Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

TT-CSIRT-426.14.02.24: Critical Patches Issued for Microsoft Products

Microsoft has released security updates to address vulnerabilities in multiple products; the most severe of which could allow for remote code execution. Additionally, two (2) zero day vulnerabilities related to Microsoft products have been identified that are CVE-2024-21351 – Windows SmartScreen Security Feature Bypass Vulnerability and CVE-2024-21412 – Internet Shortcut Files Security Feature Bypass Vulnerability.Affected …

TT-CSIRT 425 09.02.24: FortiOS Security Updates

Fortinet has released security updates to address two (2) critical vulnerabilities in FortiOS. TT-CSIRT encourages administrators to review the following releases and take the necessary actions immediately: CVE-2024-21762 – https://www.fortiguard.com/psirt/FG-IR-24-015 CVE-2024-23113 – https://www.fortiguard.com/psirt/FG-IR-24-029 Fortinet has noted that CVE-2024-21762 is potentially being exploited in the wild. If you have any queries, comments or require assistance, please …

TT-CSIRT – 424 17.01.24: Patch SonicWall Firewall Still Vulnerable to CVE-2023-0656 and CVE-2022-22274

Severity: Critical Overview: SonicWall Firewalls CVE-2022-22274 and CVE-2023-0656 have CVSS score of 9.4 and 7.5 respectively. A proof-of-concept has been published therefore the vulnerabilities are more susceptible to exploitation. Affected Systems: Various SonicWall devices, including TZ series, NSa models, NSsp series, and NSv models, are susceptible to the mentioned vulnerabilities. Description: Over 178,000 SonicWall firewalls …

TT-CSIRT – 423 02.01.24: Terrapin CVE-2023-48795 vulnerability in Secure Shell (SSH) cryptographic network protocol

Severity: Medium Overview: Terrapin (CVE-2023-48795, CVSS score: 5.9) allows remote attackers to bypass integrity checks such that some packets are omitted causing security features to be downgraded or disabled within a client and server connection (a Terrapin Attack). This allows attackers to exploit the SSH protocol, potentially gaining unauthorized access to sensitive information or compromising network …

TT-CSIRT-422.18.10.23: Cisco Security Vulnerability

Cisco has released a security advisory concerning a critical Privilege Escalation Vulnerability in their IOS XE software. Cisco has identified active exploitation of a previously unknown vulnerability in the Web User Interface (Web UI) feature of Cisco IOS XE software (CVE-2023-20198) when exposed to the internet or untrusted networks. This affects both physical and virtual …

TT-CSIRT-421.13.7.23: Fortinet Security Vulnerability

Fortinet has released a security update to address a critical vulnerability (CVE-2023-33308) affecting FortiOS and FortiProxy. TT-CSIRT encourages administrators to review the following release from Fortinet and take the necessary actions immediately: https://www.fortiguard.com/psirt/FG-IR-23-183

TT-CSIRT-420.11.7.23: Microsoft Windows and Office Zero Day Vulnerability

Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents. An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the …

TT-CSIRT-419.7.7.23: Ransomware Prevention and Response

The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) urges all organizations to take the necessary precautions to mitigate against rising ransomware attacks in Trinidad and Tobago. The following resources detail the necessary actions that must be taken to harden your organization: Ransomware Prevention Guide: https://ttcsirt.gov.tt/ransomware-prevention/ Ransomware Response Checklist: https://ttcsirt.gov.tt/ransomware-response-checklist/ Incident Reporting Should your organization fall …

TT-CSIRT-418.12.6.23: Fortinet Fortigate SSL-VPN Vulnerability

A critical Remote Code Execution vulnerability (CVE-2023-27997) has been identified in multiple versions of Fortinet Fortigate devices when SSL-VPN is enabled. Exploitation of this critical vulnerability could allow a malicious actor to gain remote code execution rights on the affected system, and perform unauthorized actions. TT-CSIRT encourages administrators to review the following release from the …

TT-CSIRT-417.9.6.23: Barracuda Email Security Gateway Appliance (ESG) Vulnerability

Barracuda has release new guidance in relation to a zero-day vulnerability discovered in their Email Security Gateway Appliance (ESG). Barracuda’s remediation recommendation at this time is full replacement of the impacted ESG. Impacted ESG appliances must be immediately replaced regardless of patch version level. TT-CSIRT encourages administrators to review the following release and take the …