Monday , December 23 2024

infosecbulletin

Gov.t issues high alert on android devices

Android

Indian Computer Emergency Response Team (CERT-In) issued a high-severity alert for android devices on September 11, 2024 highlighting the vulnerabilities that affect Android versions 12, 12L, 13, and 14. The advisory said, bad attacker could potentially exploit these vulnerabilities to gain access the sensitive information stored in the devices, even …

Read More »

TD Bank fined $28 million for sharing customer data

TD bank

Because of disclosing incorrect and negative data, The Consumer Financial Protection Bureau (CFPB) on Wednesday fined TD Bank, one of North American leading financial institutions $28 million to consumer reporting agencies. According to the agency, The inaccurate data included “systemic errors about credit card delinquencies and bankruptcies,”. Nearly $8 million …

Read More »

Global-Cybersecurity-Index
Bangladesh secure role-model position by ITU

Chart

Bangladesh secure prestigious role-model position in the latest ITU cyber security index published by ITU. Bangladesh ranks among the top 10 percent of the world’s most cyber-secure countries, according to the latest Global Cyber Security Index 2024 report released by the International Telecommunication Union (ITU) on Thursday. The report places …

Read More »

New RansomHub Attack Kill Kaspersky’s TDSSKiller To Disable EDR

Coding

Threatdown Managed Detection and Response (MDR) team has discovered the RansomHub ransomware gang using a new attack method wityh two tools: TDSKiller, to disable EDR system, and LaZagne, for stealing credentials. Although both TDSSKiller and LaZagne have been used by attackers for years, this is the first record of RansomHub …

Read More »

Researcher detect 21 New Ransomwares in August

Ransomware

In August, Cybersecurity researchers identified 21 new ransomware variants that threaten indivisual and business. Cybercriminals are improving their tactics, making it harder to detect and combat these malicious programs. Ransomware encrypts valuable data, making it inaccessible, and then demands high ransoms for decryption keys. This puts personal data at risk …

Read More »

Microsoft patch September 2024 fixes 4 zero-days, 79 flaws

Microsoft

Microsoft patched September 2024 Tuesday addressing 79 vulnerabilities, including four actively exploited zero-days which covers critical flaws in Windows Installer, MoTW, Publisher, and Windows Update. Those flaw are mentioned in September 2024 patch Tuesday are rated as critical, most of which were either remote code execution (RCE) or elevation of …

Read More »

Zyxel Issues Hotfix for EOL NAS product

zyxel

Zyxel issued hotfixes for a severe command injection vulnerability traced as CVE-2024-6342, affecting its NAS326 and NAS542 network-attached storage (NAS) devices. The flaw reported by security researchers Nanyu Zhong and Jinwei Dong from VARAS@IIE, poses significant risks for it allows bad actor to execute arbitrary operating system commands. Its concerning …

Read More »

Hacker to exploite GeoServer Vulnerability to Deploy Malware

Geoserver

Researchers at Fortinet unveiled hackers to exploit GeoServer RCE vulnerability deploying malware relating to the vulnerability tracked as “CVE-2024-36401, has a CVSS score of 9.8. The report said, for the poor design of the Open Geospatial Consortium (OGC) Web Feature Service (WFS) and Web Coverage Service (WCS) standards, the published …

Read More »