Monday , December 23 2024

infosecbulletin

India’s central bank fines Visa for unauthorised payment transfer

visa

The Reserve Bank of India fined Visa 24.1 million rupees (nearly $288,000) for using an unauthorized payment transfer system. The central bank made this announcement on Friday (July 26). “It was discovered that the entity (Visa) had implemented a payment authentication solution without regulatory clearance from the RBI,” the central …

Read More »

New DNS Vulnerability “TuDoor” Threatens Internet Security

diagram

A new critical vulnerability in the Domain Name System (DNS) has been found. This vulnerability allows a specialized attack called “TuDoor” that can poison DNS caches, cause denial-of-service (DoS) attacks, and deplete resources, posing a significant threat to internet security. Specialists have conducted experiments that confirm the feasibility of the …

Read More »

Acronis Urged Users to Patch Vulnerability

key

A serious vulnerability, CVE-2023-45249 (CVSS 9.8), has been found in Acronis Cyber Infrastructure (ACI), a widely used software-defined infrastructure solution for cyber protection. The vulnerability is due to the use of default passwords, which could enable remote attackers to run any commands on affected systems, potentially leading to a complete …

Read More »

CISA Unveils advisories for Two Industrial Control Systems

CISA

CISA released two advisories about security issues for Industrial Control Systems (ICS) on July 25, 2024. These advisories offer important information about current vulnerabilities and exploits for ICS. ICSA-24-207-01 Siemens SICAM Products: Successful exploitation of these vulnerabilities could allow an attacker to perform an unauthorized password reset which could lead …

Read More »