Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

TTCSIRT-322.07.08.20: TT-CSIRT ADVISORY- PALOALTO OS COMMAND INJECTION VULNERABILITY

An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue This issue cannot be exploited if GlobalProtect portal feature is not enabled. This issue impacts PAN-OS 9.1 versions earlier …

TTCSIRT-321.07.08.20: TT-CSIRT ADVISORY- CITRIX MULTIPLE VULNERABILITIES

Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could result in a number of security issues including: Attacks that are limited to the management interface System compromise by an unauthenticated user on the management network. System compromise through Cross …

TTCSIRT-320.07.06.20: TT-CSIRT ADVISORY- F5 BIG-IP VULNERABILITY

The Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the TMUI, through the BIG-IP management port and/or Self IPs, to execute arbitrary system commands, create or delete files, disable …

TTCSIRT-319.06.30.20: TT-CSIRT ADVISORY – PAN-OS AUTHENTICATION BYPASS IN SAML AUTHENTICATION

Paloalto reported a very critical (Severity 10) authentication vulnerability release which affects PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15, and all versions of PAN-OS 8.0 (EOL). This issue does not affect PAN-OS 7.1. The Trinidad and Tobago Cyber Security Incident Response …

TTCSIRT-318.06.24.20: TT-CSIRT ADVISORY – VMWARE ESXI, WORKSTATION AND FUSION VULNERABILITIES

Multiple vulnerabilities exist in VMware ESXi, Workstation and Fusion. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. There are however, workarounds, patches and updates available to remediate these vulnerabilities. The Trinidad and …

TTCSIRT-317.051520: TT-CSIRT ADVISORY – CISCO RELEASES SECURITY UPDATES FOR MULTIPLE PRODUCTS

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Trinidad and Tobago Cyber Security Incident Response Team (TTCSIRT) encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates. For further reference please …

TTCSIRT-316.051520: TT-CSIRT ADVISORY –MICROSOFT RELEASES MAY 2020 SECURITY UPDATES

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Trinidad and Tobago Cyber Security Incident Response Team (TTCSIRT) encourages users and administrators to review Microsoft’s May 2020 Security Update Summary and Deployment Information and apply the necessary updates. For further …

DoppelPaymer Ransomware

TT-CSIRT has observed an uptick in local instances of the DoppelPaymer ransomware. According to Threatpost, DoppelPaymer is an emerging type of ransomware that not only locks companies out of their own computer systems by encrypting files—the hallmark of typical ransomware—but also can exfiltrate company data and use it as collateral. The threat actors have also …

Password Best Practices

A lot of our modern life takes place online and most of our personal information is locked away behind passwords. But is your password secure? Here is a list of password best practices to help secure your online presence. Use a Passphrase The days of crazy and complex passwords are over. Those passwords are hard …

TTCSIRT-315.050420: TT-CSIRT ADVISORY – MICROSOFT RELEASES SECURITY UPDATES FOR MULTIPLE PRODUCTS

Microsoft has released security updates to address multiple vulnerabilities in products that use the Autodesk FBX library. These include Office 2016, Office 2019, Office 365 ProPlus, and Paint 3D. A remote attacker can exploit these vulnerabilities to take control of an affected system. TTCSIRT encourages users and administrators to review Microsoft Advisory ADV200004 and apply …