Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

TTCSIRT-390.03.03.21:TTCSIRT ADVISORY – Critical Microsoft Exchange Server Security Updates

Updated for March 12, 2021 Microsoft has released out-of-band security updates to address multiple vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019. The United States Cyber and Infrastructure Security Agency (CISA) reports that successful exploitation of these vulnerabilities allows an attacker to execute arbitrary code on vulnerable Exchange Servers, enabling the attacker to gain …

Increase in ransomware attacks targeting public and private entities in Trinidad and Tobago

The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) has observed a significant increase in ransomware attacks targeting local organizations. Ransomware is a type of malware that prevents users from accessing their system or files and demands a ransom payment in order to regain access. Threat actors have also threaten to publish or sell …

TTCSIRT-396.07.01.21 TTCSIRT ADVISORY- CRITICAL WINDOWS PRINT SPOOLER VULNERABILITY

Updated – July 7, 2021 Microsoft has released out-of-band security updates to address the remote code execution (RCE) vulnerability (CVE-2021-34527) in the Windows Print spooler service. Please review the following update guide from Microsoft and apply the necessary security patches immediately: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527 Updated – 6 July, 2021 Please review Microsoft’s updated guidance for the Print …

TTCSIRT-THREAT ALERT: WhatsApp Account Takeover Attack

WhatsApp Account Takeover Attack Advice The TTCSIRT urges the public to continue reporting these cyber-crime incidents to TTPS Cyber-Crime Unit via their website, https://www.ttps.gov.tt/Report-A-Crime, email  cybercrime@ttps.gov.tt or call 612-0742, 715-2072. About stolen WhatsApp accounts You should never share your WhatsApp SMS verification code with others, not even friends or family. If you’re tricked into sharing …

TTCSIRT-THREAT ALERT: Social Engineering Tactics Targeting Trinidad and Tobago Citizens

Over the past couple weeks, numerous reports have been made by citizens of Trinidad and Tobago regarding cyber-crime incidents which include: • Phishing – Phishing involves sending emails, texts or making calls to persons aimed at creating a sense of urgency, curiosity or fear in victims which results in them revealing sensitive information (address, credentials, …

TTCSIRT-395.05.14.21 TTCSIRT ADVISORY- MICROSOFT MSRC MAY 2021 SECURITY UPDATES

This release consists of security updates for the following products, features and roles. .NET Core & Visual Studio HTTP.sys Internet Explorer Microsoft Accessibility Insights for Web Microsoft Bluetooth Driver Microsoft Dynamics Finance & Operations Microsoft Edge (Chromium-based) Microsoft Exchange Server Microsoft Graphics Component Microsoft Office Microsoft Office Access Microsoft Office Excel Microsoft Office SharePoint Microsoft …

TTCSIRT-394.05.14.21 TTCSIRT ADVISORY- WORDPRESS 5.7.2 SECURITY RELEASE

WordPress 5.7.2 is now available. This security release features one security fix. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated. WordPress 5.7.2 is a short-cycle security release. The next major release will be version 5.8. You can update to …

TTCSIRT-393.04.27.21 TTCSIRT ADVISORY- NSA-CISA-FBI JOINT ADVISORY ON RUSSIAN SVR TARGETING U.S. AND ALLIED NETWORKS

The Cybersecurity & Infrastructure Security Agency (CISA), National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) of the United States have released a Joint Cybersecurity Advisory (CSA) on Russian Foreign Intelligence Service (SVR) actors scanning for and exploiting vulnerabilities to compromise U.S. and allied networks, including national security and government-related systems. Specifically, SVR actors are …

TTCSIRT-392.04.15.21 TTCSIRT ADVISORY- APPLY MICROSOFT APRIL 2021 SECURITY UPDATE TO MITIGATE NEWLY DISCLOSED MICROSOFT EXCHANGE VULNERABILITIES

Microsoft’s April 2021 Security Update mitigates significant vulnerabilities affecting on-premises Exchange Server 2013, 2016, and 2019. An attacker could exploit these vulnerabilities to gain access and maintain persistence on the target host. The Cybersecurity & Infrastructure Security Agency (CISA) strongly urges organizations to apply Microsoft’s April 2021 Security Update to mitigate against these newly disclosed vulnerabilities. …

TTCSIRT- 391.03.17.21: TTCSIRT ADVISORY- MICROSOFT RELEASES EXCHANGE ON-PREMISES MITIGATION TOOL

Microsoft has released the Exchange On-premises Mitigation Tool (EOMT.ps1) that can automate portions of both the detection and patching process. Microsoft stated the following along with the release: “[the tool is intended] to help customers who do not have dedicated security or IT teams to apply these security updates. The United States of America’s Cybersecurity and Infrastructure …

TTCSIRT-389.02.04.21: TTCSIRT ADVISORY- SMA 100 SERIES 10.X FIRMWARE ZERO-DAY VULNERABILITY

Please be advised that SonicWall is announcing the availability of an SMA 100 series firmware 10.2.0.5-29sv update to patch a zero-day vulnerability on SMA 100 series 10.x code. All SMA 100 series users must apply this patch IMMEDIATELY to avoid potential exploitation. Affected SMA 100 Devices with 10.x Firmware that Require the Critical Patch: Physical Appliances: SMA 200, SMA 210, SMA 400, SMA …