Tuesday , April 1 2025

infosecbulletin

CVE-2024-9474
Researcher unveil sophisticated backdoor in Palo Alto Networks firewalls

northwave

Northwave Cyber Security has found a sophisticated backdoor, LITTLELAMB.WOOLTEA, targeting Palo Alto Networks firewalls. Northwave researcher claimed the backdoor was found during a forensic investigation of a compromised Palo Alto Networks device. Attackers exploited a recently disclosed vulnerability (CVE-2024-9474) to enter the system and deploy a malicious script called bwmupdate, …

Read More »

New G-Door Vul Allow Hackers Bypass Microsoft 365 Security With Google Docs

G-Door

A newly discovered vulnerability called “G-Door” enables malicious actors to bypass Microsoft 365 security by exploiting unmanaged Google Docs accounts. This flaw poses a serious threat to organizations using Microsoft 365’s Conditional Access policies. The G-Door vulnerability stems from the ability to create personal or workspace Google accounts using a …

Read More »

CVE-2024-53961
Adobe alerts of critical ColdFusion bug with PoC exploit available

ColdFusion

Adobe has issued urgent security updates for ColdFusion versions 2023 and 2021 to fix a critical vulnerability (CVE-2024-53961). This flaw allows attackers to read arbitrary files from the system, risking exposure of sensitive data and configuration files. It results from improper path limitations, enabling unauthorized access outside the intended directory. …

Read More »

Splunk targets Bangladeshi market: Investing in local talent

Splunk

Splunk, a unified security and observability platform turn its focuses on Bangladeshi market. On Monday (23 December) Splunk’s local partner “Aspire Tech Services and Solutions Ltd” arranged a day long bootcamp aims to provide comprehensive hands-on training for participants in order to familiarize them with the platform’s features, capabilities, and …

Read More »

Critical PHP Zero-Day Vulnerability found in Craft CMS To Gain RCE

PHP

A major security flaw in Craft CMS, a popular PHP content management system, has been found, enabling unauthenticated remote code execution (RCE) with default settings. The vulnerability CVE-2024-56145 was reported by security researchers and quickly patched by the Craft CMS team within 24 hours. PHP has improved over the years …

Read More »

For US$2.6bn, Mastercard acquires threat intelligence firm Recorded Future

Mastercard

Mastercard has completed its acquisition of Recorded Future, an AI-based threat intelligence provider. Mastercard has acquired the company for $2.65 billion to strengthen its security in the digital payments ecosystem. Mastercard operates in over 200 countries, leading global efforts to enable digital economies for individuals, businesses, and governments. Mastercard provides …

Read More »

Eight New ICS Advisories released by CISA

advisories

CISA has released eight advisories on vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities affect essential software and hardware in different industries, risking service disruptions, unauthorized access, and malicious code execution. ICSA-24-354-01 Hitachi Energy RTU500 series CMU ICSA-24-354-02 Hitachi Energy SDM600 ICSA-24-354-03 Delta Electronics DTM Soft ICSA-24-354-04 Siemens User Management …

Read More »

Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI

Bank Rakyat Indonesia (BRI), the largest state bank by assets, has assured customers that their data and funds are secure and that normal transactions continue uninterrupted, despite rumors of a ransomware attack on social media. On Wednesday evening, BRI’s Director of Digital and IT, Arga M. Nugraha, confirmed via Instagram …

Read More »

London-based company “Builder.ai” reportedly exposed 1.2 TB data

Builder.ai

Cybersecurity researcher Jeremiah Fowler reported to Website Planet that he found a non-password-protected 1.2 TB dataset containing over 3 million records from Builder.ai, a London company that provides AI software and app development solutions without requiring coding skills. Jeremiah Fowler claimed the unsecured database contained 3,077,542 records, totaling 1.29 TB. …

Read More »

(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall

Sophos Firewall

Sophos has fixed three separate security vulnerabilities in Sophos Firewall.  The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such as remote code execution and privilege escalation. Applies to the following Sophos product(s) and version(s): Sophos Firewall v21.0 GA and earlier No action is needed for Sophos Firewall customers who …

Read More »