A high-severity zero-day vulnerability has been found affecting Office 2016 and later. Microsoft is currently working on a patch to fix this issue. The vulnerability, known as CVE-2024-38200, could let unauthorized people access protected data like system status, configuration data, personal information, or connection metadata. This zero-day affects different 32-bit …
Read More »0.0.0.0 Day: Exploiting Localhost APIs From the Browser
A recent study found a vulnerability in major internet browsers that has existed for 18 years. This vulnerability makes private and corporate networks open to cyberattacks. Researchers from Oligo Security discovered that hackers can take advantage of how browsers handle requests to the IP address 0.0.0.0 by redirecting them to …
Read More »CISA, FBI released joint advisory for Blacksuit ransomware
The FBI and CISA updated their advisory to confirm that the Royal ransomware group now goes by the name “BlackSuit” and still demands very high ransom amounts, up to $60 million. The advisory has new technical information to help defenders detect the activity of the group, known as Royal ransomware …
Read More »DATA CENTER ALERT: AMD Patches Security Flaws in EPYC Processors
AMD has released a security bulletin about three possible vulnerabilities in its Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP) technology. A researcher found vulnerabilities that could let a malicious hypervisor controlled by the host system access or modify the memory of a guest VM. This poses big risks to …
Read More »Researchers detect 30 new ransomware in July
Cybersecurity experts found 30 new types of ransomware in July. These harmful programs are a big threat to people and businesses. Each new variant makes it harder to detect and stop them. Ransomware works by locking important data on infected computers and then asking for a lot of money in …
Read More »CrowdStrike publish Root Cause of Global System Outages
CrowdStrike, a cybersecurity company, has released its analysis on the Falcon Sensor software update crash that affected millions of Windows devices worldwide. The “Channel File 291” incident was traced back to a content validation issue. This issue came up when a new Template Type was introduced. The purpose of this …
Read More »Microsoft 365 anti-phishing protection can be bypassed with CSS
Researchers found a way to get around a security measure in Microsoft 365, making it more likely for users to open harmful emails. Outlook has a hidden anti-phishing measure called the ‘First Contact Safety Tip.’ It warns recipients when they receive an email from an unfamiliar address. Outlook displays an …
Read More »Interim government to decide on resignation of top officials: Bangladesh Bank
In the changed reality, Bangladesh Bank employees demanded the resignation of the top officials of the bank, the interim government will decide. These persons were appointed on contractual basis by the recently resigned government. As a result, any new government will have to decide about them. Apart from this, Bangladesh …
Read More »Bangladesh Bank Deputy Governor resigned
Bangladesh Bank Deputy Governor Kazi Saidur Rahman resigned on the second day of opening office after the fall of the Sheikh Hasina government. On Wednesday (August 7) he resigned handing over the responsibility to Executive Director-1. Kazi Saidur Rahman became the Deputy Governor of Bangladesh Bank on 22 November 2020. …
Read More »Google says new Android Zero-day vulnerability was exploited
Google has patched a “high-severity” vulnerability that may be “under limited, targeted exploitation” in Android devices. Google issued an advisory stating that the bug, known as CVE-2024-36971, affects the Linux kernel. This kernel is a crucial part of an operating system, connecting the software to the computer’s hardware. According to …
Read More »