Online Advisories & Alerts

CERT VU advisories & alerts disclose current reported cyber security vulnerabilities and threats identified in Vanuatu. The advisories deliver provide a summary of the threat analysed. Descriptions of the threat reported and mitigation procedures are provided as part of the advisory on how to mitigate the threats to minimise their impacts. Finally, a Traffic Light Protocol (TLP: Colour – See guides page for more information) indicator to show the level or information security and sharing rights.

Advisory 17

TLP Rating: White

Apple iMessage vulnerability targeted by attackers

CERT Vanuatu (CERTVU) and the Office of the Chief Information was alerted of this vulnerabilities by its international partners. The CERTVU office would like to advise users that apple has released a software update for iOS, macOS and watchOS due to vulnerabilities discovered.

 

Read more: Advisory 17

Advisory 16

TLP Rating: White

On-Premises Exchange Server Vulnerabilities - CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065.

CERT Vanuatu (CERTVU) and the Office of the Government Information Officer was alerted of these vulnerabilities by its international partners.

The CERTVU office would like to advise institutions and corporate companies with on-premises Exchange Servers. Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of MS Exchange servers in limited and targeted attacks.

Read more: Advisory 16

Advisory 15

TLP Rating: White

Urgent Microsoft Exchange security update released.

CERT Vanuatu (CERTVU) and the Office of the Chief Information was alerted of this vulnerabilities by its international partners.

The CERTVU office would like to advise it’s constituents on possible critical vulnerabilities in Microsoft Exchange. Microsoft has released an urgent update for Exchange Server due to response to Exchange Servers being actively attacked by a sophisticated threat actor. Institutions and companies running Microsoft Exchange Servers are urged to patch these servers immediately.

Read more: Advisory 15

Advisory 14

TLP Rating: White

CERT Vanuatu (CERTVU) and the Office of the Chief Information Officer (OGCIO) provides the following advisory by its international partners.

CERTVU office would like to advise its constituents on critical vulnerabilities identified in Microsoft Windows systems.

Read more: Advisory 14

Advisory 13

TLP Rating: White

Critical vulnerabilities in Microsoft Windows TCP/IP stack

CERT Vanuatu (CERTVU) and the Office of the Chief Information was alerted of this vulnerabilities by its international partners.

The CERTVU office would like to advise it’s constituents on critical vulnerabilities in Microsoft Windows TCP/IP stack. Microsoft in its February 2021 monthly security update addressed several vulnerabilities in the TCP/IP stack. There are two critical vulnerabilities in particular that could allow an attacker to gain Remote Code Execution (RCE) access on vulnerable Windows devices. The vulnerabilities affects IPv4 and IPv6 respectively.

Read more: Advisory 13

Advisory 12

TLP Rating: White

Misinformation Threats Alert

CERT Vanuatu and the Office of the Chief Information Officer (OGCIO) provides the following advisory.

CERT Vanuatu (CERTVU) office has received reports regarding “Misinformation” threats and attacks from Internet users in Vanuatu, specifically it’s users using Social Media platforms such as Facebook, Twitter and Instagram. This advisory with also assist anyone to understand and avoid misinformation on these platforms. This advisory will also apply on information from online platforms and news and entertainment platforms.

Read more: Advisory 12