Fortinet has released a security update to address a critical vulnerability (CVE-2023-33308) affecting FortiOS and FortiProxy. TT-CSIRT encourages administrators to review the following release from Fortinet and take the necessary actions immediately: https://www.fortiguard.com/psirt/FG-IR-23-183
Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents. An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the …
The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) urges all organizations to take the necessary precautions to mitigate against rising ransomware attacks in Trinidad and Tobago. The following resources detail the necessary actions that must be taken to harden your organization: Ransomware Prevention Guide: https://ttcsirt.gov.tt/ransomware-prevention/ Ransomware Response Checklist: https://ttcsirt.gov.tt/ransomware-response-checklist/ Incident Reporting Should your organization fall …
A critical Remote Code Execution vulnerability (CVE-2023-27997) has been identified in multiple versions of Fortinet Fortigate devices when SSL-VPN is enabled. Exploitation of this critical vulnerability could allow a malicious actor to gain remote code execution rights on the affected system, and perform unauthorized actions. TT-CSIRT encourages administrators to review the following release from the …
Barracuda has release new guidance in relation to a zero-day vulnerability discovered in their Email Security Gateway Appliance (ESG). Barracuda’s remediation recommendation at this time is full replacement of the impacted ESG. Impacted ESG appliances must be immediately replaced regardless of patch version level. TT-CSIRT encourages administrators to review the following release and take the …
The Trinidad and Tobago Cyber Security Response Team has observed an increase in the usage of AnyDesk for unauthorized/malicious remote connections, especially in ransomware incidents. We advise our constituents to exercise caution when using this software and be aware of its use within your organization as it could potentially lead to unauthorized access, data breaches, …
VoIP/IP PBX solutions provider 3CX has released a security advisory concerning the compromise of their desktop app for both Windows and MacOS in a supply chain attack. 3CX recommends that users migrate to the PWA app in the interim until the desktop apps are fixed. The PWA app is web-based and is unaffected by the …
The U.S. Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a joint cyber security advisory on Royal Ransomware to provide network defenders with the tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. Several local organizations have been affected by Royal ransomware …
The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) is a cutting-edge unit under the Ministry of National Security dedicated to securing and defending the nation’s digital infrastructure from cyber threats. The new logo is intended to highlight the team’s key cybersecurity competencies as well as its unrivaled capacity for securing and defending the …
As we move into the back to back Christmas and New Year holiday weekends the Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) urges all entities to take the necessary precautions to mitigate against rising ransomware attacks. This warning comes as there have been two major ransomware attacks on the financial sector within the …