Threat actors have been detected to be targeting Zyxel’s firewall and WLAN controller products that contain an undocumented account with an unchangeable password, which can be found in cleartext in the product’s firmware. Tracked as CVE-2020-29583, a hardcoded credential vulnerability that exists in Zyxel firewalls and AP controllers with an unchangeable static plain-text password and continue reading : Zyxel’s Firewalls and AP Controllers Vulnerability (CVE-2020-29583)

TLP: White VENUE: Online (Email, Instant Messaging and Digital Distribution Platform, and Video Conferencing Platform) DATE: 26 November 2020 OBJECTIVES: Participants are expected: – To develop a proactive mindset and approach on cybersecurity– To be able to familiarize, detect, and respond to cyber threats promptly and effectively– To practice effective and adaptive incident handling and continue reading : NATIONAL CYBER DRILL 2020 PRESS RELEASE

The National Computer Emergency Response Team (CERT-PH) monitored a large-scale cyber-attack against government and non-government organizations involving the SolarWinds Orion network management tool, which is currently being exploited by threat actors worldwide. These highly skilled Nation-State Threat actors are weaponizing the SolarWinds Orion’s legitimate software update in order to distribute a malware called SUNBURST and continue reading : Software Supply Chain Attack against SolarWinds Affected Organizations Globally

DICT Cybersecurity Bureau thru the National Computer Emergency Response Team (CERT-PH) is inviting Government Agencies and Organizations from the Critical Information Infrastructure to register and participate in the Philippine National Cyber Drill 2020 on November 25-26, 2020, with the theme: “Strengthening Cybersecurity and Adopting to the New Normal through Incident Response and Collaboration”. The National continue reading : National Cyberdrill 2020