Year: 2023

The Bhutan Computer Incident Response Team (BtCIRT), a Government Technology Agency, would like to earnestly request the general public to avoid falling victim to phishing emails using Adobe InDesign. Numerous Cyber Threat Intelligence agencies have uncovered and are warning about a recent surge in phishing attacks leveraging Adobe InDesign, a well-known and trusted document publishing system. According to a report from Barracuda, a cloud-first security solutions provider, there has been a nearly 30-fold increase since October in emails containing Adobe InDesign links. These emails carry legitimate brand logos and lure users into logging in to view or download documents,...

...

Apple has released security updates for Safari, iOS and iPadOS, Sonoma, Ventura, and Monterey to address multiple vulnerabilities. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Therefore BtCIRT recommended users and administrators to review the following advisories and apply necessary updates:...

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Therefore BtCIRT recommended users and administrators to review Microsoft’s December Security Update Guide and apply the necessary updates....

The Apache Software Foundation has released security updates to address a vulnerability (CVE-2023-50164) in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system. Therefore BtCIRT recommended Users and administrators are encouraged to review the Apache Security Bulletin and upgrade to Struts 2.5.33 or Struts 6.3.0.2 or greater....