December 10, 2022, Nevada ransomware began to be advertised on the RAMP darknet forums, urging Chinese- and Russian-speaking threat actors to join it in exchange for an continue reading : New Nevada Ransomware Targets Windows and VMware ESXi Systems