Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommends users and administrators to review thefollowing Cisco Advisories and apply the necessary updates: Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability cisco-sa-20190227-rmi-cmd-ex Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools Update Service Command Injection Vulnerability cisco-sa-20190227-wmda-cmdinj  

GandCrab Ransomware

BtCIRT has been recently reported of few instance of system files being encrypted by a ransomware family called GandCrab, therefore we urge all users to be alerted and take precaution. 1. Description: GandCrab is a Ransomware   that encrypts almost all file types on affected system with a ransom message displayed insisting to make payment using crypto currency to decrypt the data. 2.  Distribution mechanism:   Email attachment , cracked softwares, websites, fake software updaters, trojans, exploit kits  and untrustworthy software download sites are some of the means used to infect and then exploit vulnerabilities in installed, outdated softwares of the […]

OpenSSL Releases Security Update

OpenSSL version 1.0.2r has been released to address a vulnerability for users of versions 1.0.2–1.0.2q. An attacker could exploit this vulnerability to obtain sensitive information. Therefore, BtCIRT recommends users and administrators to review the OpenSSL Security Advisory and apply the necessary update.

Microsoft Releases Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommends users and administrators to review the Microsoft’s February 2019 Security Update Summary and Deployment Information and apply the necessary updates.

Mozilla Releases Security Updates for firefox

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommends users and administrators to review the  Mozilla Security Advisories for Firefox 65.0.1 and Firefox ESR 60.5.1 and apply the necessary updates.