Researchers released a proof-of-concept (PoC) exploit for remote code execution flaw CVE-2024-23108 in Fortinet SIEM solution. Horizon3’s Attack Team released a demonstration of a security vulnerability, identified as CVE-2024-23108, in Fortinet’s SIEM solution. This vulnerability allows attackers to run commands as the most powerful user on publicly accessible FortiSIEM devices. …

State Minister for Posts, Telecommunications and Information Technology Zunaid Ahmed Palak received the award in Geneva, Switzerland, winner of the World Summit on Information Society (WSIS) Award-2024, one of the awards in the information and technology sector in the international arena. This year, he received this award as the winner …

CISA published an advisory on May 28, 2024, about Industrial Control Systems (ICS). They share important information about security issues, vulnerabilities, and exploits related to ICS. ICSA-24-149-01 Campbell Scientific CSI Web Server: The Campbell Scientific CSI Web Server supports a command that will return the most recent file that matches …

Check Point warned that threat actors are targeting their Remote Access VPN devices in an ongoing campaign to breach enterprise networks. Remote Access is included in all Check Point network firewalls. It can be set up as a client-to-site VPN for accessing corporate networks using VPN clients, or as an …

A serious security flaw has been found in the TP-Link Archer C5400X gaming router. It could allow remote code execution on vulnerable devices by sending specific requests. The vulnerability CVE-2024-5035 has a CVSS score of 10.0 and affects all versions of the router firmware up to 1_1.1.6. It has been …

There appeared a new type of ATM malware that security experts warn about. It is being advertised in the cybercrime underground and specifically designed to target Europe. A bad actor claimed that the new ATM malware called “EU ATM Malware” has 99% success rate. It can compromise most ATMs in …

Infosecbulletin’s daily cyber security update is a daily basis security updates across the globe. This aim is to inform the readers todays happenings in cyber world. Using various ways the information is collected and only the headlines are shown here. Users are advised to read out the full report for …

Researchers found criminal SMS phishing scam campaigns that exploit cloud storage services like Amazon S3, Google Cloud Storage, Backblaze B2, and IBM Cloud Object Storage. These campaigns, run by unknown threat actors, aim to send SMS messages to redirect users to malicious websites in order to steal their information. According …

Chronon simplifies data computation and serving for AI/ML apps. Users define data features, and Chronon handles batch and streaming computation, scalable backfills, low-latency serving, correctness, consistency, observability, and monitoring. It allows you to utilize all of the data within your organization, from batch tables, event streams or services to power …

Jeremiah Fowler, a security researcher, claimed to discover a major vulnerability in India’s data security. He found an unprotected database with a large amount of biometric data, such as fingerprints, facial scans, and other sensitive information, belonging to millions of Indian citizens. Jeremiah Fowler published his findings on global planet. …