Cybercriminals are using Telegram to advertise a new phishing kit called ‘V3B’. This kit is currently aimed at customers of 54 big financial institutions in Ireland, the Netherlands, Finland, Austria, Germany, France, Belgium, Greece, Luxembourg, and Italy.   The phishing kit costs between $130 and $450 per month. It includes …

Zyxel has released patches addressing command injection and remote code execution vulnerabilities in two NAS products that have reached end-of-vulnerability-support. Users are advised to install them for optimal protection. Three out of five vulnerabilities could allow an unauthorized attacker to run operating system commands and arbitrary code on affected installations. …

With over 211,000 followers, the official Microsoft India account on Twitter was hijacked by cryptocurrency scammers impersonating Roaring Kitty. This account has a gold check mark as an officially verified organization. The threat actors take advantage of Gill’s recent comeback to lure potential victims and infect them with cryptocurrency wallet …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog. CVE-2017-3506 is an operating system (OS) command injection vulnerability which could be exploited to obtain unauthorized access as well as the full control. “Oracle WebLogic Server, a product within the …

On April 30th, the White House released National Security Memorandum-22 (NSM) on Critical Infrastructure Security and Resilience to update national policy on protecting and securing critical infrastructure from cyber and all-hazard threats. The memorandum recognizes the changed risk landscape and aims to collaborate with partners to identify and reduce sector, …

Kaspersky has launched a new virus removal tool called KVRT for Linux, which allows users to scan and remove malware and known threats for free. Linux systems are often thought to be secure, but a security firm has shown that this is not always the case. They have discovered several …

Over 600,000 small office/home office (SOHO) routers were disabled in a cyber attack, cutting off users’ internet access. Security analysts at Lumen Technologies’ Black Lotus Labs discovered and reported on an attack in a recent blog post. There was a mysterious event in the U.S. that happened from October 25 …

Digital banking has played a pivotal role in expanding financial access for millions in Bangladesh, showcasing technology’s capacity to uplift lives and create opportunities. The nation’s high mobile penetration rate and the widespread adoption of Mobile Financial Services (MFS) like bKash and Nagad have empowered millions, especially in rural areas, …

NGINX team released important updates for their web server software and is advising users to upgrade as soon as possible. The updates fix four important vulnerabilities in the HTTP/3 implementation, especially affecting configurations using the “ngx_http_v3_module.” CVE-2024-32760: A vulnerability in NGINX Plus or NGINX OSS causes HTTP/3 QUIC module to …

On May 30, 2024, CISA published seven advisories about Industrial Control Systems (ICS). These advisories share important information regarding security issues, vulnerabilities, and exploits related to ICS. ICSA-24-151-01 LenelS2 NetBox ICSA-24-151-02 Fuji Electric Monitouch V-SFT ICSA-24-151-03 Inosoft VisiWin ICSA-24-151-04 Westermo EDW-100 ICSA-22-356-03 Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC …