A vulnerability has been discovered in Fortinet’s FortiOS SSL-VPN and FortiProxy SSL-VPN. The flaw is identified as FG-23-225 which allows attackers to spoof IP addresses and bypass security controls by sending specially crafted packets. According to the advisory published by Fortinet, An insufficient verification of data authenticity vulnerability [CWE-345] in …
Read More »
According to the Threatmon advanced threat monitoring platform, LockBit is in the top position in the category of top active group and in the list Qilin, Play are are the 2nd and third accordingly. Top Actives Groups – #LockBit 124 – #Qilin 16 – #Play 13 – #BlackSuit 10 – …
Read More »
On Tuesday (May 14), CISA released four Industrial Control Systems (ICS) advisories which provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-135-01 Rockwell Automation FactoryTalk Remote Access ICSA-24-135-02 SUBNET PowerSYSTEM Center ICSA-24-135-03 Johnson Controls Software House C-CURE 9000 ICSA-24-135-04 Mitsubishi Electric Multiple FA Engineering Software Products …
Read More »
Microsoft patched May 2024 Tuesday including updates for 61 flaws and three publicly disclosed zero days. This update fixed Microsoft SharePoint Server Remote Code Execution Vulnerability. Category wise vulnerabilities are listed below: 17 Elevation of Privilege Vulnerabilities 2 Security Feature Bypass Vulnerabilities 27 Remote Code Execution Vulnerabilities 7 Information Disclosure …
Read More »
On Tuesday (14.05.2024) Bangladesh Bank spokesperson Majbaul Haque said to media that the information published in the report is completely fake. Prior to that, an Indian media reported about the reserve theft from Bangladesh Bank. After the publication of the report a wide discussion started on the social media. Majbaul …
Read More »
The banking industry in Bangladesh is the core driver in economic development of the country. The focus on inclusion and the aim for sustainability have advanced the industry to grow with a faster pace and in a well- structured manner. The industry has undergone many changes on providing the services …
Read More »
Fortinet reported that in the second half of 2023, the average time form the disclosure of a vulnerability to its active exploitation in the wild decreased to just 4.76 days a 43% reduction compared to the 1st half of the year. Fortinet’s 2H Global landscape report indicate that hackers to …
Read More »
Indian government websites have been used by scammers to place ads that send visitors to online betting sites. TechCrunch found about 50 “gov.in” website links from Indian states like Bihar, Goa, Karnataka, Kerala, Mizoram, and Telangana that were sending visitors to online betting sites. Some of these websites belong to …
Read More »
Ransomware damage costs are predicted to exceed $265 billion by 2031, and it is expected to be the fastest growing type of cybercrime, affecting a business, consumer, or device every 2 seconds by that year, according to Cybersecurity Ventures. A report from Cybersecurity Ventures predicted that ransomware damages would increase …
Read More »
CISA, FBI, HHS, and MS-ISAC released a joint Cybersecurity Advisory called #StopRansomware: Black Basta. It provides tactics, techniques, procedures, and indicators of compromise used by Black Basta ransomware affiliates, identified through FBI investigations and third-party reporting. Black Basta is a type of ransomware called ransomware-as-a-service (RaaS). It was discovered in …
Read More »
InfoSecBulletin Cybersecurity for mankind
