Indian Computer Emergency Response Team (CERT-In) issued a high-severity alert for android devices on September 11, 2024 highlighting the vulnerabilities that affect Android versions 12, 12L, 13, and 14. The advisory said, bad attacker could potentially exploit these vulnerabilities to gain access the sensitive information stored in the devices, even …

Because of disclosing incorrect and negative data, The Consumer Financial Protection Bureau (CFPB) on Wednesday fined TD Bank, one of North American leading financial institutions $28 million to consumer reporting agencies. According to the agency, The inaccurate data included “systemic errors about credit card delinquencies and bankruptcies,”. Nearly $8 million …

Bangladesh secure prestigious role-model position in the latest ITU cyber security index published by ITU. Bangladesh ranks among the top 10 percent of the world’s most cyber-secure countries, according to the latest Global Cyber Security Index 2024 report released by the International Telecommunication Union (ITU) on Thursday. The report places …

Threatdown Managed Detection and Response (MDR) team has discovered the RansomHub ransomware gang using a new attack method wityh two tools: TDSKiller, to disable EDR system, and LaZagne, for stealing credentials. Although both TDSSKiller and LaZagne have been used by attackers for years, this is the first record of RansomHub …

India is to make 5,000 cyber commandos over the next five years to deal with cybercrimes in India, said Home Minister Amit Shah on Tuesday. He urged that cybercrime has no boundary, and hence all stakeholders must come together to deal with its menace. The unit will consist of 5,000 …

In August, Cybersecurity researchers identified 21 new ransomware variants that threaten indivisual and business. Cybercriminals are improving their tactics, making it harder to detect and combat these malicious programs. Ransomware encrypts valuable data, making it inaccessible, and then demands high ransoms for decryption keys. This puts personal data at risk …

Microsoft patched September 2024 Tuesday addressing 79 vulnerabilities, including four actively exploited zero-days which covers critical flaws in Windows Installer, MoTW, Publisher, and Windows Update. Those flaw are mentioned in September 2024 patch Tuesday are rated as critical, most of which were either remote code execution (RCE) or elevation of …

Zyxel issued hotfixes for a severe command injection vulnerability traced as CVE-2024-6342, affecting its NAS326 and NAS542 network-attached storage (NAS) devices. The flaw reported by security researchers Nanyu Zhong and Jinwei Dong from VARAS@IIE, poses significant risks for it allows bad actor to execute arbitrary operating system commands. Its concerning …

The CTO of Razz Security, Mukesh, recently exploited CI/CD pipelines to gain full server access which has its origins in the presence of an exposed .git directory on a publicly available web server. For this flaw, anyone could read and download the entire version control. It is examined that, this …

Researchers at Fortinet unveiled hackers to exploit GeoServer RCE vulnerability deploying malware relating to the vulnerability tracked as “CVE-2024-36401, has a CVSS score of 9.8. The report said, for the poor design of the Open Geospatial Consortium (OGC) Web Feature Service (WFS) and Web Coverage Service (WCS) standards, the published …