Security researchers have warned that a Proof-of-Concept (PoC) exploit has been publicly released for a critical vulnerability affecting Oracle WebLogic Server. The flaw tracked as CVE-2024-21182, poses a significant risk to organizations using the server, as it allows an unauthenticated attacker with network access to compromise the targeted system. The …
Read More »Microsoft warn dev urgently to update .NET installer link
Microsoft is forcing .NET developers to quickly update their apps and developer pipelines so they do not use ‘azureedge.net’ domains to install .NET components, as the domain will soon be unavailable due to the bankruptcy and imminent shutdown of CDN provider Edgio. Specifically, the domains “dotnetcli.azureedge.net” and “dotnetbuilds.azureedge.net” will be …
Read More »Look back; The Worst Hacks of 2024
In 2024, digital security experienced major breaches as cybercriminals and state-backed groups exploited vulnerabilities for large-scale attacks. These incidents were efficient for attackers but damaging to affected organizations and individuals, threatening their privacy and security. With rising global tensions, 2025 is anticipated to present more cybersecurity challenges. Infosecbulletin highlights the …
Read More »HIPAA to be updated with new cybersecurity regulations, White House
Proposed new cybersecurity rules for healthcare institutions will focus on how they protect user data under HIPAA, as stated by a White House official. Anne Neuberger, deputy national security adviser for cyber and emerging technology, told “The security rule [under HIPAA] was first published in 2003 and it was last …
Read More »New NGate Trojan Drains Bank Accounts via ATMs
Malware analysts at Doctor Web have identified new versions of the NGate banking trojan. This malware steals data from the device’s NFC chip, enabling attackers to withdraw money from victims’ accounts at ATMs without their knowledge. The NGate banker was first noticed by antivirus vendors in autumn 2023 due to …
Read More »CPE Seminar Held at ISACA Dhaka Chapter Office Premises
ISACA Dhaka chapter arranged a Continuing Professional Education (CPE) seminar for the community as its calendar work to develop the professionals. On 28 December, Saturday at ISACA Dhaka office with the participation over 50 participants the seminar draw the attention with the two leading topic on “Leadership & Communication is …
Read More »
Update Immediately
Palo Alto Releases Patch for PAN-OS DoS Flaw
Palo Alto Networks has revealed a high severity vulnerability in PAN-OS software that may lead to a denial-of-service (DoS) issue on affected devices. The vulnerability CVE-2024-3393 (CVSS score: 8.7) affects PAN-OS versions 10.X and 11.X, and Prisma Access with PAN-OS versions 10.2.8 or later and before 11.2.3. It has been …
Read More »Cyberattack Hit Japan Airlines Systems, delaying flights
Japan Airlines reported a cyberattack on Thursday that delayed over 20 domestic flights. The airline managed to stop the attack and restore its systems within hours, and confirmed that flight safety was not affected. JAL reported that a network issue began Thursday morning, affecting both internal and external systems. The …
Read More »Hacker reportedly leak Indonesia Gov.t 82 GB data
Hackers claimed to have accessed and stolen 82 GB of sensitive data from Indonesia’s Regional Financial Management Information System (SIPKD). GBHackers News reported the data breach announced on a hacking forum, exposing sensitive financial, administrative, and personal information, raising significant security and privacy concerns. The stolen data, which includes backups …
Read More »BCSI officially announce National Vulnerability Disclosure Program (NVDP)
Bangladesh Cyber Security Intelligence (BCSI) officially launch the National Vulnerability Disclosure Program (NVDP) to enhance the country’s cybersecurity. This initiative aims to create a secure platform for ethical hackers, researchers, and organizations to work together in identifying and addressing vulnerabilities that threaten government systems, critical infrastructure, and private sector entities. …
Read More »