CISA released 15 advisories about Industrial Control Systems (ICS) on March 14, 2024. The advisories include important information about security issues, vulnerabilities, and exploits related to ICS. ICSA-24-074-01 Siemens SENTRON 7KM PAC3x20 ICSA-24-074-02 Siemens Solid Edge ICSA-24-074-03 Siemens SINEMA Remote Connect Server ICSA-24-074-04 Siemens SINEMA Remote Connect Client ICSA-24-074-05 Siemens …

The International Monetary Fund (IMF) recently experienced a cyber incident, which was detected on February 16, 2024. After further investigation with help from cybersecurity experts, the breach was identified, and steps were taken to fix it. The investigation found that 11 IMF email accounts were hacked. The affected accounts have …

The SonicWall Capture Labs threat research team recently observed a new variant of StopCrypt ransomware. The ransomware executes its malicious activities by utilizing multi-stage shellcodes before launching a final payload that contains the file encryption code. StopCrypt, also known as STOP Djvu, is a widely spread ransomware, as reported by …

Cybersecurity attacks are always changing, and it’s important to detect them quickly. To keep up with hackers, Google Safe Browsing now offers real-time URL protection for Chrome users on desktop or iOS. Additionally, Chrome for iOS has new password protections to help you navigate the web securely. Real-time protection through …

The Federal Communications Commission voted to start a program for labeling wireless consumer Internet of Things products with strong cybersecurity. This means that products meeting these standards will have a “U.S Cyber Trust Mark” label, helping consumers make better choices and encouraging manufacturers to improve cybersecurity. The Commission has adopted …

According to Prothom Alo’s report, the fourth generation Padma Bank is going to merge with the private Exim Bank of Islamic style. This decision was taken unanimously in the Exim Bank Board of Directors meeting on Thursday (March 14). A director of Exim Bank confirmed this information to Prothom Alo …

FortiGuard Labs found a phishing campaign that tricks users into downloading a malicious Java downloader to spread new VCURMS and STRRAT remote access trojans. The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub to avoid detection. They used email as its command and control throughout …

No vulnerabilities being exploited this month- Microsoft’s security update for February 2024. March’s Patch Tuesday is not as severe as previous months. It addresses 60 vulnerabilities, with only two labeled as “critical.” In comparison, last month had over 70 security vulnerabilities. January and December had even fewer vulnerabilities, particularly when compared …

The NSA released a list of ten recommended security strategies for cloud customers. The advisory, published on March 7, 2024, includes ten strategies for cloud security, identity and access management, data security practices, and network segmentation. CISA supported the NSA with six out of ten strategies for cybersecurity and infrastructure …

FortiGuard Labs found a threat using a harmful PDF to spread the CHAVECLOAK banking Trojan. The attack involves the PDF downloading a ZIP file and then using DLL side-loading to run the malware. CHAVECLOAK targets Brazilian users to steal financial information. Figure 1 shows the detailed flow of this cyber …