Alerts | Guyana National CIRT

AL2022_29 Microsoft's May Patch Tuesday update is causing authentication issues and failures in Windows Active Directory Domain Services.

The Cybersecurity and Infrastructure Security Agency (CISA) warns that Windows updates for May should not be installed on domain controllers.

Read more about AL2022_29 Microsoft's May Patch Tuesday update is causing authentication issues and failures in Windows Active Directory Domain Services.

AL2022_28 Raspberry Robin Malware Spreading via External Drives (10th May 2022)

Researchers from Red Canary have discovered a new malware native to Windows OS with worm like capabilities.

Read more about AL2022_28 Raspberry Robin Malware Spreading via External Drives (10th May 2022)

AL2022_27 Google SMTP relay service abused for sending phishing emails (03rd May 2022)

Threat actors can use this service to spoof other Gmail tenants without being identified

Read more about AL2022_27 Google SMTP relay service abused for sending phishing emails (03rd May 2022)

AL2022_26 VMware RCE Flaw Exploited to Install Backdoor (26th April 2022)

Rocket Kitten, an Iranian-linked threat actor, was seen exploiting a recently patched VMware vulnerability to get initial access

Read more about AL2022_26 VMware RCE Flaw Exploited to Install Backdoor (26th April 2022)

AL2022_25 UEFI Firmware Driver bugs affect over 100 Lenovo laptop Models (22nd April 2022)

Three high-impact UEFI security vulnerabilities have been discovered in multiple Lenovo consumer laptop models, allowing malicious actors to deploy and execute firmware implants on the afflicted devices.

Read more about AL2022_25 UEFI Firmware Driver bugs affect over 100 Lenovo laptop Models (22nd April 2022)