VMware has released security updates to address multiple vulnerabilities in VMware Workspace ONE Assist. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommended users and administrators to review VMware Security Advisory VMSA-2022-0028 and apply the necessary updates and workarounds....
Citrix Releases Security Updates for ADC and Gateway
Citrix has released security updates to address vulnerabilities in Citrix ADC and Citrix Gateway. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommended users and administrators to review Citrix Security Updates CTX463706 and apply the necessary updates....
OpenSSL Releases Security Update
OpenSSL has released a security advisory to address two vulnerabilities, CVE-2022-3602 and CVE-2022-3786, affecting OpenSSL versions 3.0.0 through 3.0.6. Both CVE-2022-3602 and CVE-2022-3786 can cause a denial of service. According to OpenSSL, a cyber threat actor leveraging CVE-2022-3786, “can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution,” allowing them to take control of an affected system. BtCIRT recommended users and administrators to review the OpenSSL advisory, blog, OpenSSL 3.0.7 announcement, and upgrade to OpenSSL 3.0.7. For additional information on...
BtCIRT Annual Report July 2021 -June 2022
The annual report covers all the major activities, initiatives and incidents handled by the Bhutan Computer Incident Response Team (BtCIRT) for the 2021-2022 financial year (FY), from July 2021 till June 2022. In 2021, although the COVID pandemic continued and the nation experienced a few lock downs and restrictions, BtCIRT was able to meet some critical targets for the year. The country’s first ever “Cybersecurity Week” was successfully conducted. Articles and alerts on latest cyber trends, threats, vulnerabilities and best practices were also published. Majority of the workshops and training were carried out online due to the pandemic....
Samba Releases Security Updates
The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. Therefore BtCIRT recommended users and administrators to review the following Samba Security Announcements and apply the necessary updates and workarounds. • CVE-2022-3437 • CVE-2022-3592...