Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

TT-CSIRT-413.23.12.22: Parang, Pastelle and Ransomware

As we move into the back to back Christmas and New Year holiday weekends the Trinidad  and Tobago Cyber Security Incident Response Team (TT-CSIRT) urges all entities to take the necessary precautions to mitigate against rising ransomware attacks. This warning comes as there have been two major ransomware attacks on the financial sector within the …

TT-CSIRT-412.14.12.22: Critical Citrix ADC and Gateway Vulnerability

Citrix has released security updates to address a critical vulnerability in their Citrix ADC or Citrix Gateway products. The vulnerability in question is being tracked as CVE-2022-27518 and is a RCE vulnerability impacting Citrix ADC or Citrix Gateway when configured as a Security Assertion Markup Language (SAML) service provider (SP) or a SAML identity provider …

TT-CSIRT-411.14.12.22: Critical Fortinet SSL-VPN Vulnerability

Fortinet has released a security update to address a critical zero day vulnerability in their FortiOS SSL-VPN product. The vulnerability in question is being tracked as CVE-2022-42475 and is a heap-based buffer overflow in several versions of ForiOS that received a CVSSv3 score of 9.3. A remote, unauthenticated attacker could exploit this vulnerability with a …

Do the basics well

Attacks against local entities have been on the rise over the last 3 years and the TT-CSIRT has issued several advisories, alerts and guidance noting this uptick during that time. The necessary increase in digital transformation initiatives being pursued by both the public and private sector also inadvertently increases our viability as a target for …