CISA issued seventeen advisories about Industrial Control Systems (ICS) on May 16, 2024. These advisories give important information about security problems, weaknesses, and attacks related to ICS. ICSA-24-137-01 Siemens Parasolid ICSA-24-137-02 Siemens SICAM Products ICSA-24-137-03 Siemens Teamcenter Visualization and JT2Go ICSA-24-137-04 Siemens Polarion ALM ICSA-24-137-05 Siemens Simcenter Nastran ICSA-24-137-06 Siemens …
Read More »ALERT
Intel released 41 Security Advisories Over 90 Vulnerabilities
Intel released 41 security advisories this Patch Tuesday, which contain information about over 90 vulnerabilities in their products. The company has fixed most of the vulnerabilities with patches and provided some mitigations for others. The most significant flaw is CVE-2024-22476. It is rated as ‘critical’ and has a severity score …
Read More »Adobe Patches Multiple Code Execution Flaws
Adobe released security updates for the vulnerabilities in Adobe software. Bad actors could exploit some of these vulnerabilities taking control of an affected system. Adobe encourage the users to review the following Adobe Security Bulletins and apply necessary updates: Adobe Acrobat and Reader Adobe Illustrator Substance 3D Painter Adobe Aero …
Read More »FBI seized BreachForums, including telegram channel
FBI has seized hacking forum “BreachForums” popularly known as a Breached hacking forum in the underground market on Wednesday morning for the second time in a year, soon after the site was used last week to leak data stolen from a Europol law enforcement portal. Now the site displays a …
Read More »
Kaspersky report
Bangladesh faces over 34,000 ransomware attacks
Antivirus manufacturer Kaspersky inform that it has detected over 34,000 ransomware attacks targeting various organizations in Bangladesh from January to December 2023 in a press release. Fedor Sinitsyn, Kaspersky’s lead malware analyst said, Several ransomware groups are still stealing data and encrypting it and demanding a ransom. This problem is …
Read More »FortiOS & FortiProxy SSL-VPN Flaw Allows IP Spoofing
A vulnerability has been discovered in Fortinet’s FortiOS SSL-VPN and FortiProxy SSL-VPN. The flaw is identified as FG-23-225 which allows attackers to spoof IP addresses and bypass security controls by sending specially crafted packets. According to the advisory published by Fortinet, An insufficient verification of data authenticity vulnerability [CWE-345] in …
Read More »Ransomware Activities this week: Threatmon report
According to the Threatmon advanced threat monitoring platform, LockBit is in the top position in the category of top active group and in the list Qilin, Play are are the 2nd and third accordingly. Top Actives Groups – #LockBit 124 – #Qilin 16 – #Play 13 – #BlackSuit 10 – …
Read More »
ALERT
CISA Releases Four Industrial Control Systems Advisories
On Tuesday (May 14), CISA released four Industrial Control Systems (ICS) advisories which provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-135-01 Rockwell Automation FactoryTalk Remote Access ICSA-24-135-02 SUBNET PowerSYSTEM Center ICSA-24-135-03 Johnson Controls Software House C-CURE 9000 ICSA-24-135-04 Mitsubishi Electric Multiple FA Engineering Software Products …
Read More »Microsoft May 2024 Patch Tuesday fixes 61 flaws 2 zero-days
Microsoft patched May 2024 Tuesday including updates for 61 flaws and three publicly disclosed zero days. This update fixed Microsoft SharePoint Server Remote Code Execution Vulnerability. Category wise vulnerabilities are listed below: 17 Elevation of Privilege Vulnerabilities 2 Security Feature Bypass Vulnerabilities 27 Remote Code Execution Vulnerabilities 7 Information Disclosure …
Read More »Newly circulated reserve theft is false: Bangladesh Bank
On Tuesday (14.05.2024) Bangladesh Bank spokesperson Majbaul Haque said to media that the information published in the report is completely fake. Prior to that, an Indian media reported about the reserve theft from Bangladesh Bank. After the publication of the report a wide discussion started on the social media. Majbaul …
Read More »