NCERT | National Computer Emergency Response Team Philippines

GlobeImposter Ransomware Being Distributed with MedusaLocker via RDP

_____________________________ A. Nature of Attack a. Installation of Ransomware Threat actors can use the obtained account credentials to log in to the system through Remote Desktop Protocol (RDP), allowing them to gain control over the system and perform malicious activities. The threat actors who install GlobeImposter are also assumed to use RDP as their attack continue reading : GlobeImposter Ransomware Being Distributed with MedusaLocker via RDP

Microsoft Releases February 2023 Patch Tuesday Security Updates

Microsoft has released its February 2023 patch Tuesday security updates to fix multiple vulnerabilities in its products, including three (3) Zero-day vulnerabilities (CVE-2023-21823, CVE-2023-21715, and CVE-2023-23376) that are currently reported to be exploited in the wild. Based on the official release notes from Microsoft, there are a total of 78 vulnerabilities. Of these vulnerabilities, 7 continue reading : Microsoft Releases February 2023 Patch Tuesday Security Updates

Apple Releases Security Updates To Fix Multiple Vulnerabilities to Apple Products

_____________________________ A. Nature of the Vulnerability CVE-2023-23514 CVE-2023-23522 CVE-2023-23529 _____________________________ B. Affected Versions iOS and iPadOS MacOS _____________________________ C. Actions to be Taken CERT-PH recommends the following actions be taken:

New Nevada Ransomware Targets Windows and VMware ESXi Systems

A new ransomware operation, known as “Nevada”, has been observed by security researchers that its functionality for the locker targeting Windows and VMware ESXi systems has improved. On December 10, 2022, Nevada ransomware began to be advertised on the RAMP darknet forums, urging Chinese- and Russian-speaking threat actors to join it in exchange for an continue reading : New Nevada Ransomware Targets Windows and VMware ESXi Systems

Dark Pink APT Group Targets Government and Military Organizations in Southeast Asia and Europe

_____________________________ A. Nature of the Attack The initial infection starts with a targeted spear-phishing email using a unique phishing email depending on their targeted organization. There are 3 documented methods used after the initial access to the targeted assets. 1). First Method – Threat actors pack all of the described above files, including a malicious continue reading : Dark Pink APT Group Targets Government and Military Organizations in Southeast Asia and Europe