TT-CSIRT – 456.08.05.26 – CYBERSECURITY ADVISORY: Critical Palo Alto Networks PAN-OS Vulnerability (CVE-2026-0300)

TT-CSIRT – 456.08.05.26 – CYBERSECURITY ADVISORY: Critical Palo Alto Networks PAN-OS Vulnerability (CVE-2026-0300)
By

CVE-2026-0300 is a critical buffer overflow vulnerability affecting the User-ID™ Authentication Portal (also known as the Captive Portal) service in PAN-OS. Successful exploitation may allow an unauthenticated remote attacker to execute arbitrary code with root privileges on affected PA-Series and VM-Series firewalls through specially crafted packets. Palo Alto Networks has confirmed that this vulnerability is […]

Read More
TT-CSIRT – 453.24.09.25 – Shai-Hulud Self-Replicating Worm Supply Chain Compromise
By

Please be advised, CISA has issued a critical alert regarding a widespread supply chain attack involving npmjs.com, the largest JavaScript package registry. A self-replicating worm named “Shai-Hulud” has compromised over 500 npm packages. After initial access, the attacker deployed malware scans for sensitive credentials such as GitHub Personal Access Tokens (PATs) and cloud service API […]

Read More
TT-CSIRT – 451.13.09.25 – Malware Alert: Azure Function Abuse
By

Please be advised there has been a discovery of a highly evasive attack using a malicious ISO image named Servicenow-BNM-Verify.iso, containing four files, with two openly visible and two hidden. The visible files include a Windows shortcut, servicenow-bnm-verify.lnk, which launches PanGpHip.exe; a legitimate Palo Alto Networks binary. Hidden are libeay32.dll, a genuine OpenSSL library, and […]

Read More
TT-CSIRT – 450.29.08.25 – FreePBX Vulnerability
By

Please be advised, A critical vulnerability has been discovered in the FreePBX Endpoint module, affecting versions 15, 16, and 17. The vulnerability arises from improper sanitization of user-supplied data, which can be exploited by unauthenticated attackers to gain unauthorized access to the FreePBX Administrator Control Panel. Successful exploitation can result in arbitrary database manipulation and remote […]

Read More
TT-CSIRT – 436.24.10.24. Missing Authentication in FortiManager fgfmd
By

Fortinet has released a patch to address a critical vulnerability in their FortiManager product. This vulnerability allows threat actors to use a compromised FortiManager device to execute arbitrary code or commands via specially crafted requests against other FortiManager devices, through a missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon.   Reports have […]

Read More
TTCSIRT – 435.26.09.24: Phishing Alert
By

The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) is aware of a phishing email originating from a GovNeTT user’s compromised email “akesha.hazel@gov[.]tt’”. In this respect we are advising all persons not to engage with any emails received from the aforementioned email address with the following details: Persons who receive the email are advised […]

Read More
TTCSIRT 434.25.09.24: Keep Your Firewall Up to Date
By

Regularly updating your firewall is essential for maintaining a strong security posture, protecting your network and data, and mitigating the risks associated with cyber threats. From the Trinidad and Tobago perspective, the exploitation of outdated and unpatched firewall systems is one of the most successful attack vectors executed against local organizations. This email serves as […]

Read More
TTCSIRT – 433.23.09.24: Phishing Alert
By

The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) is aware of a phishing email originating from the Military Lead Training Academy’s (MiLAT) email “Milatacademydean@gov[.]tt’”. In this respect we are advising all persons not to engage with any emails received from the aforementioned email address with the following details: Persons who receive the email […]

Read More
TT-CSIRT – 432.10.09.24. SonicOS Improper Access Control Vulnerability
By

The TTCSIRT wishes to inform you of a recently identified vulnerability in SonicWall SonicOS. This improper access control issue affects SonicWall SonicOS management access and SSLVPN, potentially allowing unauthorized access to resources and, under certain conditions, causing the firewall to crash. The vulnerability impacts SonicWall Gen 5 and Gen 6 devices, as well as Gen […]

Read More
TTCSIRT 430.19.07.24: Global Outage Triggered by Faulty CrowdStrike Cybersecurity Update
By

A large-scale outage has occurred due to a broken CrowdStrike cybersecurity update, rendering Windows computers unable to start and affecting much of the world’s infrastructure. The problem stems from an issue with CrowdStrike’s Falcon Sensors, which encountered problems following an early Friday morning update.   PLEASE BE ADVISED: Only accept information from the CrowdStrike support […]

Read More

Quick Navigation

Partner Agencies

Subscribe to Stay Updated!

Subscribe

Follow on social media:

Facebook-f X-twitter Linkedin-in Instagram