Category: ARTICLES

Issued in collaboration with OCP,MoEA and FICRT, RMA. BtCIRT has been informed of online investment schemes using instant messaging platforms like Whatsapp and Telegram that are advertised through social media platforms like Facebook. We have found out that many Bhutanese are taking part in them and already a few have even fallen victim to it without getting the promised returns. We have also been informed that a few Bhutanese accounts are being used to collect the investments. Therefore, the account holders are encouraged to verify with relevant authorities on the legality of such business operations and understand the legal...

The Apache Software Foundation has released a security advisory to address a Critical vulnerability: remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1 dubbed Log4Shell by researchers. A remote attacker could exploit this vulnerability to take control of an affected system. This vulnerability is already being used to implant cryptocurrency miners, and researchers have detected mass scanning activity searching for servers using Log4j.  Log4j is an open-source, Java-based logging tool used in many Java-based applications widely used by enterprise applications and cloud services. Therefore, BtCIRT urges all administrators to review the Apache Log4j 2.15.0 Announcement and upgrade...

BtCIRT has been reported of porn scam emails which purports to come from a hacker claiming to have video and image footage of the victim watching pornography. Victims are then threatened that the scammer will send the alleged video or images to their personal contacts unless they pay a ransom of $5306 in bitcoin payment. They claim to have managed to hijack the victim’s browser while the victim visited an adult site and used it as an RDP server to install a keylogger, using which they got access to the victim’s contacts from Facebook, Messenger and email account and...

The Bhutan Computer Incident Response Team (BtCIRT), Department of IT and Telecom (DITT) would like to earnestly request the general public to not fall into the corona virus related scam/phishing during the lockdown. It has come to the notice of BtCIRT of a scam making rounds in the social media platform Whatsapp whereby the scam message indicates the government is offering money to all citizens above the age of 18 years old for which a link is provided for checking eligibility (as attached below):Any COVID related support or information that the government provides would be announced through BBS, websites...

“Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance” which when integrated with elastic stack enhances visualization and reporting. If you are looking for open source Siem solution and struggling with installation, feel free to use the guide  Wazuh with elastic stack Guide.  This guide has been prepared following official Wazuh installation documentation....