Oasis Security discovered a flaw in Microsoft’s Multi-Factor Authentication (MFA) system, allowing attackers to bypass it and access user accounts, including Outlook, OneDrive, Teams, and Azure. With over 400 million Office 365 users, the impact of this vulnerability could be significant. Research team claim, “The bypass was simple: it took …
Read More »
Dr. Md. Yunus, the chief advisor to the interim government of Bangladesh, is the victim of propaganda using artificial intelligence. A Deepfakes video of him has been seen on social media for the past few days where he is heard saying on the gambling site, “I have decided to create …
Read More »
Facebook, Instagram and threads are experiencing technical issues, causing temporary disruptions worldwide. Many users are having trouble messaging, and Meta has not yet commented on the cause of the outage. Around 11:30 pm on Wednesday, many users experienced login issues with the web version of WhatsApp, receiving a ‘service not …
Read More »
A federal court in Hammond, Indiana, has unsealed an indictment against Guan Tianfeng, a Chinese citizen, for allegedly hacking firewall devices globally in 2020. Guan and his co-conspirators, employed by Sichuan Silence Information Technology Co. Ltd., targeted a previously unknown vulnerability (an “0-day” vulnerability) in firewalls produced by U.K.-based Sophos …
Read More »
Thousands of AWS customers had terabytes of sensitive data, including personal details, AWS credentials, and proprietary code, compromised in a cyber attack linked to the ShinyHunters hacking group. They gained access to sensitive information through poorly set up systems, resulting in over 2 TB of compromised data. Cybersecurity researchers Noam …
Read More »
Microsoft published December 2024 Patch Tuesday, which includes security updates for 71 flaws, including one actively exploited zero-day vulnerability. This Patch Tuesday fixed sixteen critical vulnerabilities, all of which are remote code execution flaws. The number of bugs in each vulnerability category is listed below: 27 Elevation of Privilege Vulnerabilities3 …
Read More »
CISA has released a bulletin that lists over 270 Critical vulnerabilities discovered in various software and hardware in the past week. These vulnerabilities impact popular apps, operating systems, IoT devices, and development frameworks, creating significant risks if not fixed. Vulnerabilities have been categorized using the Common Vulnerability Scoring System (CVSS). …
Read More »
India has experienced a 138% rise in cyberattacks on government bodies from 2019 to 2023. This increase has prompted a response from the government, detailed in a recent report to the Rajya Sabha. From 2019 to 2023, cyberattacks on Indian government entities surged from 85,797 to 204,844, indicating a significant …
Read More »
Google has made a quantum computing chip that can finish tasks in five minutes, which would take conventional computers 10 undecillion (10,000,000,000,000,000,000,000,000 years) to complete. That’s 10 septillion years, a number much larger than the age of our universe, leading scientists behind a recent quantum computing breakthrough to describe it …
Read More »
Google has announced Vanir, an open-source tool for detecting and fixing security vulnerabilities, publicly available for developers. Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system. By default, Vanir pulls up-to-date CVEs from Open Source Vulnerabilities (OSV) together …
Read More »
InfoSecBulletin Cybersecurity for mankind
