Tuesday , December 24 2024

infosecbulletin

Flight officer ‘fled to Canada’, Biman fear of data leak

The Assistant Manager (Administration) of Biman Bangladesh Airlines Anower hosan fled to Canada without the permission of the authorities. Besides, the commercial supervisor of the company Sohan Ahmed is missing. Biman MD Shafiul Azim confirmed the matter on Tuesday (January 16). Biman’s Managing Director said, they have important software and …

Read More »

UNDOC Report
Group reportedly link to Bangladesh Bank cyber attack still active in Asia

UNODC

North Korean hackers are sharing money-laundering and underground banking networks with fraudsters and drug traffickers in Southeast Asia, according to a United Nations report published on Monday, with casinos and crypto exchanges emerging as key venues for organized crime. The United Nations Office of Drugs and Crime (UNODC) said without …

Read More »

Atlassian released advisory for CVE-2023-22527

Atlassian

Tuesday (16 January) Atlassian released advisory for CVE-2023-22527 – RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server. A template injection vulnerability on out-of-date versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected version. Customers using an affected version …

Read More »

TrendMicro Research
CVE-2023-36025, Phemedrone Stealer exploit windows SmartScreen flaw

Screen

Cybersecurity researchers at Trend Micro discovered an exploitation of CVE-2023-36025 leading to the spread of a new type of malware called Phemedrone Stealer. Phemedrone Stealer is a malware that targets web browsers, cryptocurrency wallets, and messaging apps like Telegram, Steam, and Discord. It not only steals data, but also takes …

Read More »

Bishopfox bog
Over 178k SonicWall Firewalls are Publicly Exploitable

Sonicwall

In a blog post BishopFox said, SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities with the potential for remote code execution. SonicWall published advisories for CVE-2022-22274 and CVE-2023-0656 a year apart and reported that no exploitation had been observed in the wild; …

Read More »

Recorded Future Report
Security Experts Urge IT to Lock Down GitHub Services

Github

Recorded Future, a threat intelligence firm, has cautioned that malicious actors are using GitHub services more to carry out secret cyber-attacks and has advised IT teams to act. Its new report, Flying Under the Radar: Abusing GitHub for Malicious Infrastructure, revealed the most popular GitHub services for threat actors. Between …

Read More »