Government of the Republic of Trinidad and Tobago                                                                                                                                        


News

Parts Of Wikipedia Offline After ‘Malicious’ Attack

by ttcsirtadmin | 9th September 2019

Popular online reference website Wikipedia went down in several countries after the website was targeted by what it described as a “malicious attack”. The server of the Wikimedia Foundation, which hosts the site, suffered a “massive” Distributed Denial of Service (DDoS) attack, the organization’s German account said in a tweet late Friday. In a separate […]

Read More

Cisco Releases GhIDA And Ghidraaas Tools For IDA Pro

by ttcsirtadmin | 9th September 2019

Cisco Talos has released two new open source tools for IDA Pro, namely GhIDA, an IDA Pro plugin, and Ghidraaas (Ghidra as a Service), a docker container. The GhIDA plugin integrates the National Security Agency (NSA)’s open-source Ghidra decompiler in the IDA workflow, aiming to provide users with improved navigation and comments, and allowing them […]

Read More

BlueKeep Exploit Added to Metasploit

by ttcsirtadmin | 9th September 2019

An initial public exploit targeting the recently addressed BlueKeep vulnerability in Microsoft Windows has been added to Rapid7’s Metasploit framework. Tracked as CVE-2019-0708, the targeted vulnerability was addressed by Microsoft with its May 2019 Patch Tuesday updates. Within weeks, security researchers observed the first scans for the flaw, and it didn’t take long for attacks […]

Read More

Cloud Providers Improving Security, But Users Need to Up Their Game

by ttcsirtadmin | 6th August 2019

A new report from the Cloud Security Alliance (CSA) on the top threats to cloud computing suggests that service providers are improving their security. Many of today’s threats now stem from organizational management decisions and implementation/configuration weaknesses. The report suggests that “traditional security issues under the responsibility of the CSP seem to be less of […]

Read More

JIRA Misconfiguration Leaks Data of Fortune 500 Companies

by ttcsirtadmin | 6th August 2019

A misconfiguration in the popular JIRA project management software exposed a great deal of data on hundreds of companies, security researcher Avinash Jain reveals. JIRA is used by over 135,000 companies and organization globally, including hundreds of Fortune 500 companies. Some of the organizations impacted include NASA, Google, Yahoo, Go-Jek, HipChat, Zendesk, Sapient, Dubsmash, Western […]

Read More

Industrial Giants Respond to ‘Urgent/11’ Vulnerabilities

by ttcsirtadmin | 6th August 2019

Several major industrial and automation solutions providers have issued advisories in response to the recently disclosed Wind River VxWorks vulnerabilities dubbed Urgent/11. In late July, IoT security firm Armis disclosed eleven vulnerabilities found by its researchers in the VxWorks real time operating system (RTOS). The flaws, six of which have been described as critical, can […]

Read More

Two Windows Privilege Escalation Vulnerabilities Exploited in Attacks

by ttcsirtadmin | 9th July 2019

Microsoft’s July 2019 Patch Tuesday updates fix nearly 80 vulnerabilities, including two Windows zero-day flaws and six issues whose details were previously made public. One of the zero-day vulnerabilities is CVE-2019-0880, which Microsoft describes as a local privilege escalation issue related to how the splwow64.exe component in Windows handles certain calls. Splwow64.exe is designed to […]

Read More

Vulnerability Gives Attackers Remote Access to Zoom Users’ Cameras

by ttcsirtadmin | 9th July 2019

A vulnerability in the Zoom Client for Mac allows a remote attacker to force a user into joining a video call with the video camera active, a security researcher has discovered. Zoom offers “enterprise video conferencing with real-time messaging and content sharing,” allowing users to join meetings from both desktop and mobile devices, for improved […]

Read More

Adobe Fixes Low Priority Flaws

by ttcsirtadmin | 9th July 2019

Adobe’s Patch Tuesday updates for July 2019 address vulnerabilities in the company’s Bridge CC, Experience Manager and Dreamweaver products, but none of the security holes appear serious. The latest update for Bridge CC on Windows and macOS resolves an out-of-bounds memory read issue that can result in information disclosure in the context of the targeted […]

Read More

New Malware Lays P2P Network on Top of IPFS

by ttcsirtadmin | 13th June 2019

A newly discovered piece of malware uses a peer-to-peer (p2p) network on top of InterPlanetary File System’s (IPFS) p2p network, Anomali’s security researchers report. Discovered in May 2019 and dubbed IPStorm, the malware is written in the Go (Golang) programming language and targets Windows machines. Once it has infected a system, the malicious program allows […]

Read More

Page 1 of 101234510...Last »