Zoom video conferencing advisory

In the wake of the COVID-19 pandemic, students and organizations are using Zoom applications for teleconferencing and remote learning. Cybercriminals are taking advantage of this situation to get access to sensitive information and even disrupting the sessions. Risk :  Insecure usage of the platform may allow cybercriminals to access sensitive information such as meeting details and conversations. Unpatched Zoom application bug lets attackers steal your windows password. Reports of VTC (video-teleconferencing) hijacking (also called “Zoom-bombing”) are emerging in the US. They have received multiple reports of conferences being disrupted by unsuitable content and/or hate images and threatening language. Recommendation : […]

Mozilla Releases Security Updates

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been detected in exploits in the wild. Therefore, Bhutan Computer Incident Response Team recommends  users and administrators to review Mozilla’s security advisory for Firefox 74.0.1 and Firefox ESR 68.6.1 and apply the necessary update.

Google Releases Security Updates for Chrome

Google has released Chrome version 80.0.3987.162 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. Therefore Bhutan Computer Incident Response Team recommends users and administrators to review the Chrome Release and apply the necessary updates

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore Bhutan Computer Incident Response Team recommends users and administrators to review the Apple security pages for the following products and apply the necessary updates: iTunes 12.10.5 for Windows iOS 13.4 and iPadOS 13.4 Safari 13.1 watchOS 6.2 tvOS 13.4 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra Xcode 11.4