The TTCSIRT wishes to inform you of a recently identified vulnerability in SonicWall SonicOS. This improper access control issue affects SonicWall SonicOS management access and SSLVPN, potentially allowing unauthorized access to resources and, under certain conditions, causing the firewall to crash. The vulnerability impacts SonicWall Gen 5 and Gen 6 devices, as well as Gen …
The TTCSIRT has received reports from multiple Ministries, Divisions and Agencies of the occurrence of the following phishing campaign. Phishing emails are being received from the “virginmedia[.]com” domain and are impersonating the head of the respective MDA. The phishing email is targeting both personal and corporate email accounts. The emails try to coerce the victim into …
A large-scale outage has occurred due to a broken CrowdStrike cybersecurity update, rendering Windows computers unable to start and affecting much of the world’s infrastructure. The problem stems from an issue with CrowdStrike’s Falcon Sensors, which encountered problems following an early Friday morning update. PLEASE BE ADVISED: Only accept information from the CrowdStrike support …
Please be advised that Citrix has released several important security updates to address vulnerabilities in multiple Citrix products. TTCSIRT encourages administrators to review the following and apply necessary updates: NetScaler ADC and NetScaler Gateway Security Update for CVE-2024-5491 and CVE-2024-5492 NetScaler Console, Agent and SVM Security Update for CVE-2024-6235 and CVE-2024-6236 Citrix Workspace app for HTML5 …
Remote-access VPN systems allow off-site users to tunnel into protected networks, making these entry points vulnerable to exploitation by threat actors. From the Trinidad and Tobago perspective, the exploitation of outdated remote-access VPN systems is one of the most successful attack vectors executed against local organizations. This email serves as a critical reminder about the …
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. The severity of the vulnerability is critical and it carries a CVSS4.0 score of 10. Fixes for PAN-OS …
Microsoft has released security updates to address vulnerabilities in multiple products; the most severe of which could allow for remote code execution. Additionally, two (2) zero day vulnerabilities related to Microsoft products have been identified that are CVE-2024-21351 – Windows SmartScreen Security Feature Bypass Vulnerability and CVE-2024-21412 – Internet Shortcut Files Security Feature Bypass Vulnerability.Affected …
Fortinet has released security updates to address two (2) critical vulnerabilities in FortiOS. TT-CSIRT encourages administrators to review the following releases and take the necessary actions immediately: CVE-2024-21762 – https://www.fortiguard.com/psirt/FG-IR-24-015 CVE-2024-23113 – https://www.fortiguard.com/psirt/FG-IR-24-029 Fortinet has noted that CVE-2024-21762 is potentially being exploited in the wild. If you have any queries, comments or require assistance, please …
Severity: Critical Overview: SonicWall Firewalls CVE-2022-22274 and CVE-2023-0656 have CVSS score of 9.4 and 7.5 respectively. A proof-of-concept has been published therefore the vulnerabilities are more susceptible to exploitation. Affected Systems: Various SonicWall devices, including TZ series, NSa models, NSsp series, and NSv models, are susceptible to the mentioned vulnerabilities. Description: Over 178,000 SonicWall firewalls …
It is with great sadness that we announce the passing of Mr. Angus Smith, a remarkable individual and the dedicated leader of the Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT). Angus was not just a colleague but a beacon of strength, compassion, and expertise in the cybersecurity community. Angus exemplified unwavering commitment, …