Bangladesh Bank has published the “Guidelines on Licensing, Operation, and Regulation of Credit Bureau”. This policy is being created to comply with Article 82 of the Bangladesh Bank Order, 1972. It aims to incorporate modern technologies such as Artificial Intelligence and Machine Learning in credit risk assessment. This will …

A big data breach was found with a combolist containing 122GB of data containing 361 million unique email addresses taken from thousands of Telegram channels. The dataset contains passwords and websites linked to them. It reveals a lot of new data that has been added to the breach alert service …

Cybercriminals are using Telegram to advertise a new phishing kit called ‘V3B’. This kit is currently aimed at customers of 54 big financial institutions in Ireland, the Netherlands, Finland, Austria, Germany, France, Belgium, Greece, Luxembourg, and Italy.   The phishing kit costs between $130 and $450 per month. It includes …

Zyxel has released patches addressing command injection and remote code execution vulnerabilities in two NAS products that have reached end-of-vulnerability-support. Users are advised to install them for optimal protection. Three out of five vulnerabilities could allow an unauthorized attacker to run operating system commands and arbitrary code on affected installations. …

With over 211,000 followers, the official Microsoft India account on Twitter was hijacked by cryptocurrency scammers impersonating Roaring Kitty. This account has a gold check mark as an officially verified organization. The threat actors take advantage of Gill’s recent comeback to lure potential victims and infect them with cryptocurrency wallet …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog. CVE-2017-3506 is an operating system (OS) command injection vulnerability which could be exploited to obtain unauthorized access as well as the full control. “Oracle WebLogic Server, a product within the …

On April 30th, the White House released National Security Memorandum-22 (NSM) on Critical Infrastructure Security and Resilience to update national policy on protecting and securing critical infrastructure from cyber and all-hazard threats. The memorandum recognizes the changed risk landscape and aims to collaborate with partners to identify and reduce sector, …

Kaspersky has launched a new virus removal tool called KVRT for Linux, which allows users to scan and remove malware and known threats for free. Linux systems are often thought to be secure, but a security firm has shown that this is not always the case. They have discovered several …

Over 600,000 small office/home office (SOHO) routers were disabled in a cyber attack, cutting off users’ internet access. Security analysts at Lumen Technologies’ Black Lotus Labs discovered and reported on an attack in a recent blog post. There was a mysterious event in the U.S. that happened from October 25 …