Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

TTCSIRT-022.071717: TT-CSIRT Advisory – CISCO Security Updates

The Simple Network Management Protocol subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via …

TTCSIRT-021.071717: TT-CSIRT Advisory – Juniper Security Updates

A security researcher testing a Juniper NetScreen Firewall + VPN found multiple stored cross-site scripting vulnerabilities that could be used to elevate privileges through the NetScreen WebUI. A user with the ‘security’ role can inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute …

TTCSIRT-020.071717: TT-CSIRT Advisory – Samba Security Updates

The Samba Team has reported a critical vulnerability in all versions of Samba from 4.0.0 onward using embedded Heimdal Kerberos. A Man-In-The-Middle Attacker may impersonate a trusted server and thus gain elevated access to the domain by returning malicious replication or authorization data. A patch addressing this defect has been posted to https://www.samba.org/samba/security/ while Samba …

TTCSIRT-019.070617: TT-CSIRT Advisory – CISCO Security Updates

Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of a system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates: a) Elastic Services Controller Unauthorized Access Vulnerability – cisco-sa-20170705-esc2 b) Ultra Services Framework …

TTCSIRT-018.070617: TT-CSIRT Advisory – Joomla Security Updates

Joomla has released version 3.7.3 of its Content Management System software to address several vulnerabilities: a) Core – Information Disclosure affecting Joomla 1.7.3-3.7.2 b) Core – XSS Vulnerability affecting Joomla 1.7.3-3.7.2 c) Core – XSS Vulnerability affecting Joomla 1.5.0-3.6.5 Further information on these vulnerability updates and fixes can be found on the Joomla Website at …

TTCSIRT-017.062717: TT-CSIRT Advisory – Petya Ransomware

Date First published: 27/6/2017 1.0 Introduction Discovered: June 27, 2017 Updated: June 27, 2017 12:30pm Type: Ransomware Infection Length: Varies Systems Affected: Client Computers, Servers, Websites This is an alert from TTCSIRT that there are early signs of a new ransomware outbreak currently affecting a large number of countries across the globe such as the …