Trend Micro released a security update for Deep Security 20 Agent Manual Scan Command Injection RCE Vulnerability (CVE-2024-51503) that resolves a manual scan command injection remote code execution (RCE) vulnerability. On 18 November, Trend Micro released the update Severity rating level “High”, CVSS 3.0 score: 8.0. Vulnerability Details: CVE-2024-51503: Security …

Apple released critical updates for its various products including for iOS, iPadOS, macOS, visionOS, and Safari to fix two zero-day vulnerabilities actively being exploited in the wild. The flaws are listed below: CVE-2024-44309 : A vulnerability in cookie handling that could allow a cross-site scripting (XSS) attack when processing harmful …

Maxar Space Systems has verified a major data breach that exposed particular information of current and former workers. The breach in mid-October 2024 raised major cybersecurity concern after a hacker used a Hong Kong IP address to attack the company’s systems immorally. Maxar said, they discovered the breach on ‘October …

A security vulnerability (CVE-2024-52308) in the GitHub Command Line Interface (CLI) could allow remote code execution on users’ devices. With a CVSS score of 8.1, this highlights the need for developers to stay vigilant with software updates and security measures. The vulnerability arises from how the gh CLI handles SSH …

“Sarcoma” ransomware group attacked a well known Bangladeshi insurance company named “Popular life insurance company ltd”. The threat actor keeps an option to release the full data if their demand doesn’t meet up within 5 days. According to the threat actor, approximately 36 GB of data, including attachments and SQL …

Bug Hunt 2024, one of the largest cyber security competitions and conferences in Bangladesh, was successfully held at the ICT Tower in Agargaon, Dhaka On November 16, 2024. This groundbreaking initiative aims to enhance cyber security expertise and awareness in the cyber security landscape in the country. Highlights of the …

The Wall Street Journal reported on Friday citing people familiar with the matter that T-Mobile’s network was among the systems hacked in a damaging Chinese cyber-espionage operation that successfully gained entry into multiple U.S. and international telecommunications companies. Hackers were able to breach T-Mobile as part of a monthslong campaign …

“Palo Alto Networks has observed threat activity exploiting an unauthenticated remote command execution vulnerability against a limited number of firewall management interfaces which are exposed to the Internet. We are actively investigating this activity,” reads the security bulletin by the cybersecurity provider Palo Alto Networks. On November 8, Palo Alto …

US authorities have revealed a major cyberespionage campaign by hackers, targeting information from Americans in government and politics. The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) said in a joint statement on Wednesday that actors affiliated with Beijing had “compromised networks at multiple telecommunications companies”. In a statement …