Advisories

Advisory: FortiBleed Credential Leak Exposes Thousands of Fortinet VPN Devices Worldwide
Recent reports from cybersecurity researchers have identified a large-scale credential exposure event, known as FortiBleed, involving credentials associated with Fortinet VPN and firewall devices worldwide. The exposed data reportedly includes usernames, email addresses, and plaintext passwords linked to approximately 73,000 Fortinet-related endpoints across 194 countries. While the incident is not currently attributed to a newly discovered Fortinet vulnerability, the exposure of valid credentials significantly increases

Stay Sharp: Your Phishing and Smishing Survival Kit Body
Cybercriminals are getting smarter but so can you. The National Computer Incident Response Team of The Bahamas (CIRT‑BS) has launched the Phishing and Smishing Survival Kit to help you spot fake messages before they trap you. Verify the URL: Official Bahamas government websites always end with .bs or .com. Spot the fakes: Beware of look‑alike domains such as .bs.com or .lbs — they’re designed to

Advisory: Beware of Fraudulent NIB Smart Card Renewal Text Scam
CIRT‑BS warns the public about fraudulent messages impersonating the National Insurance Board (NIB). These scams aim to deceive recipients into clicking unsafe links or sharing personal information under the guise of renewing their NIB Smart Card. The National Insurance Board has officially confirmed that it does not send renewal notifications via text message. Any message requesting Smart Card renewal through a link is fraudulent. How

Advisory: Fake Traffic Fine Payment Scam
The National Computer Incident Response Team of The Bahamas (CIRT-BS) is aware of fraudulent websites impersonating legitimate government services and attempting to collect fake traffic fine payments. These scams use social engineering tactics to create fear, urgency, and pressure individuals into submitting sensitive financial information online. To help protect yourself: ✔️ Verify traffic fines only through official government channels ✔️ Carefully inspect website addresses before
Actively Exploited SQL Injection in FortiClient EMS
ⓘ We are reaching out to let you know that a critical, actively exploited vulnerability has been identified in Fortinet’s FortiClient EMS platform. Attention constituent: A vulnerability has been discovered in Fortinet’s FortiClient EMS platform that allows a threat actor to run unauthorised commands on the server by sending a specially crafted web request. Active exploitation of this vulnerability has been confirmed by threat intelligence
CISCO AsyncOS Zero Day Vulnerability
ⓘ We are reaching out to let you know that there is a newly identified advanced persistent threat (APT) that has been exploiting a zero-day vulnerability in Cisco email security appliances that run AsyncOS. Attention constituent: There has been a newly identified APT, that has been exploiting a zero-day vulnerability in all Cisco email security appliances that have AsyncOS as their underlying operating system. AsyncOS
Threat Actors Hijacking Microsoft Teams Accounts
ⓘ We are reaching out to let you know there is a vulnerability in Microsoft Teams that allows threat actors to impersonate valid users. Attention constituent: A vulnerability in Microsoft Teams can allow both external & insider threat actors to spoof identities, manipulate messages and notifications, and forge caller names in calls. Teams is a trusted collaboration tool, these manipulations make social-engineering attacks (tricks that
New Advisory: Beware Fraudulent Hurricane Melissa Relief Websites
ⓘ We are reaching out to let you know that of fraudulent and malicious websites scamming victims via fake Hurricane Melissa relief donation charities/organisations. Attention constituent: We are issuing this advisory to warn the general public of The Bahamas that there is an increase of fake website domains that are soliciting donations for relief funds with reference to Hurricane Melissa and the impact that it
LockBit 5.0 Ransomware Threat Resurgence Alert
ⓘ We are reaching out to let you know that a new variant of the LockBit ransomware, known as LockBit 5.0, has recently emerged. Attention constituent: A new version of the LockBit ransomware, known as LockBit 5.0, has been observed following the disruption of the group’s operations earlier in 2024. The threat actors behind LockBit remain active and continue to refine their ransomware. The new version

Advisory: FortiBleed Credential Leak Exposes Thousands of Fortinet VPN Devices Worldwide
Recent reports from cybersecurity researchers have identified a large-scale credential exposure event, known as FortiBleed, involving credentials associated with Fortinet VPN and firewall devices worldwide.

Stay Sharp: Your Phishing and Smishing Survival Kit Body
Cybercriminals are getting smarter but so can you. The National Computer Incident Response Team of The Bahamas (CIRT‑BS) has launched the Phishing and Smishing Survival

Advisory: Beware of Fraudulent NIB Smart Card Renewal Text Scam
CIRT‑BS warns the public about fraudulent messages impersonating the National Insurance Board (NIB). These scams aim to deceive recipients into clicking unsafe links or sharing

Advisory: Fake Traffic Fine Payment Scam
The National Computer Incident Response Team of The Bahamas (CIRT-BS) is aware of fraudulent websites impersonating legitimate government services and attempting to collect fake traffic
Actively Exploited SQL Injection in FortiClient EMS
ⓘ We are reaching out to let you know that a critical, actively exploited vulnerability has been identified in Fortinet’s FortiClient EMS platform. Attention constituent:
CISCO AsyncOS Zero Day Vulnerability
ⓘ We are reaching out to let you know that there is a newly identified advanced persistent threat (APT) that has been exploiting a zero-day
Threat Actors Hijacking Microsoft Teams Accounts
ⓘ We are reaching out to let you know there is a vulnerability in Microsoft Teams that allows threat actors to impersonate valid users. Attention
New Advisory: Beware Fraudulent Hurricane Melissa Relief Websites
ⓘ We are reaching out to let you know that of fraudulent and malicious websites scamming victims via fake Hurricane Melissa relief donation charities/organisations. Attention
LockBit 5.0 Ransomware Threat Resurgence Alert
ⓘ We are reaching out to let you know that a new variant of the LockBit ransomware, known as LockBit 5.0, has recently emerged. Attention
Cisco IOS: SNMP Denial Of Service and Remote Code Execution Vulnerability
ⓘ We are reaching out to let you know that Cisco IOS is vulnerable and can be exploited via Remote Code Execution by attacker to
Microsoft Security: Windows Server Update Service
ⓘ We are reaching out to let you know that Windows Server Update Service is vulnerable and can be exploited via Remote Code Execution by
Regional Spike in Medusa Ransomware
ⓘ We are reaching out to let you know there has been a sharp rise in Vadir infostealer infections globally, posing a growing threat to
Vidar Infostealer Spyware on The Rise
ⓘ We are reaching out to let you know there has been a sharp rise in Vadir infostealer infections globally, posing a growing threat to
New Advisory: Critical SonicWall SSL-VPN Zero-Day Exploit
ⓘ We are reaching out to let you know about a zero-day security vulnerability in Gen 7 SonicWall firewalls that attackers are currently exploiting. Advisory
Deepfake Investment Scam Continues to Evolve
ⓘ This advisory is about an ongoing scam campaign containing deepfake video content of senior government officials. The scams are designed to trick you into
New Advisory: Fake Investment Scams Using Deepfake Videos
ⓘ This advisory addresses fake investment scams. CIRT-BS is urging the public to stay vigilant as new scams circulate online and fraudulent websites are impersonating
New Advisory: Active Exploitation of Ivanti Vulnerabilities
ⓘ Attackers are targeting Ivanti Connect Secure appliances using known vulnerabilities. Attackers may sometimes maintain persistent, undetected access even after patching systems. Advisory Overview Advisory
New Advisory: Critical Exploitation of Known Fortinet Vulnerabilities
ⓘ We are reaching out to let you know about ongoing attacks targeting Fortinet devices using known vulnerabilities. In some cases, the attackers can remain
New Advisory: Critical Vulnerability Found in Remote Access VPNs
ⓘ Your system could be at risk of being affected by several CVEs targeting SSL VPNs. CIRT-BS is advising that unpatched VPN devices are being
New Advisory: (Critical) Authentication Bypass Vulnerability (FortiOS, FortiProxy, and FortiSwitch Manager)
ⓘ This advisory addresses a critical vulnerability impacting FortiOS, FortiProxy, and FortiSwitchManager platforms. Attention constituent: CVE-2022-40684 is a critical authentication bypass vulnerability impacting Fortinet’s FortiOS,

