Alerts Archives

New Advisory: Fake Investment Scams Using Deepfake Videos

ⓘ This advisory addresses fake investment scams. CIRT-BS is urging the public to stay vigilant as new scams circulate online and fraudulent websites are impersonating local media houses to promote a fake investment opportunity linked to Central Bank of The Bahamas. To boost credibility and traffic, the scammers are using artificial intelligence to generate “deepfake” […]

New Advisory: Fake Investment Scams Using Deepfake Videos Read More »

New Advisory: Active Exploitation of Ivanti Vulnerabilities

ⓘ Attackers are targeting Ivanti Connect Secure appliances using known vulnerabilities. Attackers may sometimes maintain persistent, undetected access even after patching systems. Advisory Overview Advisory Type Technical Author Marcus Knowles Date 17 April 2025 Ivanti and CISA recently reported active exploitation of several critical vulnerabilities in Ivanti network access security appliances. UNC5221, a China-linked threat

New Advisory: Active Exploitation of Ivanti Vulnerabilities Read More »

New Advisory: Critical Exploitation of Known Fortinet Vulnerabilities

ⓘ We are reaching out to let you know about ongoing attacks targeting Fortinet devices using known vulnerabilities. In some cases, the attackers can remain undetected even after patching. Attention constituent: Fortinet and CISA recently reported active exploitation of several known vulnerabilities in Fortinet devices. These include switches, firewalls, and other related products, many of

New Advisory: Critical Exploitation of Known Fortinet Vulnerabilities Read More »

New Advisory: Critical Vulnerability Found in Remote Access VPNs

ⓘ Your system could be at risk of being affected by several CVEs targeting SSL VPNs. CIRT-BS is advising that unpatched VPN devices are being actively scanned for vulnerabilities. These include many widely used brands detailed below. The attacks are using previously breached credentials and brute force to bypass weak or misconfigured MFA to access

New Advisory: Critical Vulnerability Found in Remote Access VPNs Read More »

New Advisory: (Critical) Authentication Bypass Vulnerability (FortiOS, FortiProxy, and FortiSwitch Manager)

ⓘ This advisory addresses a critical vulnerability impacting FortiOS, FortiProxy, and FortiSwitchManager platforms. Attention constituent: CVE-2022-40684 is a critical authentication bypass vulnerability impacting Fortinet’s FortiOS, FortiProxy, and FortiSwitchManager platforms. This flaw enables attackers to gain unauthorised administrative access, potentially leading to system compromise, data theft, and operational disruption. A leaked list of 15,000 vulnerable IP

New Advisory: (Critical) Authentication Bypass Vulnerability (FortiOS, FortiProxy, and FortiSwitch Manager) Read More »

New Advisory: (Critical) FortiOS Vulnerability

ⓘ This advisory addresses a critical vulnerability impacting FortiOS systems (CVE-2024-55591). Attention constituent: A critical vulnerability (CVE-2024-55591) has been identified in Fortinet’s FortiOS systems. This vulnerability stems from an authentication bypass flaw in the FortiOS web management interface. Exploitation of this vulnerability allows remote, unauthenticated attackers to gain unauthorised administrative access and execute arbitrary actions

New Advisory: (Critical) FortiOS Vulnerability Read More »

PRESS RELEASE: he Bahamas Strengthens Cybersecurity with National Cybersecurity Strategy Launch and Multi-day Workshop

NASSAU, The Bahamas—The country took a significant leap forward in safeguarding its digital infrastructure with the official launch of the National Cybersecurity Strategy (NCS) for The Bahamas. The Cabinet-approved strategy outlines the plan for The Bahamas to fortify its cybersecurity framework amid the rising global threat of cyber attacks. The launch of the NCS marked

PRESS RELEASE: he Bahamas Strengthens Cybersecurity with National Cybersecurity Strategy Launch and Multi-day Workshop Read More »

New Advisory: (Critical) FortiManager Zero-Day Exploitation

ⓘ This advisory addresses a zero-day vulnerability impacting FortiManager and FortiManagerCloud. Attention constituent: A known, successfully exploited critical zero-day vulnerability (CVE-2024-47575) has been identified in Fortinet’s FortiManager and FortiManager Cloud platforms. This vulnerability stems from missing authentication in the FortiGate to FortiManager (FGFM) daemon (fgfmsd). Exploitation of this flaw allows remote, unauthenticated attackers to execute arbitrary code or commands via specially crafted

New Advisory: (Critical) FortiManager Zero-Day Exploitation Read More »

WhatsApp Account Hijacking Scams Advisory

ⓘ This advisory addresses an increase in compromised WhatsApp accounts. Attention constituent: CIRT-BS is advising members of the public to stay alert as a sophisticated scam targeting WhatsApp users is on the rise. Cybercriminals are hacking accounts and deceiving users’ friends and family into sending money by posing as trusted contacts. How the Scam Works Scammers

WhatsApp Account Hijacking Scams Advisory Read More »

New Advisory: CrowdStrike Update Crashes Windows Systems Worldwide

ⓘ This advisory addresses a recent update to CrowdStrike’s Falcon sensor which has led to widespread Blue Screen of Death errors. Attention Microsoft service users: A recent update to CrowdStrike’s Falcon sensor has led to widespread Blue Screen of Death (BSOD) errors on Windows hosts, resulting in disruptions locally to several services, including payment processing,

New Advisory: CrowdStrike Update Crashes Windows Systems Worldwide Read More »

Alerts

Contact us