The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) has observed a significant increase in ransomware attacks targeting local organizations. Ransomware is a type of malware that prevents users from accessing their system or files and demands a ransom payment in order to regain access. Threat actors have also threaten to publish or sell …
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. TTCSIRT encourages users and administrators to review the Mozilla Security Advisories for Firefox 82, Firefox ESR 78.4, and Thunderbird 78.4 and apply the necessary updates.
Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. TTCSIRT encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates. Illustrator: APSB20-53 Dreamweaver: APSB20-55 Marketo: APSB20-60 Animate: APSB20-61 After Effects: APSB20-62 Photoshop: …
Google has released Chrome version 86.0.4240.111 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. TTCSIRT encourages users and administrators to review and apply the necessary changes. For further information and support, please visit the link below:Chrome Release
Microsoft has released a security update to address a protocol vulnerability—CVE-2020-16898—in Windows Transmission Control Protocol (TCP)/IP stack handling of Internet Control Message Protocol version 6 (ICMPv6) Router Advertisement packets. A remote attacker could exploit this vulnerability to take control of an affected system or cause a denial-of-service condition. Administrators are encouraged to review and apply the …
SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. This includes an OS command injection vulnerability (CVE-2020-6364) affecting SAP Solution Manager and SAP Focused Run. Administrators are encouraged to review and apply the necessary updates. For further information and support, …
Adobe has released security updates to address a vulnerability affecting Flash Player. An attacker could exploit this vulnerability to take control of an affected system. Administrators are encouraged to review Adobe Security Bulletin APSB20-58 and apply the necessary update. For further information and support, please visit the following link:Adobe Security Update release
The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to obtain sensitive information. Administrators are encouraged to review Apache Security Advisory for CVE-2020-13943 and upgrade to the appropriate version. For further information and support, please visit the following link:Apache Security updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Administrators are encouraged to review and apply the necessary updates. Please review Security Update Summary for further information on software to be updated.
The malware variant, known as SlothfulMedia, has been used by a sophisticated cyber actor. CISA and CNMF are distributing this MAR to enable network defense and reduced exposure to malicious activity. This MAR includes suggested response actions and recommended mitigation techniques. The sample is a dropper, which deploys two files when executed. The first is …