Tuesday , December 24 2024

infosecbulletin

CISA Releases Two Industrial Control Systems Advisories

CISA

CISA released two advisories on April 4, 2024 about security issues, vulnerabilities, and exploits for Industrial Control Systems (ICS). ICSA-24-095-01 Hitachi Energy Asset Suite 9 ICSA-24-095-02 Schweitzer Engineering Laboratories SEL CISA recommends reviewing the newly issued ICS advisory for more information and ways to address the issue.    

Read More »

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

http/2

The HTTP/2 protocol has a vulnerability in the CONTINUATION frame that allows for denial-of-service (DoS) attacks. Security researcher Bartek Nowotarski named this technique HTTP/2 CONTINUATION Flood and reported it to the CERT Coordination Center (CERT/CC) on January 25, 2024. “Many HTTP/2 implementations do not properly limit or sanitize the amount …

Read More »

CYBERSECURITY AND DATA PROTECTION
Serious security breach hits EU police agency

Europol

They were supposed to be under lock and key, in a secure storage room deep inside Europol’s headquarters in The Hague. But a clutch of highly sensitive files containing the personal information of top law enforcement executives went missing last summer. Europe’s law enforcement agency has been mired in a …

Read More »

BANKING, MALWARE, FINANCIAL SERVICES, RAT, JS
JSOUTPROX ATTACK FINANCIAL INSTITUTIONS IN APAC

Rat

A new version of JSOutProx has been detected by Resecurity. This version is targeting financial services and organizations in the APAC and MENA regions. JSOutProx is a sophisticated attack framework that uses both JavaScript and .NET to carry out its attacks. The malware allows for the loading of various plugins …

Read More »

Expert opinion about the BTCL .bd domain issue

btcl

Executive member of Asia Pacific Network Information Centre (APNIC) and One of key person of Internet initiative of japan (IIJ)  Yoshinobu Matsuzaki said, “.bd has 4 nameservers. 3 of them, dns.bd, surma.btcl.net.bd and jamuna.btcl.net.bd are answering SERVFAIL to any .bd queries. But they are answering some functional queries like id.server …

Read More »