Mailvelope Manual

Mailvelope is a browser add-on or a plugin that extends its   capability in encrypting email contents and is based on OpenPGP cryptography standards. To be able to send, receive or digitally sign emails securely using OpenPGP based services like Mailvelope, users first have to create public, private key pair and share the public key. For detailed manual please visit: Mailvelope manual

GandCrab Ransomware

BtCIRT has been recently reported of few instance of system files being encrypted by a ransomware family called GandCrab, therefore we urge all users to be alerted and take precaution. 1. Description: GandCrab is a Ransomware   that encrypts almost all file types on affected system with a ransom message displayed insisting to make payment using crypto currency to decrypt the data. 2.  Distribution mechanism:   Email attachment , cracked softwares, websites, fake software updaters, trojans, exploit kits  and untrustworthy software download sites are some of the means used to infect and then exploit vulnerabilities in installed, outdated softwares of the […]

BtCIRT Annual Report 2018

The report captures all essential activities undertaken by BtCIRT in the year 2018. The overall mission of BtCIRT is to enhance cyber security in Bhutan by enabling cybersecurity information coordination and establishing computer security incident handling capabilities within the country. Please click here to read the Report.

PGP for Secure Communication

Everyday thousands of otherwise sensitive information is  being exchange over email or stored on disk not even realising that someone could intercept it on transit or while on rest, causing devastating  consequences. Securing  sensitive data  in either state is imperative  as attackers find increasingly sophisticated tools and techniques to compromise systems and gain access. While different tools and techniques are available that can be used to protect data in either state, encryption plays a vital role in maintaining  data confidentiality.  Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used […]

Securing SSH

SSH is a software package that enables system administrators to securely  administer their systems from a remote network with user authentication, commands, output, and file transfers being encrypted to protect against attacks in the network. While it is much more secure than common login services such as telnet, ftp, rlogin, rsh, and rcp, its  default installation isn’t hardened. This advisory covers some of the hardening measures you can take to secure ssh. For details Securing SSH