A new ransomware named Eldorado appeared in March and has locker versions for VMware ESXi and Windows. The gang has claimed 16 victims, mostly in the U.S., in various sectors including real estate, education, healthcare, and manufacturing. Researchers from Group-IB observed the activity of Eldorado. They found that the operators …

French cloud computing firm OVHcloud recently handled the largest DDoS attack in terms of packet rate. This attack occurred during a period of increasing intensity in DDoS attacks. According to the cloud provider, packet rate DDoS attacks are very effective because they are harder to stop than attacks with fewer, …

The web development community was affected by a supply chain attack on the popular Polyfill.io JavaScript library last week. Polyfill.js supports modern tools on older web browsers for cross-compatibility. In February 2024, the Polyfill.io domain and GitHub account were acquired by Funnull, a Chinese CDN company. This raised concerns about …

Apache Software Foundation released Apache HTTP Server version 2.4.61 to fix a serious source code disclosure vulnerability (CVE-2024-39884). This flaw could expose sensitive server information to malicious actors. The CVE-2024-39884 vulnerability is caused by a problem in how old content-type configurations are managed. The “AddType” directive and similar settings, when …

Microsoft’s cybersecurity team found two major vulnerabilities in Rockwell Automation’s PanelView Plus, a widely used human-machine interface in industrial settings. There are two vulnerabilities, CVE-2023-2071 and CVE-2023-29464, that can be used by attackers without authentication. They can use these vulnerabilities for remote code execution (RCE) and denial-of-service (DoS) attacks. The …

Cybersecurity experts found 28 new types of ransomware in June. These malicious programs are a big threat to individuals and businesses. Cybercriminals are improving their tactics with each new variant, making it harder to detect and stop them. Ransomware encrypts important data, making it impossible for users to access. Afterward, …

ISACA Dhaka Chapter election is going to be held on Saturday (6 July) 2024. This year 23 candidates will fight each other for 13 posts. Dr. Ijazul Haque and Mohammed Iqbal Hossain will fight each other for the post of president on the other hand S M Mizanur Rahman and …

Google launched a new bug bounty program called kvmCTF to enhance the security of its Kernel-based Virtual Machine (KVM) hypervisor. This program offers up to $250,000 as a reward to security researchers who successfully achieve a full virtual machine (VM) escape exploit. KVM, an open-source hypervisor, is important in consumer …

The Brain Cipher ransomware group to release the decryption keys for Indonesia Terkoneksi on Wednesday. They said their attack aims to highlight the need for funding the industry and hiring skilled experts. They clarified that the attack is not politically motivated, but rather a penetration test that requires payment afterwards. …

“A critical vulnerability has been identified in the Google Authentication mechanism of the application. By manipulating the ID and email parameters in the authentication request, an attacker can obtain an access token for any user. This allows the attacker to take over any account without any user interaction, leading to …