Updates

PRESS RELEASE: MIN. HALKITIS: CYBER SECURITY IS “A KEY PILLAR OF ECONOMIC STABILITY” – CIRT-BS AND INDUSTRY EXPERTS UNITE AT ALIV BUSINESS CYBER SECURITY SUMMIT
Minister of Economic Affairs, Senator the Hon. Michael Halkitis delivering welcome remarks at the ALIV Business Cyber Security Summit 2025 NASSAU, The Bahamas—Cyber security experts, government officials, and industry leaders convened at the ALIV Business Cyber Security Summit on 20 February 2025, to address the growing cyber threats facing businesses and national infrastructure across the country. Under the theme “Securing the Future: Navigating Cyber Challenges
New Advisory: (Critical) Authentication Bypass Vulnerability (FortiOS, FortiProxy, and FortiSwitch Manager)
ⓘ This advisory addresses a critical vulnerability impacting FortiOS, FortiProxy, and FortiSwitchManager platforms. Attention constituent: CVE-2022-40684 is a critical authentication bypass vulnerability impacting Fortinet’s FortiOS, FortiProxy, and FortiSwitchManager platforms. This flaw enables attackers to gain unauthorised administrative access, potentially leading to system compromise, data theft, and operational disruption. A leaked list of 15,000 vulnerable IP addresses has heightened the risk of exploitation. Immediate action is
New Advisory: (Critical) FortiOS Vulnerability
ⓘ This advisory addresses a critical vulnerability impacting FortiOS systems (CVE-2024-55591). Attention constituent: A critical vulnerability (CVE-2024-55591) has been identified in Fortinet’s FortiOS systems. This vulnerability stems from an authentication bypass flaw in the FortiOS web management interface. Exploitation of this vulnerability allows remote, unauthenticated attackers to gain unauthorised administrative access and execute arbitrary actions on affected systems. CVE: CVE-2024-55591 Severity: Critical (CVSS: 9.8) Affected Platforms: FortiOS systems

PRESS RELEASE: he Bahamas Strengthens Cybersecurity with National Cybersecurity Strategy Launch and Multi-day Workshop
NASSAU, The Bahamas—The country took a significant leap forward in safeguarding its digital infrastructure with the official launch of the National Cybersecurity Strategy (NCS) for The Bahamas. The Cabinet-approved strategy outlines the plan for The Bahamas to fortify its cybersecurity framework amid the rising global threat of cyber attacks. The launch of the NCS marked the beginning of the National Cybersecurity Strategy Workshop that took

The Deal on Cyber Monday
Cyber Monday is a great time to score on big deals; however, cyber criminals use this day to try to score big with your wallet and personal identifiable information as well. As you shop online, especially throughout the holiday season, remember these few tips: Before You Shop Enrol in payment alerts. Some card issuers offer payment alerts so you are always aware of your transactional

The Bahamas’ National Cybersecurity Strategy
The National Cybersecurity Strategy (NCS) is a set of strategic principles, guidelines, objectives, and specific measures to mitigate risk associated with cybersecurity. The document is the collective vision of high-level goals and priorities that will guide the country in addressing cybersecurity gaps. STRATEGIC AREA A Cybersecurity Governance Framework CIRT-BS as National Cybersecurity Authority with responsibility for NCS execution High-level inter-agency coordination Legal Governance Framework International

Wrong QR Code
SIKE! You scanned the wrong QR Code. QR Codes, or quick response codes, are convenient tools that allow us to share electronic information quickly. However, in the same token, they are also an easy way for cybercriminals to steal your information. It is critical to be mindful of the QR codes you choose to scan to avoid becoming a victim of the next cyber attack.
New Advisory: (Critical) FortiManager Zero-Day Exploitation
ⓘ This advisory addresses a zero-day vulnerability impacting FortiManager and FortiManagerCloud. Attention constituent: A known, successfully exploited critical zero-day vulnerability (CVE-2024-47575) has been identified in Fortinet’s FortiManager and FortiManager Cloud platforms. This vulnerability stems from missing authentication in the FortiGate to FortiManager (FGFM) daemon (fgfmsd). Exploitation of this flaw allows remote, unauthenticated attackers to execute arbitrary code or commands via specially crafted requests. CVE: CVE-2024-47575 Severity: Critical (CVSS: 9.8) Affected Platforms: FortiManager and FortiManager Cloud Versions impacted: FortiManager 7.6.0

Cybersecurity Awareness Month: The Truth About Software Updates
Those pesky updates. They’re annoying but so critical to do! While, at times, they may seem inconvenient, these updates ensure that your devices and apps remain protected from the latest threats. An Apple Example In 2019, Apple introduced a group FaceTime feature. Shortly after its release, a 14-year-old initiated a group call and discovered a major security flaw: they could eavesdrop on a call recipient


Building Cyber Resilience: Join the CIRT‑BS Cybersecurity Professional Meetup
CIRT‑BS invites cybersecurity professionals, IT practitioners, and digital defenders to connect at the Cybersecurity Professional Meetup, a gathering designed to strengthen collaboration and national cyber

Advisory: FortiBleed Credential Leak Exposes Thousands of Fortinet VPN Devices Worldwide
Recent reports from cybersecurity researchers have identified a large-scale credential exposure event, known as FortiBleed, involving credentials associated with Fortinet VPN and firewall devices worldwide.

Save The Date: Cyber Sharks Capture the Flag Competition 2026
Cyber Sharks Capture the Flag Competition Bahamas is a groundbreaking national cybersecurity challenge for Bahamian youth ages 13–16. Hosted by the National Computer Incident Response

Stay Sharp: Your Phishing and Smishing Survival Kit Body
Cybercriminals are getting smarter but so can you. The National Computer Incident Response Team of The Bahamas (CIRT‑BS) has launched the Phishing and Smishing Survival

Advisory: Beware of Fraudulent NIB Smart Card Renewal Text Scam
CIRT‑BS warns the public about fraudulent messages impersonating the National Insurance Board (NIB). These scams aim to deceive recipients into clicking unsafe links or sharing

Smishing vs Phishing: Understanding the Dual Threat
Cyber‑criminals continue to evolve their tactics, targeting both mobile and desktop users. Smishing uses SMS or messaging apps to lure victims into clicking fraudulent links

Advisory: Fake Traffic Fine Payment Scam
The National Computer Incident Response Team of The Bahamas (CIRT-BS) is aware of fraudulent websites impersonating legitimate government services and attempting to collect fake traffic

Bahamas Election Security Awareness 2026
Daily Election Checklist: Stay Informed. Stay Secure. Verifying information is everyone’s responsibility: Follow updates from official government channels and the Parliamentary Registration Department Rely on

Child Online Protection Webinar: A Conversation That Matters
On May 20, 2026, the National Computer Incident Response Team of The Bahamas (CIRT‑BS) will host the Child Online Protection Webinar, uniting international experts to

CyberWizards Camp 2026: Represent The Bahamas in Estonia
CIRT-BS is proud to introduce CyberWizards Camp 2026, an international initiative aimed at strengthening cybersecurity capacity and inspiring the next generation of women in technology. We

Strengthening The Bahamas’ Digital Future: CIRT-BS Cybersecurity Professionals Meetup
Building Connections in Cybersecurity The Bahamas is taking bold steps toward digital resilience, and the upcoming CIRT-BS Cybersecurity Professionals Meetup is a key milestone in

CIRT-BS to Participate in ISBET Tech Expo 2026
ISBET’s Tech Expo 2026 is a high-impact event that brings together industry experts, innovators, and students for a series of forward-looking panel discussions and hands-on

Mark Your Calendar: Child Online Protection Webinar
CIRT-BS invites the public to join our upcoming Child Online Protection Webinar, a timely and important conversation focused on safeguarding children in today’s digital environment.

Child Protection Month: Building Safe Digital Spaces for Our Children
Child Protection Month: Building Safe Digital Spaces for Our Children As The Bahamas observes Child Protection Month, it is an important time to reflect on

Take Control of Your Digital Security
How prepared do you feel to face today’s cyberthreats? Would you like to explore these from a gender lens?👩🏽💻🔒👾 This is exactly the conversation we will
Actively Exploited SQL Injection in FortiClient EMS
ⓘ We are reaching out to let you know that a critical, actively exploited vulnerability has been identified in Fortinet’s FortiClient EMS platform. Attention constituent:
CIRT-BS March Week Recap
Last week, our team participated in a series of engagements. We began at the University of The Bahamas Business Week, delivering a session on “Understanding
CISCO AsyncOS Zero Day Vulnerability
ⓘ We are reaching out to let you know that there is a newly identified advanced persistent threat (APT) that has been exploiting a zero-day

Cybersecurity Workshop: Online Safety – Protecting Your Digital Identity
CIRT-BS is proud to continue our School Tour with a stop at The Bahamas Technical and Vocational Institute (BTVI), where we’ll engage staff, students, and

