Year: 2019

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.  Therefore, BtCIRT recommends users and administrators to review the following Cisco advisories and apply the necessary updates: Industrial Network Director Remote Code Execution Vulnerability cisco-sa-20190605-ind-rce Unified Communications Manager IM&P Service, Cisco TelePresence VCS, and Cisco Expressway Series Denial of Service Vulnerability cisco-sa-20190605-cucm-imp-dos Webex Meetings Server Information Disclosure Vulnerability cisco-sa-20190605-webexmeetings-id TelePresence Video Communication Server and Cisco Expressway Series Server-Side Request Forgery Vulnerability cisco-sa-20190605-vcs Unified Computing System BIOS Signature Bypass Vulnerability cisco-sa-20190605-ucs-biossig-bypass IOS...

Phishing is a method of stealing confidential information by sending fraudulent messages to a victim. It is one of the most prevalent scams in Bhutan.These messages can be sent via email, SMS, social media, instant messenger or phone call. They can look extremely sophisticated and convincing, replicating legitimate messages from reputable senders. As well as featuring official-looking logos and disclaimers, phishing emails typically include a ‘call to action’ to trick us into giving out our most sensitive personal information, from passwords to bank details. Various phishing scams have targeted customers of Bhutan Telecom, TashiCell and Bank of Bhutan(BoB). All...

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommends users and administrators to review the Adobe Security Bulletins APSB19-29, APSB19-26, APSB19-18 and apply the necessary updates....

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommends users and administrators to review the  Microsoft’s May 2019 Security Update Summary and Deployment Information and apply the necessary updates....

VMware has released security updates to address vulnerabilities in vCenter Server, ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommends users and administrators to review the  Cisco Security Advisories page and apply the VMware Security Advisories VMSA-2019-0007 and VMSA-2019-0008 and apply the necessary updates....