Calls, messages and videos can be viewed easily using SIM or WiFi on the smartphone. Think about it, what to do if there is no SIM and internet on the phone? Technology is also coming soon, which will allow watching videos on smartphones without SIM and internet. This technology is …

The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. Microsoft has identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor …

Mandiant and VMware Product Security found that the UNC3886 espionage group has been exploiting CVE-2023-34048 since late 2021, even though it was publicly reported and patched in October 2023. Mandiant found new ways that UNC3886 uses to attack computer systems. They focus on technologies that don’t have EDR protection and …

CISA, the FBI, and the EPA have released a guide to help water and wastewater systems respond to incidents. Over 25 organizations from various sectors contributed to this guide, including private companies, non-profit organizations, and government entities. This collaboration ensured that the guide would be useful for water and wastewater …

Oracle released a security advisory for January 2024. It fixes vulnerabilities in various products that could be exploited by hackers to take control of a system. Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it …

The BGD e-GOV CIRT Cyber Threat Intelligence Unit has noticed a big rise in a type of malware named stealer malware in Bangladesh’s cyberspace. These sneaky programs are good at secretly getting sensitive data like login details, personal information, and secret data from specific systems. This breach puts financial resources …

CISA found evidence of active exploitation for three new vulnerabilities, which have been added to their list of known exploited vulnerabilities. CVE-2023-6549: Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability. It describes Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway …

Cyble Research and Intelligence Labs (CRIL), CRIL has uncovered a Go Stealer possibly targeting the Indian Air Force. This malware is propagated through a ZIP file named “SU-30_Aircraft_Procurement”. The ZIP file is hosted on Oshi (hxxps://oshi[.]at/ougg), an anonymous file storage platform and the Threat Actor (TA) could potentially be distributing …

The financial industry has seen a 137% rise in Vendor Email Compromise attacks in the past year, according to new data from Abnormal Security. Most threats came from email attacks that tricked people, with the sector getting 200 advanced attacks per week for every 1000 mailboxes. Last year, there were …

VMware and Atlassian disclosed critical vulnerabilities today. Even though there have been no reports of misuse, administrators should update their systems as soon as possible to prevent any issues. There are two problems reported by Atlassian. The most important one is CVE-2023-22527, which is a flaw in the template system …