Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

TTCSIRT-317.051520: TT-CSIRT ADVISORY – CISCO RELEASES SECURITY UPDATES FOR MULTIPLE PRODUCTS

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Trinidad and Tobago Cyber Security Incident Response Team (TTCSIRT) encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates. For further reference please …

TTCSIRT-316.051520: TT-CSIRT ADVISORY –MICROSOFT RELEASES MAY 2020 SECURITY UPDATES

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Trinidad and Tobago Cyber Security Incident Response Team (TTCSIRT) encourages users and administrators to review Microsoft’s May 2020 Security Update Summary and Deployment Information and apply the necessary updates. For further …

DoppelPaymer Ransomware

TT-CSIRT has observed an uptick in local instances of the DoppelPaymer ransomware. According to Threatpost, DoppelPaymer is an emerging type of ransomware that not only locks companies out of their own computer systems by encrypting files—the hallmark of typical ransomware—but also can exfiltrate company data and use it as collateral. The threat actors have also …

Password Best Practices

A lot of our modern life takes place online and most of our personal information is locked away behind passwords. But is your password secure? Here is a list of password best practices to help secure your online presence. Use a Passphrase The days of crazy and complex passwords are over. Those passwords are hard …

TTCSIRT-315.050420: TT-CSIRT ADVISORY – MICROSOFT RELEASES SECURITY UPDATES FOR MULTIPLE PRODUCTS

Microsoft has released security updates to address multiple vulnerabilities in products that use the Autodesk FBX library. These include Office 2016, Office 2019, Office 365 ProPlus, and Paint 3D. A remote attacker can exploit these vulnerabilities to take control of an affected system. TTCSIRT encourages users and administrators to review Microsoft Advisory ADV200004 and apply …

TTCSIRT-314.050420: TT-CSIRT ADVISORY – JUNIPER RELEASES SECURITY UPDATES FOR JUNOS OS

Juniper has released security updates to address a vulnerability affecting multiple versions of Junos operating systems. A remote attacker can exploit this vulnerability to take control of an affected system. TTCSIRT encourages users and administrators to review Juniper Security Advisory JSA 11021 and apply the necessary updates: https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11021

TTCSIRT-313.050420: TT-CSIRT ADVISORY – SUSE SECURITY UPDATE FOR APACHE2

Suse has released security update for Apache2 to address three vulnerabilities such as CVE-2020-1927, CVE-2020-1934 and CVE-2020-1938. This update fixes the following issues: CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect (bsc#1168407). CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server (bsc#1168404). CVE-2020-1938: mod_proxy_ajp: Add “secret” parameter to proxy workers to implement …

TTCSIRT-312.050420: TT-CSIRT ADVISORY – VMWARE ESXI STORED CROSS-SITE SCRIPTING (XSS) VULNERABILITY

A Stored Cross-Site Scripting (XSS) vulnerability in VMware ESXi was privately reported to VMware. Patches are available to address this vulnerability in affected VMware products. VMware ESXi patches address Stored Cross-Site Scripting (XSS) vulnerability (CVE-2020-3955). The VMware ESXi Host Client does not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the …

TTCSIRT-311.050420: TT-CSIRT ADVISORY – AUTHENTICATION BYPASS IN FORTIMAIL AND FORTIVOICE ENTERPRISE

An improper authentication vulnerability in FortiMail and FortiVoiceEntreprise may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user interface. As a result, this can lead to Improper Access Control. Products Affected: FortiMail versions 5.4.10 and below.FortiMail versions 6.0.7 and below.FortiMail versions 6.2.2 and …

IC3 RELEASES ALERT ON EXTORTION EMAIL SCAMS

The Internet Crime Complaint Center (IC3) has released an alert warning of a recent increase in extortion email scams during the current “stay-at-home” orders due to the COVID-19 crisis. Cyber criminals threaten to release sexually explicit photos or videos of victims unless they agree to send payment. TTCSIRT encourages everyone to review the IC3 Alert …