Tuesday , April 1 2025

infosecbulletin

Cyberattack Disrupts Israel’s Gas and Payment Systems

payment

A cyberattack on an Israeli clearing company on Sunday left some people unable to use their credit cards for shopping for several hours. According to Times of Israel, The incident occurred less than two weeks after a similar attack briefly disrupted another credit services company. In Sunday’s incident, a DDoS …

Read More »

Russia blocks thousands websites using Cloudflare’s privacy service

typist

Russia’s media censor, Roskomnadzor, has blocked thousands of local websites using Cloudflare’s encryption feature that enhances online privacy and security. Local media reports indicate that several websites were blocked overnight on October 6. These sites use Cloudflare’s Encrypted Client Hello (ECH) feature, which enhances user privacy by making it harder …

Read More »

Hacker to sale Indian Gov.t email credentials

flowchart

Advertisement for selling the credentials of allegedly belonging to Indian government emails surfaced on the dark web marketplace. A hacker on a private forum claims that purchasing access to these government email accounts can make anyone willing to pay a few thousand rupees “become” a government officer. The forum post …

Read More »

Cyberattacks increase 105% in third quarter of 2024 in Bangladesh

cyber attack

Bangladesh faced a 105% rise in cyber incidents from the second to the third quarter of 2024, making it one of the countries with the fastest increase in cyberattacks. It ranks second after Japan (108%) and is closely followed by France (130%), underscoring significant cybersecurity challenges. The “Quarterly Threat Intelligence …

Read More »

Developers alert: Malicious ‘fabrice’ Package Steals AWS Credentials

python

The Socket Research Team has discovered a malicious package named “fabrice,” pretending to be the legitimate fabric SSH automation library. Since its introduction on PyPI in 2021, fabrice has been stealing AWS credentials from users who mistakenly installed it. With over 37,000 downloads, this incident underscores ongoing risks of malware …

Read More »

CISA alerts active exploitation of Palo Alto networks vuln

paloalto

CISA has added a patched critical security flaw in Palo Alto Networks Expedition to its Known Exploited Vulnerabilities catalog due to signs of active exploitation. The vulnerability CVE-2024-5910 (CVSS score: 9.3) involves missing authentication in the Expedition migration tool, potentially allowing an admin account takeover. “Palo Alto Expedition contains a …

Read More »

Critical bug in Cisco UWRB access points to run commands as root

cisco

Cisco has fixed a critical vulnerability, CVE-2024-20418, that allowed unauthenticated remote attackers to gain root access on Ultra-Reliable Wireless Backhaul (URWB) access points used in industrial wireless automation. The vulnerability is found in the web management interface of Cisco Unified Industrial Wireless Software for URWB Access Points. The vulnerability lets …

Read More »

“ToxicPanda” banking trojan from Asia hit Europe and LATAM

Icon

In late October 2024, Cleafy’s Threat Intelligence team noticed a surge in a new Android malware known as TgToxic. However, deeper analysis showed that, despite some similarities to TgToxic commands, the code is quite different. Many typical TgToxic features are missing, and some commands are just placeholders. Consequently, the team …

Read More »

(CVE–2023-46747)
Hacker exploit Critical F5 BIG -IP Vulnerability in Bangladesh: CIRT report

F5

Cyber Threat Intelligence Unit of BGD e-GOV CIRT found evidence of compromise linked to the vulnerability in F5 BIG-IP systems used in Bangladesh’s IT infrastructure. Investigators discovered that attackers gained shell access to the system and tried to sell this unauthorized access on the dark web. On October 30, one …

Read More »

APT36 to attack Windows Systems Absuing Google Drive & Slack

rat

ElizaRAT is malware that mainly targets Windows systems and acts as a remote access tool (RAT), allowing attackers to access infected devices without permission. This malware is often distributed through phishing campaigns or malicious downloads. CheckPoint researchers found that APT36 (aka “Transparent Tribe”) is a Pakistan-based APT group, hackers are …

Read More »