Government of the Republic of Trinidad and Tobago                                                                                                                                        


Security Advisories

TTCSIRT-245.111319: TT-CSIRT ADVISORY – VMWARE SECURITY UPDATES

Please be advised that VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to take control of an affected system. TTCSIRT encourages users and administrators to review the following releases from VMware and apply the necessary solutions: VMSA-2019-0020 – VMware ESXi, Workstation, and […]

Read More


TTCSIRT-246.111319: TT-CSIRT ADVISORY – INTEL SECURITY UPDATES

Intel has released security updates to address 68 vulnerabilities across multiple products. TTCSIRT encourages users and administrators to review the following releases from Intel and apply the necessary security updates: INTEL-SA-00313 – BMC – https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html INTEL-SA-00280 – UEFI – https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html INTEL-SA-00220 – SGX and TXT – https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00220.html INTEL-SA-00240 – Processor Security – https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00240.html INTEL-SA-00241 – […]

Read More


TTCSIRT-244.110719: TT-CSIRT ADVISORY – PATCH TUESDAY

Today Microsoft’s Patch Tuesday! Microsoft has released their monthly security updates for all supported Windows systems. TTCSIRT encourages users and administrators to update their systems. Visit the following link or more details on the vulnerabilities and issues addressed in this month’s Patch Tuesday: https://portal.msrc.microsoft.com/en-us/security-guidance   As a reminder, there are now 69 days until 20/1/20, […]

Read More


TTCSIRT-242.110719: TT-CSIRT ADVISORY – RANSOMWARE RESPONSE PLAN

In light of the ongoing Emotet malware campaign and the reports of threat actors exploiting the BlueKeep vulnerability, TTCSIRT has developed the following response plan in the event your organization becomes infected with ransomware: Isolate the infected computer(s) immediately – Infected systems should be removed from the network as soon as possible to prevent the […]

Read More


TTCSIRT-243.110719: TT-CSIRT ADVISORY – CISCO SECURITY UPDATES

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. TTCSIRT encourages users and administrators to review the following releases from Cisco and apply the necessary solutions. Issues addressed include the following high level vulnerabilities: CVE-2019-15958 – […]

Read More


TTCSIRT-241.110419: TT-CSIRT ADVISORY – BLUEKEEP ACTIVE EXPLOITATION

There are confirmed reports that the BlueKeep RDP flaw in Windows based systems is now being actively exploited in the wild. BlueKeep (CVE-2019-0708) is a security vulnerability that was discovered in Microsoft’s Remote Desktop Protocol implementation, which allows for the possibility of remote code execution. BlueKeep has the potential to cause significant damage like the […]

Read More


TTCSIRT-240.110119: TT-CSIRT ADVISORY – CHROME SECURITY UPDATES

Google has released Chrome version 78.0.3904.87 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities (CVE-2019-13720) is a zero day as it was detected in exploits in the wild. TTCSIRT encourages users and administrators to review the following release […]

Read More


TTCSIRT-239.102519: TT-CSIRT ADVISORY – EMOTET MALWARE CAMPAIGN

The Australian Cyber Security Centre (ACSC) has released an advisory on an ongoing, widespread Emotet malware campaign. Emotet is a Trojan—commonly spread via malicious email attachments—that attempts to proliferate within a network by brute forcing user credentials and writing to shared drives. ACSC provides indicators of compromise (IOCs) and recommendations to help organizations defend against […]

Read More


TTCSIRT-238.101819: TT-CSIRT ADVISORY – BIND SECURITY UPDATES

The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). BIND is the most common implementation of the DNS protocol on the Internet. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information or cause a denial of service. TTCSIRT […]

Read More


TTCSIRT-237.101619: TT-CSIRT ADVISORY – WORDPRESS SECURITY UPDATES

WordPress version 5.2.4 has been released. WordPress 5.2.3 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. TTCSIRT encourages users and administrators to review the following publications from WordPress and update your website forthwith: New Release Blog Post: https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/ How to […]

Read More