Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

TTCSIRT-031.080917: TT-CSIRT Advisory – Mozilla Security Updates

Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR: a) Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. b) A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is …

State Of Malware Report 2017

The year 2016 saw, yet again, the threats malware posed: 1. Ransomware grabbed headlines and became the favorite attack methodology used against businesses. 2. Ad fraud malware, led by Kovter malware, exceeded ransomware detections at times and poses a substantial threat to consumers and businesses. 3. Botnets infected and recruited Internet of Things devices to …

Mobile Security Report 2016

As mobility and BYOD grow in the workplace, so do challenges from managing bandwidth and device access to handling the most pressing concerns of security. The 2016 BYOD and Mobile Security Report focuses on these security challenges and offers fresh insights on the state of mobile threats and solutions. The BYOD and Mobile Security Report …

How To Recover A Hacked Twitter Account

What you do after having your twitter account hacked depends on two things: whether you can gain control of your account and what crisis communications plan your business has in place. Read about the steps you can take to handle a hacked twitter account by referring to the TTCSIRT article entitled How To Recover A …

Social Media Threats To Be Aware Of

Social networking sites like Facebook, Twitter, Instagram, Google +, and many other popular online hubs link us together in a digital society where we can make the most out of our social liberties. More businesses are also starting to re-allocate budgets towards social media in place of traditional advertising. While there are numerous benefits to …

TTCSIRT-030.080417: TT-CSIRT Advisory – CISCO Security Updates

Cisco has released updates to address several vulnerabilities affecting the following products: a) Identity Services Engine Authentication – a vulnerability in the authentication module of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to bypass local authentication. This is due to improper handling of authentication requests and policy assignment for externally authenticated users. …

TTCSIRT-029.073117: TT-CSIRT Advisory – Microsoft Security Updates

Microsoft has released a security update for Microsoft Office Outlook stating An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special document file …

TTCSIRT-028.073117: TT-CSIRT Advisory – McAfee Security Updates

McAfee has released a security bulletin to address multiple vulnerabilities in Web Gateway: a) CVE-2012-6706 – a VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution. b) CVE-2017-1000364 – an issue was discovered in the …

British Hacker Convicted in Germany of Major Cyber Attack

A British man was handed a suspended jail sentence by a German court Friday for a massive cyber attack against Deutsche Telekom last year. The regional court in the western city of Cologne said it would suspend the sentence of one year and eight months against the defendant, Daniel Kaye, following pleas to this effect …

TrickBot Trojan Gets Worm-Like Infection Powers

A newly observed version of the TrickBot banking Trojan includes a worm-like malware propagation module that allows it to spread locally via Server Message Block (SMB), Flashpoint security researchers warn. Built by the Dyre gang, TrickBot emerged last summer when it was still under development, but quickly became a fully-operational threat. By the end of …