Updates
Vidar Infostealer Spyware on The Rise
ⓘ We are reaching out to let you know there has been a sharp rise in Vadir infostealer infections globally, posing a growing threat to your data. Advisory Overview Advisory Type Technical Author Emilio Smith Date 15 September 2025 There has been a noticeable increase in Vidar spyware infections affecting systems worldwide. Vidar is a type of malicious software (spyware) that quietly collects sensitive information
New Advisory: Critical SonicWall SSL-VPN Zero-Day Exploit
ⓘ We are reaching out to let you know about a zero-day security vulnerability in Gen 7 SonicWall firewalls that attackers are currently exploiting. Advisory Overview Advisory Type Technical Author Emilio Smith Date 15 August 2025 There is an ongoing threat of attacks from the Akira ransomware group targeting Gen 7 SonicWall firewalls where SSL-VPN has been enabled. This group is exploiting a zero-day vulnerability,
Deepfake Investment Scam Continues to Evolve
ⓘ This advisory is about an ongoing scam campaign containing deepfake video content of senior government officials. The scams are designed to trick you into sharing your personal information or making a payment. Threat actors are creating “copycat” versions of local news websites to make their scams look legitimate, and solicit personal information and payments. They use social media websites like Facebook and WhatsApp to
New Advisory: Fake Investment Scams Using Deepfake Videos
ⓘ This advisory addresses fake investment scams. CIRT-BS is urging the public to stay vigilant as new scams circulate online and fraudulent websites are impersonating local media houses to promote a fake investment opportunity linked to Central Bank of The Bahamas. To boost credibility and traffic, the scammers are using artificial intelligence to generate “deepfake” videos of various news personalities as well as Central Bank
New Advisory: Active Exploitation of Ivanti Vulnerabilities
ⓘ Attackers are targeting Ivanti Connect Secure appliances using known vulnerabilities. Attackers may sometimes maintain persistent, undetected access even after patching systems. Advisory Overview Advisory Type Technical Author Marcus Knowles Date 17 April 2025 Ivanti and CISA recently reported active exploitation of several critical vulnerabilities in Ivanti network access security appliances. UNC5221, a China-linked threat group, uses these vulnerabilities to break into networks, deploy custom
New Advisory: Critical Exploitation of Known Fortinet Vulnerabilities
ⓘ We are reaching out to let you know about ongoing attacks targeting Fortinet devices using known vulnerabilities. In some cases, the attackers can remain undetected even after patching. Attention constituent: Fortinet and CISA recently reported active exploitation of several known vulnerabilities in Fortinet devices. These include switches, firewalls, and other related products, many of which are widely used for secure remote access. Attackers are
New Advisory: Critical Vulnerability Found in Remote Access VPNs
ⓘ Your system could be at risk of being affected by several CVEs targeting SSL VPNs. CIRT-BS is advising that unpatched VPN devices are being actively scanned for vulnerabilities. These include many widely used brands detailed below. The attacks are using previously breached credentials and brute force to bypass weak or misconfigured MFA to access devices and/or deploy ransomware. Advisory Overview Advisory Type Technical Author
Sametria McKinney – Inspiring More Women to Pursue a Cybersecurity Career
ISC2 Global Achievement Award winner Sametria McKinney, CISSP, talked to ISC2 Insights about the importance of creating more opportunities for women to join the cybersecurity workforce and to undertake an educational path into cybersecurity. With a particular passion to help more women and girls in school in her native Bahamas and her hometown to follow a cybersecurity career path, McKinney believes that pursuing, recruiting and

PRESS RELEASE: THE BAHAMAS TRAINS 150+ COUNSELLORS TO LEAD THE CHARGE IN CHILD ONLINE PROTECTION WITH CIRT-BS WORKSHOP
Participants gather at the University of The Bahamas, RBC Auditorium, Franklyn Wilson Graduate Centre 19-20 February 2025 for the CIRT-BS and ITU Child Online Protection Workshop NASSAU, The Bahamas—Over 150 guidance counsellors were in attendance for the nation’s first “Train-the-Trainer” Child Online Protection (COP) Workshop, held in-person and online 19-20 February 2025, at the University of The Bahamas, RBC Auditorium, Franklyn Wilson Graduate Centre. The


Building Cyber Resilience: Join the CIRT‑BS Cybersecurity Professional Meetup
CIRT‑BS invites cybersecurity professionals, IT practitioners, and digital defenders to connect at the Cybersecurity Professional Meetup, a gathering designed to strengthen collaboration and national cyber

Advisory: FortiBleed Credential Leak Exposes Thousands of Fortinet VPN Devices Worldwide
Recent reports from cybersecurity researchers have identified a large-scale credential exposure event, known as FortiBleed, involving credentials associated with Fortinet VPN and firewall devices worldwide.

Save The Date: Cyber Sharks Capture the Flag Competition 2026
Cyber Sharks Capture the Flag Competition Bahamas is a groundbreaking national cybersecurity challenge for Bahamian youth ages 13–16. Hosted by the National Computer Incident Response

Stay Sharp: Your Phishing and Smishing Survival Kit Body
Cybercriminals are getting smarter but so can you. The National Computer Incident Response Team of The Bahamas (CIRT‑BS) has launched the Phishing and Smishing Survival

Advisory: Beware of Fraudulent NIB Smart Card Renewal Text Scam
CIRT‑BS warns the public about fraudulent messages impersonating the National Insurance Board (NIB). These scams aim to deceive recipients into clicking unsafe links or sharing

Smishing vs Phishing: Understanding the Dual Threat
Cyber‑criminals continue to evolve their tactics, targeting both mobile and desktop users. Smishing uses SMS or messaging apps to lure victims into clicking fraudulent links

Advisory: Fake Traffic Fine Payment Scam
The National Computer Incident Response Team of The Bahamas (CIRT-BS) is aware of fraudulent websites impersonating legitimate government services and attempting to collect fake traffic

Bahamas Election Security Awareness 2026
Daily Election Checklist: Stay Informed. Stay Secure. Verifying information is everyone’s responsibility: Follow updates from official government channels and the Parliamentary Registration Department Rely on

Child Online Protection Webinar: A Conversation That Matters
On May 20, 2026, the National Computer Incident Response Team of The Bahamas (CIRT‑BS) will host the Child Online Protection Webinar, uniting international experts to

CyberWizards Camp 2026: Represent The Bahamas in Estonia
CIRT-BS is proud to introduce CyberWizards Camp 2026, an international initiative aimed at strengthening cybersecurity capacity and inspiring the next generation of women in technology. We

Strengthening The Bahamas’ Digital Future: CIRT-BS Cybersecurity Professionals Meetup
Building Connections in Cybersecurity The Bahamas is taking bold steps toward digital resilience, and the upcoming CIRT-BS Cybersecurity Professionals Meetup is a key milestone in

CIRT-BS to Participate in ISBET Tech Expo 2026
ISBET’s Tech Expo 2026 is a high-impact event that brings together industry experts, innovators, and students for a series of forward-looking panel discussions and hands-on

Mark Your Calendar: Child Online Protection Webinar
CIRT-BS invites the public to join our upcoming Child Online Protection Webinar, a timely and important conversation focused on safeguarding children in today’s digital environment.

Child Protection Month: Building Safe Digital Spaces for Our Children
Child Protection Month: Building Safe Digital Spaces for Our Children As The Bahamas observes Child Protection Month, it is an important time to reflect on

Take Control of Your Digital Security
How prepared do you feel to face today’s cyberthreats? Would you like to explore these from a gender lens?👩🏽💻🔒👾 This is exactly the conversation we will
Actively Exploited SQL Injection in FortiClient EMS
ⓘ We are reaching out to let you know that a critical, actively exploited vulnerability has been identified in Fortinet’s FortiClient EMS platform. Attention constituent:
CIRT-BS March Week Recap
Last week, our team participated in a series of engagements. We began at the University of The Bahamas Business Week, delivering a session on “Understanding
CISCO AsyncOS Zero Day Vulnerability
ⓘ We are reaching out to let you know that there is a newly identified advanced persistent threat (APT) that has been exploiting a zero-day

Cybersecurity Workshop: Online Safety – Protecting Your Digital Identity
CIRT-BS is proud to continue our School Tour with a stop at The Bahamas Technical and Vocational Institute (BTVI), where we’ll engage staff, students, and

