Sophos has fixed three separate security vulnerabilities in Sophos Firewall.  The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such as remote code execution and privilege escalation. Applies to the following Sophos product(s) and version(s): Sophos Firewall v21.0 GA and earlier No action is needed for Sophos Firewall customers who …

A time-demanding workshop on “Cybersecurity Awareness and Needs Analysis” was held on Thursday (December 19) at Bangladesh Bank Training Academy Auditorium in Dhaka. This workshop aims to raise awareness of the latest cybersecurity trends and technologies in the financial sector and gather insights on future human resource development. It is …

Kaspersky’s Global Emergency Response Team (GERT) found that attackers are exploiting a patched SQL injection vulnerability (CVE-2023-48788) in Fortinet FortiClient EMS, affecting versions 7.0.1 to 7.0.10 and 7.2.0 to 7.2.2. Even with available patches, many systems remain unupdated, allowing unauthorized code execution and compromise of networks. According to the report, …

The US government is considering banning a well-known brand of Chinese-made home internet routers TP-Link due to concerns that they may be linked to cyberattacks and pose a national security risk. TP-Link, which holds a 65% market share in the U.S. for high-speed cable modems, routers, and smart home devices, …

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so on. Its our daily security digest to cover the latest happenings in the world. Spend a bit time to read out todays update: Thieves steal $107K+ from University of Central …

CISA has issued Binding Operational Directive (BOD) 25-01, requiring federal civilian agencies to improve the security of their Microsoft 365 cloud environments. This directive is part of CISA’s effort to reduce risks from cloud misconfigurations and weak security controls that have been targeted in recent cyberattacks. BOD 25-01 introduces Secure …

The Irish Data Protection Commission fined Meta €251 million ($263.6 million) for GDPR violations related to a 2018 data breach that affected 29 million Facebook accounts. The breach occurred when unauthorized parties exploited user access tokens, exposing sensitive information like names, email addresses, phone numbers, and physical locations, including data …

More than 25,000 SonicWall SSL VPN devices are vulnerable to critical flaws, with 20,000 running outdated SonicOS/OSX firmware that is no longer supported. This analysis by cybersecurity firm Bishop Fox was prompted by key vulnerabilities disclosed this year in SonicWall devices. Ransomware groups, like Fog and Akira, have recently exploited …

Nearly half of the high school’s female students were victimized in AI based deepfake the images and videos. The students and the parents were shocked at the incident while knowing the fact. According to wgal, on November 8, Friday morning students of the school staged a walkout to protest of …

Telecom Namibia experienced a cyber incident that leaked customer data. The company is working with local and international cybersecurity experts to evaluate the situation. CEO Stanley Shanapinda stated that Telecom Namibia will responsibly address the issue and will provide a detailed statement soon. “As cyber incidents have become widespread and …