Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

TTCSIRT-369.10.14.20: TT-CSIRT ADVISORY – Microsoft Addresses Windows TCP/IP RCE/DoS Vulnerability

Microsoft has released a security update to address a protocol vulnerability—CVE-2020-16898—in Windows Transmission Control Protocol (TCP)/IP stack handling of Internet Control Message Protocol version 6 (ICMPv6) Router Advertisement packets. A remote attacker could exploit this vulnerability to take control of an affected system or cause a denial-of-service condition. Administrators are encouraged to review and apply the …

TTCSIRT-368.10.14.20: TT-CSIRT ADVISORY – SAP October 2020 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. This includes an OS command injection vulnerability (CVE-2020-6364) affecting SAP Solution Manager and SAP Focused Run. Administrators are encouraged to review and apply the necessary updates. For further information and support, …

TTCSIRT-367.10.14.20: TT-CSIRT ADVISORY – Adobe Security Updates for Flash Player

Adobe has released security updates to address a vulnerability affecting Flash Player. An attacker could exploit this vulnerability to take control of an affected system. Administrators are encouraged to review Adobe Security Bulletin APSB20-58 and apply the necessary update. For further information and support, please visit the following link:Adobe Security Update release

TTCSIRT-366.10.14.20: TT-CSIRT ADVISORY – Apache Tomcat Security Updates

The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to obtain sensitive information.  Administrators are encouraged to review Apache Security Advisory for CVE-2020-13943 and upgrade to the appropriate version. For further information and support, please visit the following link:Apache Security updates

TTCSIRT-365.10.14.20: TT-CSIRT ADVISORY – Microsoft Releases October 2020 Security Updates

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Administrators are encouraged to review and apply the necessary updates. Please review Security Update Summary for further information on software to be updated.

TTCSIRT-364.10.02.20: TT-CSIRT ADVISORY – Remote Access Trojan: SLOTHFULMEDIA

The malware variant, known as SlothfulMedia, has been used by a sophisticated cyber actor. CISA and CNMF are distributing this MAR to enable network defense and reduced exposure to malicious activity. This MAR includes suggested response actions and recommended mitigation techniques. The sample is a dropper, which deploys two files when executed. The first is …

TTCSIRT-363.09.25.20: TT-CSIRT ADVISORY – LokiBot Malware

There has been a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020. Throughout this period, CISA’s EINSTEIN Intrusion Detection System has detected persistent malicious LokiBot activity. LokiBot uses a credential- and information-stealing malware, often sent as a malicious attachment and known for being simple, yet effective, making it …

TTCSIRT-362.09.25.20: TT-CSIRT ADVISORY – Cisco Security Updates

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Administrators are encouraged to review and apply the necessary updates.For further information and support, please visit the Cisco security page .

TTCSIRT-361.09.25.20: TT-CSIRT ADVISORY – Apple Security Updates

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators need to review the Apple security pages for the following products and apply the necessary updates: iCloud for Windows 11.4 macOS Catalina 10.15.7, Security Update 2020-005 High …

TTCSIRT-360.09.15.20: TT-CSIRT ADVISORY – Iran-Based Threat Actor Exploits VPN Vulnerabilities

An analysis of threat actor’s indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) indicates a correlation with the group known by the names, Pioneer Kitten and UNC757. This Iran-based threat actor has been observed exploiting several publicly known Common Vulnerabilities and Exposures (CVEs) dealing with Pulse Secure virtual private network (VPN), Citrix NetScaler, …