Bangladesh Road Transport and Highways Division (RTHD) experienced a data breach recently. An attacker, who goes by the alias “frog,” successfully accessed the SQL data of RTHD’s Road and Road Training Department. The breach was discovered earlier this week and is being analyzed by the expert team at Bangladesh Cyber …

CISA added three new vulnerabilities to its KEV catalog of actively exploited vulnerabilities. CVE-2024-4879 ServiceNow Improper Input Validation Vulnerability: ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the …

State Minister for Posts, Telecommunications and Information Technology Zunayed Ahmed Palak said that 8 websites were attacked over 50,000 times in 10 days. He shared this at a press conference after a meeting on cyber security at the ICT Tower in Agargaon, Dhaka, on Tuesday (July 30). There is a …

Microsoft’s threat intelligence team has reported that ransomware groups are exploiting a critical vulnerability in VMware’s ESXi hypervisors. This allows them to gain full administrative access to systems that are joined to a domain. The flaw labeled CVE-2024-37085 with a severity score of 6.8 has been used by ransomware groups …

Several fiber optic networks in France were sabotaged shortly after arson attacks disrupted high-speed train services during the Olympics opening ceremony. Cables for telecom operators in six areas of France were intentionally cut earlier today, according to the police. French authorities arrested an activist from an ultra-left-wing movement at an …

A scam campaign linked to an unknown threat actor is using an email routing misconfiguration in Proofpoint’s defenses to send millions of fake emails pretending to be from companies like Best Buy, IBM, Nike, and Walt Disney. Guardio Labs named the campaign EchoSpoofing. It started in January 2024. The threat …

VPN usage in Bangladesh has surged due to violent protests and government-imposed internet restrictions. In Bangladesh, there was a conflict for quota in the government jobs taking place on July 15 and resulted in many students getting hurt and at least five people being killed. The police tried to stop …

Cisco has issued a security advisory (CVE-2024-3596) in the RADIUS protocol, which is widely used for network access authentication and authorization. This vulnerability could let an attacker bypass multi-factor authentication (MFA) and gain unauthorized network access. The vulnerability is due to a problem in the MD5 Response Authenticator signature in …

The Reserve Bank of India fined Visa 24.1 million rupees (nearly $288,000) for using an unauthorized payment transfer system. The central bank made this announcement on Friday (July 26). “It was discovered that the entity (Visa) had implemented a payment authentication solution without regulatory clearance from the RBI,” the central …

Stress test gauged how banks would respond to and recover from severe but plausible cybersecurity incident 109 banks tested, of which 28 underwent more extensive testing Results to feed into ECB’s 2024 Supervisory Review and Evaluation Process The European Central Bank (ECB) is set to conduct its first thematic stress …