NCERT | National Computer Emergency Response Team Philippines

New Purple Fox Malware found in Malicious Telegram Messenger App

Security researchers have recently observed a malware distribution of Purple Fox Backdoor through trojanized installers of the Telegram messaging application. Based on the report of Minerva Labs (https://blog.minerva-labs.com/malicious-telegram-installer-drops-purple-fox-rootkit), this threat actor was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which had continue reading : New Purple Fox Malware found in Malicious Telegram Messenger App

Apache Log4j Remote Code Execution (CVE-2021-44228)

A critical zero-day vulnerability in Apache Log4j2, a library used by millions for Java applications, that is being actively exploited in the wild was recently discovered that can allow a threat actor to gain system-level access to the vulnerable servers. Tracked as CVE-2021-42288, CERTS from different countries like New Zealand, Austria, and Germany have already continue reading : Apache Log4j Remote Code Execution (CVE-2021-44228)

PH among the targets of Chinese Hackers based on reports by Insikt Group

Recorded Future’s Insikt Group, a US-based private cybersecurity company, reported that Chinese state-sponsored hackers are currently targeting several Southeast Asian countries, specifically those with similar territorial claims or those involved in infrastructure development projects. The report mentioned the top five most targeted Southeast Asian countries were Malaysia, Indonesia, Vietnam, Myanmar, and the Philippines. ______________________________ A. continue reading : PH among the targets of Chinese Hackers based on reports by Insikt Group

Thousands of participants joined National Cyber Drill 2021

This year’s National Cyber Drill, anchored on the theme, “Cybersecurity Starts with You: Building a CyberSecure Society,” has brought together over a total of 2,255 participants from various walks of life, including employees and individuals from the private and government sectors and the academe. The participation rate in the two-day event held last November 24-25 continue reading : Thousands of participants joined National Cyber Drill 2021

Microsoft Zero-Day Vulnerability (CVE-2021-41379)

Security researcher Abdelhamid Naceri discovered a Zero-Day vulnerability affecting all supported versions of Windows. The working proof of concept (POC) exploit for this vulnerability was published on GitHub. To address this vulnerability, Microsoft had already released a patch to fix the security flaw during its monthly security update in November. Unfortunately, Microsoft failed to fix the continue reading : Microsoft Zero-Day Vulnerability (CVE-2021-41379)