Month: November 2018

Information and Network Security Workshop

The Department of Information Technology & Telecom is conducting a workshop on Information and Network Security from 12th November to 16th November, 2018 with financial and technical support from APT and APNIC. The weeklong program is aimed at training system administrators in securing their information systems and network infrastructure and responding to potential threats and attacks. Participants from government agencies, corporations, financial institutions, telecom service providers and other relevant private sector organisations have been invited.  ...

PGP for Secure Communication

Everyday thousands of otherwise sensitive information is  being exchange over email or stored on disk not even realising that someone could intercept it on transit or while on rest, causing devastating  consequences. Securing  sensitive data  in either state is imperative  as attackers find increasingly sophisticated tools and techniques to compromise systems and gain access. While different tools and techniques are available that can be used to protect data in either state, encryption plays a vital role in maintaining  data confidentiality.  Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is...

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities affecting Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommends users and administrators to review the following Cisco Security Advisories and apply the necessary updates: Cisco Stealthwatch Management Console Authentication Bypass Vulnerability cisco-sa-20181107-smc-auth-bypass Cisco Unity Express Arbitrary Command Execution Vulnerability cisco-sa-20181107-cue Cisco Meraki Local Status Page Privilege Escalation Vulnerability cisco-sa-20181107-meraki...

Mozilla Releases Security Update for Thunderbird ESR

Mozilla has released a security update to address vulnerabilities in Thunderbird ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommends users and administrators to review the Mozilla Security Advisory for Thunderbird ESR 60.3 and apply the necessary update....

Apache Releases Security Update for Apache Tomcat JK Connectors

The Apache Software Foundation has released a security update to address a vulnerability affecting Apache Tomcat JK Connectors 1.2.0 to 1.2.44. A remote attacker could exploit this vulnerability to obtain access to sensitive information. Therefore, BtCIRT recommends users and administrators to review the Apache security advisory for CVE-2018-11759 and apply the necessary update....