The United States cyber defense agency is creating a new framework to answer a critical question in cybersecurity: How can the trustworthiness of open-source security projects be accurately measured and transparently communicated? The Cybersecurity and Infrastructure Security Agency is working on the second phase of its open-source software security road …
Read More »A Hacker Stole OpenAI Secrets: New York Times
In early 2021, a hacker infiltrated OpenAI’s internal messaging systems and obtained information about the design of the company’s AI technologies. The hacker stole information from an online forum where OpenAI employees discussed their latest technologies. However, the hacker was unable to access the systems where the company stores and …
Read More »BDSec CTF 2024! registration starts
So, get Ready for BDSec CTF 2024! Knight squad call you to mark your calendar for 20 July 2024 at 09:00 PM (Bangladesh Time). This is your chance to showcase your cybersecurity skills and compete with the best minds from around the world. 🌐 Register Now: bdsec-ctf.com 🕒 Date: 20 …
Read More »
CVE-2024-6387
Cisco Confirms OpenSSH regreSSHion Flaw in Multiple Products
Cisco warned about a serious security issue called “regreSSHion” (CVE-2024-6387) that affects the OpenSSH server in some Cisco products and cloud services. This could let unauthorized attackers run their own code on affected systems, possibly taking full control of the system. The following table lists Cisco products that are affected …
Read More »Threat Actors Exploit Microsoft SmartScreen Vulnerability: Cyble
Cyble Analyzes An Active Campaign Exploiting A Microsoft SmartScreen Vulnerability To Deliver Stealers Via Spam Emails. Key findings: * Cyble Research and Intelligence Labs (CRIL) recently came across an active campaign exploiting the Microsoft SmartScreen vulnerability (CVE-2024-21412). * The ongoing campaign targets multiple regions, including Spain, the US, and Australia. …
Read More »RockYou2024: Massive 10-Billion Password Leak
A huge collection of passwords, containing almost ten billion unique passwords, was leaked on a popular hacking forum. The Cybernews research team warns that this leak could seriously endanger users who tend to reuse. Cybernews researchers found the biggest password collection with 9,948,575,739 unique passwords. It was posted as a …
Read More »ISPC first get together held with a festive look
First get together of information security professionals community (ISPC) was held at Dhaka with a festive look with the participation of 70+ professionals from different organizations at Dhaka. At get together, the attendees discussed how can ISPC be well structured for the professionals. Someone proposed to form ISPC a professional …
Read More »
ISACA Dhaka chapter election
Iqbal hossain president, Azad secretary for ISACA Dhaka chapter
Mohammed Iqbal Hossain has been elected as the president of ISACA Dhaka chapter and Md. Abul Kalam Azad has been reelected as secretary. Saturday (6 July) from 4 pm to 6.30 pm, 150+ member cast their vote to elect their candidates for ISACA Dhaka chapter. This year 23 candidates fight …
Read More »Emerging Eldorado ransomware focuses on Windows, VMware ESXi VMs
A new ransomware named Eldorado appeared in March and has locker versions for VMware ESXi and Windows. The gang has claimed 16 victims, mostly in the U.S., in various sectors including real estate, education, healthcare, and manufacturing. Researchers from Group-IB observed the activity of Eldorado. They found that the operators …
Read More »OVHcloud faces record 840 million DDoS Attack Using MikroTik Routers
French cloud computing firm OVHcloud recently handled the largest DDoS attack in terms of packet rate. This attack occurred during a period of increasing intensity in DDoS attacks. According to the cloud provider, packet rate DDoS attacks are very effective because they are harder to stop than attacks with fewer, …
Read More »