Check Point has released hotfixes for a VPN vulnerability used in attacks to gain remote access to firewalls and try to breach corporate networks. On Monday, the company warned about an increase in attacks on VPN devices and provided recommendations on how admins can protect their devices. The CVE-2024-24919 vulnerability …

In December 2023, The First American Financial Corporation, a major title insurance company in the US, experienced a cyberattack. This resulted in the personal information of approximately 44,000 individuals being exposed. The company disclosed this data breach to the US Securities and Exchange Commission (SEC) on May 28, 2024. This …

Researchers released a proof-of-concept (PoC) exploit for remote code execution flaw CVE-2024-23108 in Fortinet SIEM solution. Horizon3’s Attack Team released a demonstration of a security vulnerability, identified as CVE-2024-23108, in Fortinet’s SIEM solution. This vulnerability allows attackers to run commands as the most powerful user on publicly accessible FortiSIEM devices. …

State Minister for Posts, Telecommunications and Information Technology Zunaid Ahmed Palak received the award in Geneva, Switzerland, winner of the World Summit on Information Society (WSIS) Award-2024, one of the awards in the information and technology sector in the international arena. This year, he received this award as the winner …

CISA published an advisory on May 28, 2024, about Industrial Control Systems (ICS). They share important information about security issues, vulnerabilities, and exploits related to ICS. ICSA-24-149-01 Campbell Scientific CSI Web Server: The Campbell Scientific CSI Web Server supports a command that will return the most recent file that matches …

Check Point warned that threat actors are targeting their Remote Access VPN devices in an ongoing campaign to breach enterprise networks. Remote Access is included in all Check Point network firewalls. It can be set up as a client-to-site VPN for accessing corporate networks using VPN clients, or as an …

A serious security flaw has been found in the TP-Link Archer C5400X gaming router. It could allow remote code execution on vulnerable devices by sending specific requests. The vulnerability CVE-2024-5035 has a CVSS score of 10.0 and affects all versions of the router firmware up to 1_1.1.6. It has been …

There appeared a new type of ATM malware that security experts warn about. It is being advertised in the cybercrime underground and specifically designed to target Europe. A bad actor claimed that the new ATM malware called “EU ATM Malware” has 99% success rate. It can compromise most ATMs in …

Infosecbulletin’s daily cyber security update is a daily basis security updates across the globe. This aim is to inform the readers todays happenings in cyber world. Using various ways the information is collected and only the headlines are shown here. Users are advised to read out the full report for …

Researchers found criminal SMS phishing scam campaigns that exploit cloud storage services like Amazon S3, Google Cloud Storage, Backblaze B2, and IBM Cloud Object Storage. These campaigns, run by unknown threat actors, aim to send SMS messages to redirect users to malicious websites in order to steal their information. According …