The Trinidad and Tobago Cyber Security Response Team has observed an increase in the usage of AnyDesk for unauthorized/malicious remote connections, especially in ransomware incidents. We advise our constituents to exercise caution when using this software and be aware of its use within your organization as it could potentially lead to unauthorized access, data breaches, …
VoIP/IP PBX solutions provider 3CX has released a security advisory concerning the compromise of their desktop app for both Windows and MacOS in a supply chain attack. 3CX recommends that users migrate to the PWA app in the interim until the desktop apps are fixed. The PWA app is web-based and is unaffected by the …
The U.S. Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a joint cyber security advisory on Royal Ransomware to provide network defenders with the tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. Several local organizations have been affected by Royal ransomware …
The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) is a cutting-edge unit under the Ministry of National Security dedicated to securing and defending the nation’s digital infrastructure from cyber threats. The new logo is intended to highlight the team’s key cybersecurity competencies as well as its unrivaled capacity for securing and defending the …
As we move into the back to back Christmas and New Year holiday weekends the Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) urges all entities to take the necessary precautions to mitigate against rising ransomware attacks. This warning comes as there have been two major ransomware attacks on the financial sector within the …
Citrix has released security updates to address a critical vulnerability in their Citrix ADC or Citrix Gateway products. The vulnerability in question is being tracked as CVE-2022-27518 and is a RCE vulnerability impacting Citrix ADC or Citrix Gateway when configured as a Security Assertion Markup Language (SAML) service provider (SP) or a SAML identity provider …
Fortinet has released a security update to address a critical zero day vulnerability in their FortiOS SSL-VPN product. The vulnerability in question is being tracked as CVE-2022-42475 and is a heap-based buffer overflow in several versions of ForiOS that received a CVSSv3 score of 9.3. A remote, unauthenticated attacker could exploit this vulnerability with a …
Attacks against local entities have been on the rise over the last 3 years and the TT-CSIRT has issued several advisories, alerts and guidance noting this uptick during that time. The necessary increase in digital transformation initiatives being pursued by both the public and private sector also inadvertently increases our viability as a target for …
Emotet is back again with a new campaign displaying many characteristics of older campaigns. Cisco Talos has observed an increased activity of spam distributing this new strain beginning in early November 2022, and the volume of spam and Emotet infrastructure has been increasing since then to target multiple geographies around the world. Emotet is a …
Microsoft has released updates to address multiple vulnerabilities in Microsoft software including: TT-CSIRT encourages users and administrators to review the following releases from Microsoft and apply the necessary updates: