Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

Our New Identity

The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) is a cutting-edge unit under the Ministry of National Security dedicated to securing and defending the nation’s digital infrastructure from cyber threats. The new logo is intended to highlight the team’s key cybersecurity competencies as well as its unrivaled capacity for securing and defending the …

TT-CSIRT-413.23.12.22: Parang, Pastelle and Ransomware

As we move into the back to back Christmas and New Year holiday weekends the Trinidad  and Tobago Cyber Security Incident Response Team (TT-CSIRT) urges all entities to take the necessary precautions to mitigate against rising ransomware attacks. This warning comes as there have been two major ransomware attacks on the financial sector within the …

TT-CSIRT-412.14.12.22: Critical Citrix ADC and Gateway Vulnerability

Citrix has released security updates to address a critical vulnerability in their Citrix ADC or Citrix Gateway products. The vulnerability in question is being tracked as CVE-2022-27518 and is a RCE vulnerability impacting Citrix ADC or Citrix Gateway when configured as a Security Assertion Markup Language (SAML) service provider (SP) or a SAML identity provider …

TT-CSIRT-411.14.12.22: Critical Fortinet SSL-VPN Vulnerability

Fortinet has released a security update to address a critical zero day vulnerability in their FortiOS SSL-VPN product. The vulnerability in question is being tracked as CVE-2022-42475 and is a heap-based buffer overflow in several versions of ForiOS that received a CVSSv3 score of 9.3. A remote, unauthenticated attacker could exploit this vulnerability with a …

Do the basics well

Attacks against local entities have been on the rise over the last 3 years and the TT-CSIRT has issued several advisories, alerts and guidance noting this uptick during that time. The necessary increase in digital transformation initiatives being pursued by both the public and private sector also inadvertently increases our viability as a target for …

TT-CSIRT-410.9.11.22: New Emotet Malware Campaign

Emotet is back again with a new campaign displaying many characteristics of older campaigns. Cisco Talos has observed an increased activity of spam distributing this new strain beginning in early November 2022, and the volume of spam and Emotet infrastructure has been increasing since then to target multiple geographies around the world. Emotet is a …

TT-CSIRT-409.9.11.22: Microsoft November Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software including: TT-CSIRT encourages users and administrators to review the following releases from Microsoft and apply the necessary updates:

TT-CSIRT-408.31.10.22: Phishing Alert

The Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) is aware of a phishing email originating from the Ministry of Foreign and CARICOM Affairs’ domain “foreign.gov.tt”. In this respect we are advising all persons not to open any emails received from the Ministry of Foreign and CARICOM Affairs with the following details: Subject: “Re: …

Identity Theft

Identity theft is a method used to carry out criminal activity, involving unauthorized use of your name and personal details to either steal from you, or commit a crime in your name. Identity theft can be carried out either online, physically using printed documents, or by a combination of the two. Identity theft today usually …

TT-CSIRT-407.07.10.22: FortiOS Critical Security Vulnerability

Updated 10/10/2022 – Fortinet has issued an official PSIRT advisory that includes workaround steps for those who cannot immediately update their assets: https://www.fortiguard.com/psirt/FG-IR-22-377 Note that updating your device continues to be the preferred recommended action by TT-CSIRT. Original Advisory: Fortinet has released security updates to address a critical vulnerability in its FortiOS (and subsequently FortiGate) …