The U.S. Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a joint cyber security advisory on Royal Ransomware to provide network defenders with the tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. Several local organizations have been affected by Royal ransomware …
The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) is a cutting-edge unit under the Ministry of National Security dedicated to securing and defending the nation’s digital infrastructure from cyber threats. The new logo is intended to highlight the team’s key cybersecurity competencies as well as its unrivaled capacity for securing and defending the …
As we move into the back to back Christmas and New Year holiday weekends the Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) urges all entities to take the necessary precautions to mitigate against rising ransomware attacks. This warning comes as there have been two major ransomware attacks on the financial sector within the …
Citrix has released security updates to address a critical vulnerability in their Citrix ADC or Citrix Gateway products. The vulnerability in question is being tracked as CVE-2022-27518 and is a RCE vulnerability impacting Citrix ADC or Citrix Gateway when configured as a Security Assertion Markup Language (SAML) service provider (SP) or a SAML identity provider …
Fortinet has released a security update to address a critical zero day vulnerability in their FortiOS SSL-VPN product. The vulnerability in question is being tracked as CVE-2022-42475 and is a heap-based buffer overflow in several versions of ForiOS that received a CVSSv3 score of 9.3. A remote, unauthenticated attacker could exploit this vulnerability with a …
Attacks against local entities have been on the rise over the last 3 years and the TT-CSIRT has issued several advisories, alerts and guidance noting this uptick during that time. The necessary increase in digital transformation initiatives being pursued by both the public and private sector also inadvertently increases our viability as a target for …
Emotet is back again with a new campaign displaying many characteristics of older campaigns. Cisco Talos has observed an increased activity of spam distributing this new strain beginning in early November 2022, and the volume of spam and Emotet infrastructure has been increasing since then to target multiple geographies around the world. Emotet is a …
Microsoft has released updates to address multiple vulnerabilities in Microsoft software including: TT-CSIRT encourages users and administrators to review the following releases from Microsoft and apply the necessary updates:
The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) is aware of a phishing email originating from the Ministry of Foreign and CARICOM Affairs’ domain “foreign.gov.tt”. In this respect we are advising all persons not to open any emails received from the Ministry of Foreign and CARICOM Affairs with the following details: Subject: “Re: …
Identity theft is a method used to carry out criminal activity, involving unauthorized use of your name and personal details to either steal from you, or commit a crime in your name. Identity theft can be carried out either online, physically using printed documents, or by a combination of the two. Identity theft today usually …