BtCIRT has come across a new scam of Huawei offering New Year free Gifts in Whatsapp, the details of which is as shown in the pictures below: BtCIRT would like to inform everyone that such gift offers are always too good to be true. The links that are provided in the message are most probably phishing links which are created to steal your login or online credentials (Username & Passwords). If you have come across this message and have clicked on the links, we advise you to change your credentials as soon as possible and share this advice to...
BtNOG-7 Virtual Conference
BtNOG-7 Virtual Conference happening in 16th October, here is the link to register. btnog7...
A Vulnerability in WordPress File Manager Plugin Could Allow for remote Code Execution
Risk Description: The Bhutan Computer Incident Response Team recommends WordPress website administrators about the new Vulnerability identified in the File Manager plugin which allows remote code execution. File Manager Plugin allows site Admins to upload, edit. delete files and folders directly from the WordPress backend without having to use FTP. If the vulnerability exploited successfully, it would allow attacker to upload web shell disguised inside an image file on the victim’s server. The attacker then access the web shell and take over the victim’s site. Versions Affected: File manager versions 6.0 – 6.8 Recommendations: Apply appropriate updates provided by...
Courier/Parcel Scam
BtCIRT has come to notice of Courier/Parcel Scam where the scammer calls you to inform, about your pending parcel that needs to be cleared with some charges. The tracking number and the website provided by the scammer appears almost genuine. The scammer tries to lure you saying the packet contains money or other valuable items. Please be aware of such scams and do not fall into this scammer’s trap. Here’s some screenshots: The website used in this scam is https://royalexpresscr.com/ ...
WordPress Plugins- High Severity Vulnerabilities
1.Advisory: Real-Time Find and Replace plugin in WordPress Risk : High Description: The BtCIRT would like to inform the general public about the new vulnerability found in Real-Time Find and Replace plugin in WordPress discovered by the Security researchers all over the world. This vulnerability, if exploited, can lead to Cross-Site Request Forgery (CSRF) which further leads to Stored Cross-Site Scripting (Stored XSS) attacks. It can allow an attacker to perform malicious activities such as creating rogue administrative user accounts, stealing session cookies, or redirecting users to a malicious site. The flaw impacts all versions up to 3.9. Recommendation...