Microsoft has released updates for 49 security vulnerabilities in its Patch Tuesday update for June. One of the fixes addresses a critical bug in Microsoft Message Queuing (MSMQ) technology that could allow remote code execution (RCE) and server takeover. The number of bugs in each vulnerability category is listed below: …
Read More »Hackers breached 20,000 FortiGate systems worldwide: MIVD
The Dutch military security service MIVD recently revealed that a cyber espionage campaign, which was initially mentioned in February, managed to gain access to around 20,000 Fortigate-secured systems between 2022 and 2023. It is now believed that this campaign “appears to be much more extensive than previously known”. The Nationaal Cyber Security …
Read More »Riskiest Connected Devices in 2024: Forescout Report
By 2028, there will be over 25 billion Internet of Things (IoT) devices. Attackers are increasingly targeting various devices, operating systems, and firmware to gain access. Forescout Technologies, a cybersecurity leader, has released a report called “The Riskiest Connected Devices in 2024.” The report is based on data from 19 million …
Read More »Ransomware tracker: The latest statistics (June 2024)
Ransomware groups claimed the highest number of attacks in May, but experts believe the claims might be exaggerated. Last month, ransomware gangs posted 450 victims to their extortion sites, which is an increase compared to the 328 victims in April. The highest number of attacks ever recorded was 484, posted …
Read More »Singapore-Based Absolute Telecom Allegedly Hit by Cyberattack
GhostR hacker claimed to hack Absolute Telecom PTE Ltd, a Singapore-based telecom company and stole 34 gigabytes of data including corporate information, accounting records, sales data, customer details, credit card information, and call records. In a post the bad actor claimed they infiltrated and compromised the company’s server networks on …
Read More »Bangladeshi online marketplace faced massive data leak
Bangladeshi online market place Travela.xyz for homestays and experiences, suffered a major data breach on June 9, 2024. The leaked information, found on a dark web hacking forum, exposed the personal data of the company’s hosts. The leaked data, which includes user information such as Host ID, First Name, Last …
Read More »SSRF Vulnerability Patched in Bitdefender GravityZone Console On-Premise
Bitdefender fixed a serious vulnerability (CVE-2024-4177, CVSS 8.1) in its GravityZone Console On-Premise product. This flaw, found by security researcher Nicolas Verdier (n1nj4sec), could enable attackers to carry out server-side request forgery (SSRF) attacks, possibly resulting in unauthorized access and data breaches. GravityZone Console is a security management platform by …
Read More »New York Times source code compromised using exposed GitHub token
The New York Times’ internal source code and data were leaked on the 4chan message board. The new work times confirmed to Bleeping Computer that they were stolen from the company’s GitHub repositories in January 2024. An anonymous user leaked internal data on Thursday. They posted a torrent containing a …
Read More »Bangladeshi “SuSastho.AI” for clinically validated answers
In Bangladesh, adolescent sexual and reproductive health, rights, and mental health (SRMH) issues are some of the major challenges due to societal taboos & stigma. To address these challenges, CMED Health has developed a Generative Artificial Intelligence (AI) engine called “SuSastho.AI” to make healthcare accessible at one’s fingertips. CMED Health …
Read More »Hacker offers 900GB of stolen data from Thai Telecom Firm
The cybercriminal “kiberphant0m” offer to sell an Asian telecom company data over 900GB on the underground forum called ‘xssforums’. The hacker offer to sell full root access and other administrative login credentials. Cloudsek reported, “The breach reportedly involves a telecom provider based in Thailand, marking the third successful attack by …
Read More »