Thursday , April 24 2025

infosecbulletin

G20 summit: Indian Hackers’ Counteroffensive Against Hacktivists’ Anti-India Ops

Amidst the G20 Summit in New Delhi, a new front is taking shape in the realm of cyberspace. Indonesia and Pakistan  are leading a united front in a cutting-edge cyber campaign called ‘#OpIndia,’ strategically aimed at numerous Indian government websites. However, Indian hacktivist groups are not sitting idle. The Rise …

Read More »

Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks

Cisco recently detected a zero-day vulnerability in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. This vulnerability has been targeted by Akira ransomware attacks since August. The vulnerability, known as CVE-2023-20269, has a CVSS score of 5.0 and is of medium severity. It affects the remote access …

Read More »

Bangladeshi Rumman Chowdhury in TIME’s Top 100 in AI

Bangladeshi-born Bengali American data scientist, Dr. Rumman Chowdhury, has earned a well-deserved spot on the esteemed TIME 100 AI list. This incredible accolade acknowledges her remarkable impact in the world of Artificial Intelligence (AI). Dr. Chowdhury is a prominent figure in the field of applied algorithmic ethics. By combining data …

Read More »

MITRE and CISA Release Tool to Help Organizations Mitigate OT Attacks

The MITRE Corporation and the US Cybersecurity and Infrastructure Security Agency (CISA) released Caldera for OT, a new extension to the open source Caldera platform that emulates adversarial attacks against operational technology (OT). Caldera for OT is the result of a collaboration between MITRE, CISA, and the Homeland Security Systems …

Read More »

Hacker group again threat attack Bangladesh 19 September: CIRT Alert

The Indian Cyber Force (ICF) hackers group again threat they are going to attack Bangladesh coming 19 September for the 2nd time. Prior to that, they attack Bangladeshi infrastructure on 15 August and according the calculation provided by the BGD e-Gov CIRT on that day more than 10 websites were …

Read More »

Chrome extensions can steal plaintext passwords from websites

A team of researchers from the University of Wisconsin-Madison has uploaded to the Chrome Web Store a proof-of-concept extension that can steal plaintext passwords from a website’s source code. An examination of the text input fields in web browsers revealed that the coarse-grained permission model underpinning Chrome extensions violates the principles …

Read More »

Credentials of NASA, Tesla, Verizon, and 2K others leaked by workplace safety organization

The National Safety Council has leaked nearly 10,000 emails and passwords of their members, exposing 2000 companies, including governmental organizations and big corporations. The National Safety Council (NSC) is a non-profit organization in the United States providing workplace and driving safety training. On its digital platform, NSC provides online resources …

Read More »