No vulnerabilities being exploited this month- Microsoft’s security update for February 2024. March’s Patch Tuesday is not as severe as previous months. It addresses 60 vulnerabilities, with only two labeled as “critical.” In comparison, last month had over 70 security vulnerabilities. January and December had even fewer vulnerabilities, particularly when compared …

The NSA released a list of ten recommended security strategies for cloud customers. The advisory, published on March 7, 2024, includes ten strategies for cloud security, identity and access management, data security practices, and network segmentation. CISA supported the NSA with six out of ten strategies for cybersecurity and infrastructure …

FortiGuard Labs found a threat using a harmful PDF to spread the CHAVECLOAK banking Trojan. The attack involves the PDF downloading a ZIP file and then using DLL side-loading to run the malware. CHAVECLOAK targets Brazilian users to steal financial information. Figure 1 shows the detailed flow of this cyber …

“Multiple cyberattacks targeted various French government agencies since Sunday night, according to the prime minister’s office.” The French agencies likely faced DDoS attacks, but no specific details were provided by the minister’s office. Experts from the government have stated that the attacks were not complicated. They mentioned that familiar technical …

Ransomware attacks increased in several important sectors in February 2024 despite a slow start to the year. In February, ransomware gangs increased the number of victims posted on their extortion sites. There were 310 victims, compared to 242 in the previous month and 229 in February 2023. In February, attacks …

Shared responsibilities must be ensured to save countries digital space safety speakers said this at “InfoSecCon-2024” held at Dhaka on 9 March, Saturday. The conference included topic based sessions and panel discussions on various topic where countries leading professionals were presents. S M Tofayel Ahmad, joint director, ICT, Bangladesh Bank …

Swiss authorities discovered 65,000 leaked government documents containing classified information and sensitive personal data. The leak occurred after a ransomware attack on an IT vendor last year. The National Cyber Security Centre (NCSC) of Switzerland recently released a report analyzing the data stolen during a cyber attack in May. The …

Apple released security updates to fix vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could use some of these vulnerabilities to take control of a system that is affected. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Safari 17.4  …

The NSA and CISA have released five bulletins on securing a cloud environment. Cloud services are very popular for businesses because they offer managed servers, storage, and applications without the need to manage their own infrastructure. Many enterprise application developers now offer both on-premise and cloud-hosted versions of their services. …