Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

TT-CSIRT-422.18.10.23: Cisco Security Vulnerability

Cisco has released a security advisory concerning a critical Privilege Escalation Vulnerability in their IOS XE software. Cisco has identified active exploitation of a previously unknown vulnerability in the Web User Interface (Web UI) feature of Cisco IOS XE software (CVE-2023-20198) when exposed to the internet or untrusted networks. This affects both physical and virtual …

Webinar: Trinidad and Tobago Cyber Threat Landscape Update 2023

The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) of the Ministry of National Security will be hosting a webinar entitled “Trinidad and Tobago Cyber Threat Landscape Update 2023” during cyber security awareness month. TT-CSIRT will provide updates on cyber threats impacting local organizations from the national perspective. The capabilities and capacity of the …

TT-CSIRT-421.13.7.23: Fortinet Security Vulnerability

Fortinet has released a security update to address a critical vulnerability (CVE-2023-33308) affecting FortiOS and FortiProxy. TT-CSIRT encourages administrators to review the following release from Fortinet and take the necessary actions immediately: https://www.fortiguard.com/psirt/FG-IR-23-183

TT-CSIRT-420.11.7.23: Microsoft Windows and Office Zero Day Vulnerability

Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents. An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the …

TT-CSIRT-419.7.7.23: Ransomware Prevention and Response

The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) urges all organizations to take the necessary precautions to mitigate against rising ransomware attacks in Trinidad and Tobago. The following resources detail the necessary actions that must be taken to harden your organization: Ransomware Prevention Guide: https://ttcsirt.gov.tt/ransomware-prevention/ Ransomware Response Checklist: https://ttcsirt.gov.tt/ransomware-response-checklist/ Incident Reporting Should your organization fall …

TT-CSIRT-418.12.6.23: Fortinet Fortigate SSL-VPN Vulnerability

A critical Remote Code Execution vulnerability (CVE-2023-27997) has been identified in multiple versions of Fortinet Fortigate devices when SSL-VPN is enabled. Exploitation of this critical vulnerability could allow a malicious actor to gain remote code execution rights on the affected system, and perform unauthorized actions. TT-CSIRT encourages administrators to review the following release from the …

TT-CSIRT-417.9.6.23: Barracuda Email Security Gateway Appliance (ESG) Vulnerability

Barracuda has release new guidance in relation to a zero-day vulnerability discovered in their Email Security Gateway Appliance (ESG). Barracuda’s remediation recommendation at this time is full replacement of the impacted ESG. Impacted ESG appliances must be immediately replaced regardless of patch version level. TT-CSIRT encourages administrators to review the following release and take the …

TT-CSIRT-416.9.5.23: Beware of AnyDesk for Remote Connection

The Trinidad and Tobago Cyber Security Response Team has observed an increase in the usage of AnyDesk for unauthorized/malicious remote connections, especially in ransomware incidents. We advise our constituents to exercise caution when using this software and be aware of its use within your organization as it could potentially lead to unauthorized access, data breaches, …

TT-CSIRT-415.3.4.23: 3CX Security Advisory

VoIP/IP PBX solutions provider 3CX has released a security advisory concerning the compromise of their desktop app for both Windows and MacOS in a supply chain attack. 3CX recommends that users migrate to the PWA app in the interim until the desktop apps are fixed. The PWA app is web-based and is unaffected by the …

TT-CSIRT-414.3.3.23: Royal Ransomware

The U.S. Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a joint cyber security advisory on Royal Ransomware to provide network defenders with the tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. Several local organizations have been affected by Royal ransomware …