Apache Software Foundation released Apache HTTP Server version 2.4.61 to fix a serious source code disclosure vulnerability (CVE-2024-39884). This flaw could expose sensitive server information to malicious actors. The CVE-2024-39884 vulnerability is caused by a problem in how old content-type configurations are managed. The “AddType” directive and similar settings, when …

Microsoft’s cybersecurity team found two major vulnerabilities in Rockwell Automation’s PanelView Plus, a widely used human-machine interface in industrial settings. There are two vulnerabilities, CVE-2023-2071 and CVE-2023-29464, that can be used by attackers without authentication. They can use these vulnerabilities for remote code execution (RCE) and denial-of-service (DoS) attacks. The …

Cybersecurity experts found 28 new types of ransomware in June. These malicious programs are a big threat to individuals and businesses. Cybercriminals are improving their tactics with each new variant, making it harder to detect and stop them. Ransomware encrypts important data, making it impossible for users to access. Afterward, …

ISACA Dhaka Chapter election is going to be held on Saturday (6 July) 2024. This year 23 candidates will fight each other for 13 posts. Dr. Ijazul Haque and Mohammed Iqbal Hossain will fight each other for the post of president on the other hand S M Mizanur Rahman and …

Google launched a new bug bounty program called kvmCTF to enhance the security of its Kernel-based Virtual Machine (KVM) hypervisor. This program offers up to $250,000 as a reward to security researchers who successfully achieve a full virtual machine (VM) escape exploit. KVM, an open-source hypervisor, is important in consumer …

The Brain Cipher ransomware group to release the decryption keys for Indonesia Terkoneksi on Wednesday. They said their attack aims to highlight the need for funding the industry and hiring skilled experts. They clarified that the attack is not politically motivated, but rather a penetration test that requires payment afterwards. …

“A critical vulnerability has been identified in the Google Authentication mechanism of the application. By manipulating the ID and email parameters in the authentication request, an attacker can obtain an access token for any user. This allows the attacker to take over any account without any user interaction, leading to …

The Apache Software Foundation has found multiple security issues in the widely used Apache HTTP Server. These vulnerabilities could lead to denial-of-service attacks, remote code execution, and unauthorized access, putting many websites at risk of cyberattacks. CVE-2024-36387 to CVE-2024-39573 are vulnerabilities in Apache HTTP Server’s components like mod_proxy, mod_rewrite, and …

An executive from National Australia Bank reveals that the four major banks in the country face continuous attacks, as threat actors launch numerous attacks every minute, around the clock. According to Chris Sheehan, National Australia Bank’s executive for group investigations, all banks are constantly being targeted by attacks. The purpose …

There is a security flaw (CVE-2024-20399) in Cisco NX-OS Software that lets an attacker with local access execute commands as root on the affected device. The vulnerability is caused by not properly checking the arguments used in certain configuration CLI commands. An attacker can take advantage of this vulnerability by …