Tuesday , December 24 2024

infosecbulletin

Microsoft discloses an unpatched Office zero-day

Microsoft

A high-severity zero-day vulnerability has been found affecting Office 2016 and later. Microsoft is currently working on a patch to fix this issue. The vulnerability, known as CVE-2024-38200, could let unauthorized people access protected data like system status, configuration data, personal information, or connection metadata. This zero-day affects different 32-bit …

Read More »

0.0.0.0 Day: Exploiting Localhost APIs From the Browser

0000 day

A recent study found a vulnerability in major internet browsers that has existed for 18 years. This vulnerability makes private and corporate networks open to cyberattacks. Researchers from Oligo Security discovered that hackers can take advantage of how browsers handle requests to the IP address 0.0.0.0 by redirecting them to …

Read More »

Interim government to decide on resignation of top officials: Bangladesh Bank

bd bank

In the changed reality, Bangladesh Bank employees demanded the resignation of the top officials of the bank, the interim government will decide. These persons were appointed on contractual basis by the recently resigned government. As a result, any new government will have to decide about them. Apart from this, Bangladesh …

Read More »

Google says new Android Zero-day vulnerability was exploited

google

Google has patched a “high-severity” vulnerability that may be “under limited, targeted exploitation” in Android devices. Google issued an advisory stating that the bug, known as CVE-2024-36971, affects the Linux kernel. This kernel is a crucial part of an operating system, connecting the software to the computer’s hardware. According to …

Read More »