Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

IN MEMORY OF ANGUS SMITH

  It is with great sadness that we announce the passing of Mr. Angus Smith, a remarkable individual and the dedicated leader of the Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT). Angus was not just a colleague but a beacon of strength, compassion, and expertise in the cybersecurity community. Angus exemplified unwavering commitment, …

Webinar: Trinidad and Tobago Cyber Threat Landscape Update 2023

The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) of the Ministry of National Security will be hosting a webinar entitled “Trinidad and Tobago Cyber Threat Landscape Update 2023” during cyber security awareness month. TT-CSIRT will provide updates on cyber threats impacting local organizations from the national perspective. The capabilities and capacity of the …

Our New Identity

The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) is a cutting-edge unit under the Ministry of National Security dedicated to securing and defending the nation’s digital infrastructure from cyber threats. The new logo is intended to highlight the team’s key cybersecurity competencies as well as its unrivaled capacity for securing and defending the …

Do the basics well

Attacks against local entities have been on the rise over the last 3 years and the TT-CSIRT has issued several advisories, alerts and guidance noting this uptick during that time. The necessary increase in digital transformation initiatives being pursued by both the public and private sector also inadvertently increases our viability as a target for …

Password Best Practices

A lot of our modern life takes place online and most of our personal information is locked away behind passwords. But is your password secure? Here is a list of password best practices to help secure your online presence. Use a Passphrase The days of crazy and complex passwords are over. Those passwords are hard …

Parts Of Wikipedia Offline After ‘Malicious’ Attack

Popular online reference website Wikipedia went down in several countries after the website was targeted by what it described as a “malicious attack”. The server of the Wikimedia Foundation, which hosts the site, suffered a “massive” Distributed Denial of Service (DDoS) attack, the organization’s German account said in a tweet late Friday. In a separate …

Cisco Releases GhIDA And Ghidraaas Tools For IDA Pro

Cisco Talos has released two new open source tools for IDA Pro, namely GhIDA, an IDA Pro plugin, and Ghidraaas (Ghidra as a Service), a docker container. The GhIDA plugin integrates the National Security Agency (NSA)’s open-source Ghidra decompiler in the IDA workflow, aiming to provide users with improved navigation and comments, and allowing them …

BlueKeep Exploit Added to Metasploit

An initial public exploit targeting the recently addressed BlueKeep vulnerability in Microsoft Windows has been added to Rapid7’s Metasploit framework. Tracked as CVE-2019-0708, the targeted vulnerability was addressed by Microsoft with its May 2019 Patch Tuesday updates. Within weeks, security researchers observed the first scans for the flaw, and it didn’t take long for attacks …

Cloud Providers Improving Security, But Users Need to Up Their Game

A new report from the Cloud Security Alliance (CSA) on the top threats to cloud computing suggests that service providers are improving their security. Many of today’s threats now stem from organizational management decisions and implementation/configuration weaknesses. The report suggests that “traditional security issues under the responsibility of the CSP seem to be less of …

JIRA Misconfiguration Leaks Data of Fortune 500 Companies

A misconfiguration in the popular JIRA project management software exposed a great deal of data on hundreds of companies, security researcher Avinash Jain reveals. JIRA is used by over 135,000 companies and organization globally, including hundreds of Fortune 500 companies. Some of the organizations impacted include NASA, Google, Yahoo, Go-Jek, HipChat, Zendesk, Sapient, Dubsmash, Western …