Photographer: Johannes Eisele/AFP via Getty Images

Weekly Updates


March 21, 2024
Updated on March 21, 2024
{{bullet-1}}
{{bullet-2}}
Share this article
Email

[CyberSecurity.PH #018] – Philippine law-enforcement frees hundreds of enslaved romance-scam workers; China backed Earth Krahang exploits inter-governmental trust; Acer confirms Philippines employee data leak; Active cyber-attacks on critical water infrastructure; More vulnerabilities from Fortinet, Fortra and Ivanti


Philippines

  • China-linked threat actor “Earth Krahang” targeting Southeast Asian countries including Philippines with new backdoors
  • Philippine law-enforcement free hundreds of workers from romance-scam operation
  • Acer confirms via Twitter that Philippines employee data has been leaked

Cybersecurity Threat Landscape

  • United States White House issues warning governors of active cyber-attacks on critical water infrastructure
  • Supply chain threat vendor Microsoft patch 60 vulnerabilities including 18 RCEs

Cybersecurity Vulnerabilities

  • Fortinet warns of critical RCE bug in their endpoint software
  • Vulnerability in WordPress Popup Builder used to infect 3,300 sites with malware
  • Fortra Releases update for critical severity vulnerability
  • Ivanti fixes critical Standalone Sentry vulnerability

Cybersecurity Engineering

  • Trufflehog
  • Sign1 Malware Analysis