Updates
Multiple Nation-State Threat Actors Exploit Multiple Zoho Manage Engine Products
Attention Constituent: ######################################### ## S E C U R I T Y A D V I S O R Y ## ######################################### Title : Multiple Nation-State Threat Actors Exploit Multiple Zoho ManageEngine products Advisory ID : CIRT-BS-2023-0004 Version : 1.00 Probability : high CVE ID
Cisco Router / Adaptive Security Appliance (ASA) and FTD Software Vulnerability
Attention Constituent: ######################################### ## S E C U R I T Y A D V I S O R Y ## ######################################### Title : Cisco Router / Adaptive Security Appliance (ASA) and FTD Software Vulnerability Advisory ID : CIRT-BS-2023-0005 Version : 1.00 Probability : high CVE ID
Safer Students — Get Safe Online
Keep Your Students Safer Students spend much time online in today’s digital world. Online is great fun, but cyberbullying, oversharing, and clickjacking may cause them harm. Get Safe Online provides valuable information to prepare students to navigate the online world. We want every student while online to say with confidence #lAmSafer. Visit getsafeonline.bs to find out how students can stay safe online. Choose Secure
CIRT-BS 2nd Annual Stakeholders Engagement 2023
The National Computer Incident Response Team of The Bahamas (CIRT-BS) hosted its second annual Stakeholder Engagement Conference on Wednesday and Thursday, 16–17 August 2023, at the Margaritaville Beach Resort. The Annual Stakeholder Engagement Conference is a platform for collaboration, knowledge-sharing, and networking within the national cybersecurity industry. Minister of National Security, the Honourable Wayne Munroe, KC, delivered the keynote presentation. The conference featured a thought-provoking panel
Government Working Diligently to Increase Awareness of Cyber Security Threats
Source: Bahamas Information Services NASSAU, The Bahamas – As the government advances its plans to transform and digitize its services, thereby making it more convenient for the public to conduct business with the government, the need to beef up cyber security has significantly risen. Consequently, the Ministry of Economic Affairs in conjunction with the Bahamas National Computer Incident Response Team (CIRT), hosted a two-day inter-ministerial cyber security
Bahamas’ National CIRT Manager Sametria McKinney Receives Prestigious International Award
Source: Bahamas Information Services NASSAU, The Bahamas – Senator the Honourable Michael Halkitis, Minister of Economic Affairs, together with proud Bahamians everywhere, recognize and extend warmest congratulations to the Bahamas’ National Computer Incident Response Team (CIRT) Manager, Miss Sametria McKinney, on receiving the President’s Award for Public Service at the Information Systems Security Association (ISSA) International Awards Gala, held in Las Vegas, Nevada, USA, on
Dropbox discloses breach after hacker stole 130 GitHub repositories
Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack. The company discovered the attackers breached the account on October 14 when GitHub notified it of suspicious activity that started one day before the alert was sent. “To date, our investigation has found that the code
ABOUT “BLUEBLEED”SERVICE AND THE VULNERABILITY OF MICROSOFT AWS SERVERS
Attack info First seen 2022-09-24 • Last seen 2022-10-19 On October 19, 2022, Socradar announced a vulnerability they discovered in several misconfigured Microsoft AWS servers. They also announced the launch of the BlueBleed service, which contains data downloaded from several misconfigured Microsoft AWS servers. Link to the Socradar announcement – hxxps://socradar[.]io/sensitive-data-of-65000-entities-in-111- countries-leaked-due-to-a-single-misconfigured-data-bucket/ The exposed files in the misconfigured bucket include; POE documents, SOW documents, Invoices, Product
New PHP information-stealing malware targets Facebook accounts
A new Ducktail phishing campaign is spreading a never-before-seen Windows information-stealing malware written in PHP used to steal Facebook accounts, browser data, and cryptocurrency wallets. Ducktail phishing campaigns were first revealed by researchers from WithSecure in July 2022, who linked the attacks to Vietnamese hackers. Those campaigns relied on social engineering attacks through LinkedIn, pushing .NET Core malware masquerading as a PDF document supposedly containing details about a marketing
Deepfake Investment Scam Continues to Evolve
ⓘ This advisory is about an ongoing scam campaign containing deepfake video content of senior government officials. The scams are designed to trick you into
New Advisory: Fake Investment Scams Using Deepfake Videos
ⓘ This advisory addresses fake investment scams. CIRT-BS is urging the public to stay vigilant as new scams circulate online and fraudulent websites are impersonating
New Advisory: Active Exploitation of Ivanti Vulnerabilities
ⓘ Attackers are targeting Ivanti Connect Secure appliances using known vulnerabilities. Attackers may sometimes maintain persistent, undetected access even after patching systems. Advisory Overview Advisory
New Advisory: Critical Exploitation of Known Fortinet Vulnerabilities
ⓘ We are reaching out to let you know about ongoing attacks targeting Fortinet devices using known vulnerabilities. In some cases, the attackers can remain
New Advisory: Critical Vulnerability Found in Remote Access VPNs
ⓘ Your system could be at risk of being affected by several CVEs targeting SSL VPNs. CIRT-BS is advising that unpatched VPN devices are being
PRESS RELEASE: THE BAHAMAS TRAINS 150+ COUNSELLORS TO LEAD THE CHARGE IN CHILD ONLINE PROTECTION WITH CIRT-BS WORKSHOP
Participants gather at the University of The Bahamas, RBC Auditorium, Franklyn Wilson Graduate Centre 19-20 February 2025 for the CIRT-BS and ITU Child Online Protection
PRESS RELEASE: MIN. HALKITIS: CYBER SECURITY IS “A KEY PILLAR OF ECONOMIC STABILITY” – CIRT-BS AND INDUSTRY EXPERTS UNITE AT ALIV BUSINESS CYBER SECURITY SUMMIT
Minister of Economic Affairs, Senator the Hon. Michael Halkitis delivering welcome remarks at the ALIV Business Cyber Security Summit 2025 NASSAU, The Bahamas—Cyber security experts,
New Advisory: (Critical) Authentication Bypass Vulnerability (FortiOS, FortiProxy, and FortiSwitch Manager)
ⓘ This advisory addresses a critical vulnerability impacting FortiOS, FortiProxy, and FortiSwitchManager platforms. Attention constituent: CVE-2022-40684 is a critical authentication bypass vulnerability impacting Fortinet’s FortiOS,
New Advisory: (Critical) FortiOS Vulnerability
ⓘ This advisory addresses a critical vulnerability impacting FortiOS systems (CVE-2024-55591). Attention constituent: A critical vulnerability (CVE-2024-55591) has been identified in Fortinet’s FortiOS systems. This
PRESS RELEASE: he Bahamas Strengthens Cybersecurity with National Cybersecurity Strategy Launch and Multi-day Workshop
NASSAU, The Bahamas—The country took a significant leap forward in safeguarding its digital infrastructure with the official launch of the National Cybersecurity Strategy (NCS) for
The Deal on Cyber Monday
Cyber Monday is a great time to score on big deals; however, cyber criminals use this day to try to score big with your wallet
The Bahamas’ National Cybersecurity Strategy
The National Cybersecurity Strategy (NCS) is a set of strategic principles, guidelines, objectives, and specific measures to mitigate risk associated with cybersecurity. The document is
Wrong QR Code
SIKE! You scanned the wrong QR Code. QR Codes, or quick response codes, are convenient tools that allow us to share electronic information quickly. However,
New Advisory: (Critical) FortiManager Zero-Day Exploitation
ⓘ This advisory addresses a zero-day vulnerability impacting FortiManager and FortiManagerCloud. Attention constituent: A known, successfully exploited critical zero-day vulnerability (CVE-2024-47575) has been identified in
Cybersecurity Awareness Month: The Truth About Software Updates
Those pesky updates. They’re annoying but so critical to do! While, at times, they may seem inconvenient, these updates ensure that your devices and apps
Cybersecurity Awareness Month: Now That’s a Red Flag: Watch Out for Phish!
Did you know that one of the most common cyber attacks reported at the National CIRT originate from a phishing attempt that an unlucky victim
Join Us for the “Secure Our World” Cybersecurity Awareness Month Webinar + Q&A
Register for the CIRT-BS Cybersecurity Awareness Webinar to secure your spot. Join Us for the “Secure Our World” Cybersecurity Awareness Month Webinar + Q&A Cybersecurity is
PRESS RELEASE: Bahamas’ National CIRT Director Sametria McKinney Honoured for Advancing Global Cyber Security
FOR IMMEDIATE RELEASE 17 October 2024 Bahamas’ National CIRT Director Sametria McKinney Honoured for Advancing Global Cyber Security NASSAU, The Bahamas—The National Computer Incident Response
Cybersecurity Awareness Month: Enable MFA; Disable the Hackers
Last week, we kicked off Cybersecurity Awareness Month, detailing strong passwords as your first line of defence against a cyber attack; this week, we cover
Cybersecurity Awareness Month: Use a Strong Password + a Password Manager
Cybersecurity professionals always say it, but it’s true: passwords are your first line of defence against data breaches. Because of this, it is crucial to
