IBM revealed several critical vulnerabilities in its Security Verify Access Appliance, which could pose serious security risks to users identified as (CVE-2024-49803, CVE-2024-49804, CVE-2024-49805, CVE-2024-49806). These vulnerabilities affect versions 10.0.0 – 10.0.8 IF1. CVE-2024-49803 is a critical vulnerability with a CVSS score of 9.8. IBM cybersecurity researchers found that this …
Read More »
Cybersecurity researchers are alerting users about phishing email campaigns using a toolkit called “Rockstar 2FA” to steal Microsoft 365 account credentials. These campaigns use advanced techniques to create fake landing pages resembling real Microsoft 365 login pages. Their main goal is to steal user credentials, targeting Microsoft accounts. This campaign …
Read More »
A workshop on “DDoS use cases & solutions for government & BFSI” held at Bangladesh computer society premises on Saturday (30.11.24) where about 100 participants attended. Bangladesh computer society is regarded as the leading professional and learned society in the field of computers and information systems in Bangladesh. BCS said, it …
Read More »
Uganda’s finance ministry confirmed media reports that hackers breached the central bank’s systems and stole money, but refuted the claims to steal the money as much as $17 million. Uganda’s Minister of State for Finance, Henry Musasizi, addressed media reports alleging that a Southeast Asian hacker group hacked the Bank …
Read More »
CERT Germany and Zyxel have alerted about a serious vulnerability in Zyxel firewalls, identified as CVE-2024-11667. This flaw is being exploited to spread Helldown ransomware, with reports of at least five affected organizations in Germany. CVE-2024-11667 is a directory traversal vulnerability in Zyxel’s ZLD firmware versions 5.00 to 5.38. Exploiting …
Read More »
Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so on. Its our daily security digest to cover the latest happenings in the world. Spend a bit time to read out todays update: Hackers steal millions of dollars from Alabama …
Read More »
CERT-In has flagged a security vulnerability in Oracle’s Agile Product Lifecycle Management (PLM) software, identified as CVE-2024-21287 and cataloged as CIVN-2024-0350. This high-risk threat was detected on November 26, 2024. CVE-2024-21287 affects Oracle Agile PLM Framework version 9.3.6, which is commonly used by organizations for managing product lifecycles and enhancing …
Read More »
On November 26th, Microsoft patched four vulnerabilities detected in Dynamics 365 Sales, the Partner.Microsoft.Com portal, Microsoft Copilot Studio and Azure PolicyWatch. Microsoft Copilot Studio, a platform for developers to create AI agents and speed up coding with automation, had a critical vulnerability rated 9.3 out of 10 (CVE-2024-49038). Microsoft has …
Read More »
SL Data Services/Propertyrec, an information research provider exposes a non-password-protected database containing more than 600K records according to the security researcher Jeremiah Fowler. The dataset contains over 713 GB records including vehicle records, property ownership reports and court records. Jeremiah Fowler said, around 95% of the limited sample of documents …
Read More »
Cloudflare suffered an incident roughly 3.5 hours On November 14, 2024 impacting the majority of customers using Cloudflare Logs. Cloudflare lost about 55% of the logs normally send to customers were not sent and were lost on that incident. Log services are crucial for network operations, helping businesses analyze traffic, …
Read More »
InfoSecBulletin Cybersecurity for mankind
