CISA released 8 advisories about Industrial Control Systems (ICS) on January 30, 2024. They give up-to-date information on security issues, vulnerabilities, and exploits related to ICS. ICSA-24-030-01 Emerson Rosemount GC370XA, GC700XA, GC1500XA ICSA-24-030-02 Mitsubishi Electric FA Engineering Software Products ICSA-24-030-03 Mitsubishi Electric MELSEC WS Series Ethernet Interface Module ICSA-24-030-04 Hitron …

According to a report by Surfshark, Malaysia was the eighth most breached country in Q3 2023, with 494,699 leaked accounts. The breach rate in Q3 2023 was 144% higher than in Q2 2023, and around four Malaysian user accounts were leaked every minute. TM suffers data breach again: Customer data …

The attorney general’s office in New York state has sued Citibank for not protecting customers from electronic fraud and not reimbursing the victims. This has resulted in millions of dollars in losses for customers in the state. Attorney General Letitia James filed a lawsuit in federal court in Manhattan. She …

Juniper Networks released updates to fix high-severity vulnerabilities in SRX Series and EX Series. These vulnerabilities could be exploited by attackers to gain control of vulnerable systems. The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and impact all versions of Junos OS. There are vulnerabilities …

Apple opposes the UK government’s idea to pre-approve new security features from tech companies. If the UK Home Office rejects an update, it cannot be released in any other country, and the public will not be informed. The government is seeking to update the Investigatory Powers Act (IPA) 2016. The …

Data Privacy Day, also called Data Protection Day in Europe, is a global event that happens every year on January 28. It aims to promote awareness about online privacy, data protection, and ways to protect your personal information in the digital world. It’s a good time to reflect on your …

On January 27, a seminar on “Cyber Security Assurance” was conducted by Assistant Commissioner Nishat Anjum in the meeting room of the Deputy Commissioner’s office, Sylhet. The day-long seminar was organized by the National Cyber Security Agency in collaboration with the office of the District Commissioner, Sylhet. Abu Sayed Md. …

The Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich Ermakov, a Russian national connected to the 2022 Medibank hack and the REvil ransomware group. According to a report by Intel471, Ermakov was very involved in cybercrime, working as a ransomware operator and affiliate. It is also thought that …

In the Pwn2Own Automotive first edition, competitors earned $1,323,750 by hacking Tesla twice and demonstrating 49 zero-day bugs in various electric car systems from January 24 to January 26. Hackers targeted electric vehicle chargers, infotainment systems, and car operating systems during a contest organized by Trend Micro’s Zero Day Initiative …

Cisco warns that some Unified Communications Manager and Contact Center Solutions products have a critical remote code execution security vulnerability. Cisco’s Unified Communications and Contact Center Solutions offer voice, video, and messaging services, as well as customer engagement and management. The company issued a security bulletin about a vulnerability (CVE-2024-20253) …