The Cybersecurity and Infrastructure Security Agency (CISA) published a 447-page document of regulations according to the Cyber Incident Reporting for Critical Infrastructure Act in the Federal Register for public comment. The law passed in 2022 aims to enhance the government’s capability to monitor incidents and ransomware payments. Homeland Security Secretary …
Read More »
A ransomware group is threatening to publish a huge cache of stolen data following a cyber attack on a Scottish health board. The group called INC Ransom claims to have three terabytes of data. NHS Dumfries and Galloway is aware that clinical data relating to a small number of patients …
Read More »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) included a Microsoft SharePoint Server vulnerability in its list of known exploited vulnerabilities due to signs of active use by attackers. CVE-2023-24955 is a critical flaw that lets a user with Site Owner access run any code they choose. “In a network-based …
Read More »
A new spying campaign has been discovered that targets Indian government agencies and the energy sector, using a modified open-source tool called HackBrowserData to steal browser credentials, cookies, and history. Researchers from EclecticIQ, a Dutch cybersecurity firm, found a hacking campaign in early March. They didn’t identify the hackers but …
Read More »
Some of notable happening the cyber world: St. Cloud, Florida, experienced a ransomware attack that disrupted city services and required changes in how payments are made at some city facilities. Russian hackers Cozy Bear used fake dinner invites to attack German political parties, installing the WINELOADER backdoor. A supply-chain attack …
Read More »
CISA published four advisories on March 26, 2024, about security problems, vulnerabilities, and exploits in Industrial Control Systems (ICS). ICSA-24-086-01 Automation-Direct C-MORE EA9 HMI ICSA-24-086-02 Rockwell Automation PowerFlex 527 ICSA-24-086-03 Rockwell Automation Arena Simulation ICSA-24-086-04 Rockwell Automation FactoryTalk View ME CISA encourages users and administrators to review the newly released …
Read More »
An experimental national roaming service has been launched for the first time in the country to reduce network disruptions for Teletalk customers. As a result, Teletalk will use Banglalink’s network. State Minister for Posts, Telecommunications and Information Technology Zunayd Ahmed Palak inaugurated this service organized at BCC on the occasion …
Read More »
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint alert about making software secure by eliminating SQL injection vulnerabilities. This was in response to a recent major incident involving SQL injection that affected thousands of organizations and emphasizes how common this type of security flaw is. …
Read More »
The Checkmarx Research team found out that hackers attacked the software supply chain and managed to breach the Top.gg GitHub organization, which has over 170,000 users, and also targeted individual developers. These hackers took over accounts by stealing browser cookies, added bad code with verified commits, created a fake Python …
Read More »
Many users around the world are experiencing issues with OpenAI’s ChatGPT, such as not being able to log in, missing chat histories, and chat screens that won’t load correctly. Sometimes when you open ChatGPT, you might get a blank screen that just says “How can I help you today?” without …
Read More »
InfoSecBulletin Cybersecurity for mankind
