TheTeamPhoenix, a non-profit organization, successfully hosted Phoenix Summit 2024, the largest cyber security event in Bangladesh, from May 23-24. This summit aimed to inspire and empower both novices and seasoned enthusiasts, professionals in the field of cyber security and technology. Phoenix Summit 2024 was more than just a conference; it …

CISA warns Apache Flink users about a critical vulnerability. Cybercriminals are exploiting this flaw to compromise systems. Apache Flink is a widely used open-source platform for processing large datasets in real-time analytics, machine learning, and data-intensive applications. Its capability to handle both bounded and unbounded data streams makes it a …

Cisco, a global network solutions leader, has reported a security issue with its Firepower Management Center (FMC) software. This vulnerability, known as CVE-2024-20360, has a CVSS score of 8.8, indicating a high severity level and a risk of widespread exploitation. The vulnerability comes from not checking the input correctly in …

Ivanti on Tuesday declare to patch for several products, including fixes for critical vulnerabilities in Endpoint Manager (EPM). Ivanti resolved six out of the ten security defects resolved in EPM are critical-severity SQL Injection bugs. Tracked as CVE-2024-29822 through CVE-2024-29827, the bugs impact the Core server of Ivanti EPM 2022 …

Companies in Germany are facing a new wave of cyberattacks. The State Criminal Police Office of North Rhine-Westphalia has issued a warning. Cybercriminals are targeting Microsoft 365, particularly email and document management, as a way to launch their attacks. “Unknown perpetrators take over email accounts and then send messages on …

SentinelOne researchers found that the Ikaruz Red Team is targeting the Philippines government using different ransomware builders like LockBit, Vice Society, Clop, and AlphV to carry out “small-scale” attacks. They are also sharing data leaks from various organizations in the Philippines. Ikaruz Red Team (IRT) has been targeting entities in …

The US cybersecurity agency, CISA, added a flaw in NextGen Healthcare’s Mirth Connect product to its catalog of Known Exploited Vulnerabilities (KEV). A vulnerability in the open source product, known as CVE-2023-43208, allows remote code execution without authentication due to a data deserialization problem. A patch was rolled out with …

Bangabandhugrandmaster.com, a website dedicated to Bangabandhu Sheikh Mujibur Rahman’s ideas and life, has suffered a major data breach. The breach happened on May 20, 2024, when a significant amount of user data was exposed. The Bangabandhugrandmaster.com data breach revealed an SQL file with detailed information about 94,000 users. The exposed …

Fluent Bit, a widely used logging utility, has a critical vulnerability. This vulnerability can lead to denial-of-service attacks, information disclosure, and potentially remote code execution (RCE). Tenable, a cybersecurity firm, discovered this vulnerability. Fluent Bit is an open source tool that collects and processes large amounts of log data from …

Hackers target Bangladeshi many WordPress based e-commerce sites for their illegal activities. Getting access they are now offer to sell the taken access on the dark web. But, the alarming issue is that on those post not any specific site name has been mentioned. So, this is really difficult to …