A CTF contest is going to be organized at Bangladesh Computer Society (BCS). The registration process is automatically started for the contest. The contest will be on cryptography, reverse engineering, forensics, web, binary exploitation, PWN, OSINT, Networking and steganography. Contest module: • 24 hours training ( 3 days) • Every Saturday …
Read More »NIST unveils new password guidelines 2024: 11 rules to follow
The National Institute of Standards and Technology (NIST) has issued new guidelines for password security, representing a major change from standard practices. These new recommendations, outlined in NIST Special Publication 800-63B, aim to enhance cybersecurity while improving user experience. NIST has changed its approach to password complexity. Instead of requiring …
Read More »Meta fined $101 million for storing passwords in plaintext
Meta was fined over $100 million by the EU privacy regulator on Friday due to a security issue with Facebook users’ passwords. The Irish Data Protection Commission fined the U.S. tech company 91 million euros ($101.6 million) after an investigation. The watchdog opened an investigation in 2019 after Meta reported …
Read More »Microsoft warns Storm-0501 targets hybrid cloud environments
Microsoft cybersecurity researchers found that the “Storm-0501” ransomware group is targeting hybrid cloud environments. Storm-0501 Attacking Cloud Environments: Storm-0501 is a ‘financially motivated’ threat group that has launched a sophisticated ‘multi-stage attack’ targeting “hybrid cloud environments” across various ‘U.S. sectors’ and ‘critical infrastructure.’ The group exploited vulnerabilities in Zoho ManageEngine, …
Read More »RCE flaw impacts all GNU/Linux System: Details Revealed
Simone Margaritelli has discovered a serious remote code execution (RCE) vulnerability in the Common Unix Printing System (CUPS), impacting all GNU/Linux systems. Simone Margaritelli has revealed technical details about the unauthenticated RCE flaw affecting all GNU/Linux systems, which he previously reported. The flaw, comprising four CVEs (CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177), …
Read More »Octo2: European Banks Already Under Attack by New Malware varient
Cybersecurity researchers at ThreatFabric have identified a new and more dangerous variant of the Octo banking malware, called “Octo2.” This evolved version of ExobotCompact is already targeting European financial institutions, with attacks reported in Italy, Poland, Moldova, and Hungary. Octo2 features improved remote access and advanced anti-detection methods, making it …
Read More »CISA Releases Guideline mitigating Active Directory compromise
To improve cybersecurity, the Cybersecurity and Infrastructure Security Agency (CISA) has partnered with international agencies to release a guide on detecting and addressing Active Directory compromises. This guidance, from the ASD, NSA, CCCS, NCSC-NZ, and NCSC-UK, informs organizations about common techniques used by cybercriminals to target Microsoft Active Directory. Active …
Read More »G7 cyber group warns to prep for quantum computing risks
An intergovernmental group urged the financial sector on Wednesday to prepare for potential threats from advancements in quantum computing. The G7 Cyber Expert Group, led by the U.S. Department of Treasury and the Bank of England, advised G7 finance ministers and central bank governors to evaluate the risks of quantum …
Read More »
Cloudflare report
India linked hacker to target Bangladeshi Gov.t and law agency
A threat actor likely operating out of India is relying on various cloud services to conduct cyberattacks against energy, defense, government, telecommunications, and technology entities of Bangladesh, Cloudflare reports. Tracked as SloppyLemming, this group is linked to Outrider Tiger, a threat actor associated with India, previously Crowdstrike said, that uses …
Read More »India launches first Al-powered network solution for spam detection
India’s Bharti Airtel has launched India’s first AI-powered solution that detects spam calls and messages, alerting customers in real-time. The free service automatically activates for all users, detecting millions of spam messages daily to improve customer security. Airtel announces a free tool that will automatically alert customers in real-time about …
Read More »