Researchers found multiple vulnerabilities in various applications and system components on Xiaomi devices. “The vulnerabilities in Xiaomi led to access to arbitrary activities, receivers and services with system privileges, theft of arbitrary files with system privileges, [and] disclosure of phone, settings and Xiaomi account data,” The Hacker News report reads. …

New information about the Lockbit ransomware gang might be coming soon. The gang’s old dark web leak site was taken down by law enforcement in February, but it has now reappeared, hinting at the release of new information in a few days. Several parts of the site were updated on …

The GAO reviewed NASA’s cybersecurity practices and found that there is a need to update spacecraft acquisition policies and standards. They specifically focused on assessing the cybersecurity requirements in NASA contracts for spacecraft projects. The GAO report reviewed NASA’s spacecraft cybersecurity policies and standards. They looked at three different spacecraft …

Moshiul Islam Mishu, Founder & CEO of Enterprise Infosec Consultants (EIC), has been accepted into the Forbes Technology Council, the foremost growth and networking organization for successful Technology Professionals and Leaders worldwide. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs, and technology executives. He is a vetted …

Friday (03.05.2024) the ministry of foreign affairs of the Czech republic issued a press release highlighting the cyberattack carried by Russian actor apt28 on Czechia. The press release reads, “Czechia jointly with Germany, the European Union, NATO and international partners strongly condemns activities of the Russian state-controlled actor APT28, who …

While surfing the internet for the regular activities, suddenly found a domain named (bcsi.gov.bd), “Bangladesh cyber security intelligence” (BCSI) in elaborating form. Curious mind wants to know the fact, so deep dive the domain and found a Facebook page also. According to the website, “Bangladesh cyber security intelligence” (BCSI) to …

The rapid pace of technological transformation presents both extraordinary opportunities and significant risks. Gartner’s authoritative insights into the cybersecurity trends of 2024 underscore the need for organizations to evolve their defensive strategies alongside their digital ambitions. Yesterday, viruses delivered via floppy disks were our primary concern; today, the attack surface …

CISA released three advisories about Industrial Control Systems (ICS) on April 30, 2024. These advisories give current security information, vulnerabilities, and exploits related to ICS. ICSA-24-121-01 Delta Electronics CNCSoft-G2 DOPSoft:  Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. ICSA-24-016-01 SEW-EURODRIVE MOVITOOLS MotionStudio (Update A): Successful …

The U.S. federal agency CISA has included CVE-2023-7028 in its Known Exploited Vulnerabilities Catalog. This means that the vulnerability is currently being targeted by attackers. CISA has instructed federal agencies to protect their systems by May 22, giving them a deadline of three weeks. The U.S. cybersecurity agency hasn’t shared …

Microsoft security experts recently conducted an exploration on how to effectively use Azure Logs to identify and counteract threat actions. Azure’s defense mechanism relies on effectively understanding and using logs to hunt for threats. Microsoft focuses on integrating best practices for log management, analysis, and incident response to stay proactive …