Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

Increase in ransomware attacks targeting public and private entities in Trinidad and Tobago

The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) has observed a significant increase in ransomware attacks targeting local organizations. Ransomware is a type of malware that prevents users from accessing their system or files and demands a ransom payment in order to regain access. Threat actors have also threaten to publish or sell …

TTCSIRT-382.12.03.20: TT-CSIRT ADVISORY – Mozilla Releases Security Update for Thunderbird

Mozilla has released a security update to address a vulnerability in Thunderbird. An attacker could exploit this vulnerability to take control of an affected system. It is encouraged that users and administrators to review the Mozilla Security Advisory for and apply the necessary update. Please visit the link below:Thunderbird 78.5.1

TTCSIRT-381.12.03.20: TT-CSIRT ADVISORY – Xerox Releases Security Updates for DocuShare

Xerox has released security updates for DocuShare 6.6.1, 7.0, and 7.5 to address a vulnerability that could allow an unauthenticated attacker to obtain sensitive information. It is urged that users and administrators review Xerox and apply the necessary updates. Please visit the link below:Mini Bulletin XRX20W

TTCSIRT-380.12.03.20: TT-CSIRT ADVISORY – Apple Releases Security Updates for iCloud for Windows

Apple has released security updates to address vulnerabilities in iCloud for Windows. An attacker could exploit some of these vulnerabilities to take control of an affected system. It is encouraged that users and administrators review the Apple security page for and apply the necessary updates. Please visit the link provided below:iCloud for Windows 11.5

TTCSIRT-379.11.25.20: TT-CSIRT ADVISORY – VMware Releases Workarounds for CVE-2020-4006

VMware has released workarounds to address a vulnerability—CVE-2020-4006—in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. An attacker could exploit this vulnerability to take control of an affected system. It is encouraged, users and administrators review VMware Security Advisory and apply the necessary workarounds. For further information, please visit the link below:VMSA-2020-0027

TTCSIRT-378.11.17.20: TT-CSIRT ADVISORY – Cisco Releases Security Updates for Security Manager

Cisco has released security updates to address vulnerabilities in Cisco Security Manager. A remote attacker could exploit these vulnerabilities to obtain sensitive information. It is encouraged that users and administrators, review the following Cisco Security Advisories and apply the necessary updates. Cisco Security Manager Path Traversal Vulnerability cisco-sa-csm-path-trav-NgeRnqgR Cisco Security Manager Static Credential Vulnerability cisco-sa-csm-rce-8gjUz

TTCSIRT-377.11.16.20: TT-CSIRT ADVISORY – Cisco Releases Security Update for IOS XR Software

Cisco has released a security update to address a vulnerability in IOS XR Software for ASR 9000 Series Aggregation Services Routers. An unauthenticated, remote attacker could exploit this vulnerability to cause a denial-of-service condition. It is encouraged that users and administrators, review and apply the necessary update. Fur further information and support, please visit the link below:Cisco security …

TTCSIRT-376.11.16.20: TT-CSIRT ADVISORY – Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. It is encouraged that users and administrators, review the Adobe security advisories and apply the necessary updates. For advisory information and updates, please visit the links below:Adobe ConnectAdobe Reader for …

TTCSIRT-375.11.16.20: TT-CSIRT ADVISORY – Google Releases Security Updates for Chrome

Google has released Chrome version 86.0.4240.198 for Windows, Mac, and Linux. This version addresses CVE-2020-16013 and CVE-2020-16017. An attacker could exploit one of these vulnerabilities to take control of an affected system. These vulnerabilities have been detected in exploits in the wild. It is encouraged that users and administrators, review the following resources and apply the necessary …

TTCSIRT-374.11.16.20: TT-CSIRT ADVISORY – Apple Releases Security Updates

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Some of these vulnerabilities have been detected in exploits in the wild. It is encouraged that users and administrators, review the Apple security pages and apply the necessary updates. For further …

TTCSIRT-THREAT ALERT: Ransomware Activity Targeting the Healthcare and Public Health Sector

Please be advised, there is an observed significant increase in ransomware attacks targeting Healthcare and the Health Sector in neighboring countries. Ransomware is a type of malware that prevents users from accessing their system or files and demands a ransom payment in order to regain access. Threat actors have also threaten to publish or sell …