The worm was first discovered in a 2023 post by security firm Sophos. It became active in 2019 when a variant of malware called PlugX added a feature to infect USB drives automatically. This allowed the malware to spread to new machines without needing any user interaction. Sekoia, a European …
Read More »ALERT: SEKOIA REPORT
Palo Alto network shared latest remediation of CVE-2024-3400
Palo Alto Networks has given urgent advice to the remediation of a critical vulnerability, known as CVE-2024-3400, which attackers have used to get unauthorized access. The cybersecurity company has provided clear steps for organizations to reduce the risks of this breach and protect their networks from future attacks. Environment: Palo …
Read More »CISA Launches Ransomware Vulnerability Warning Pilot for Critical Infrastructure
Organizations across all sectors and of all sizes are too frequently impacted by damaging ransomware incidents. Many of these incidents are perpetrated by ransomware threat actors using known vulnerabilities. By urgently fixing these vulnerabilities, organizations can significantly reduce their likelihood of experiencing a ransomware event. In addition, organizations should implement …
Read More »WhatsApp warns India to exit, If…
According to the report by several Indian media, social media platform Meta will withdraw its entire service from India if it is forced to breaks encryption. This is what WhatsApp has claimed in the hearing of a case in the Delhi High Court. This was claimed by WhatsApp in the …
Read More »Fake e-mail of Rajshahi Univ VC’ name-picture, sending messages
Someone is pretending to be Rajshahi University Vice-Chancellor, Professor Dr. Golam Sabbir Sattar, by creating a fake email account and sending fake messages to people he knows. The vice chancellor is aware of this and has asked everyone to be cautious. Professor Ghulam Sabbir Sattar warned about this on his …
Read More »Bad actor threat to expose BSNL 2.9 million data
Platform BreachForum, bad actor perell, same person who claimed to expose the data of “Bharat Sanchar Nigam Limited” BSNL for the second time. The threat actor claimed first December-3, 2023 where he wrote “India’s 4th most popular telecommunications company has suffered a substantial data breach” and he claimed to have …
Read More »India’s ICICI Bank exposed thousands of credit cards to ‘wrong’ users
“Our customers are our utmost priority and we are wholeheartedly dedicated to safe guarding their interests. It has come to our notice that about 17,000 new credit cards which were issued in the past few days were erroneously mapped in our digital channels to wrong users. They constitute about 0.1% …
Read More »CISA Releases Eight Industrial Control Systems Advisories
CISA issued eight advisories about Industrial Control Systems (ICS) on April 25, 2024. The advisories share important information about security issues, vulnerabilities, and exploits related to ICS. ICSA-24-116-01 Multiple Vulnerabilities in Hitachi Energy RTU500 Series ICSA-24-116-02 Hitachi Energy MACH SCM ICSA-24-116-03 Siemens RUGGEDCOM APE1808 Devices Configured with Palo Alto Networks …
Read More »Google fixed critical Chrome vulnerability CVE-2024-4058
Google fixed a serious Chrome bug known as CVE-2024-4058 in the ANGLE graphics layer engine along with four vulnerabilities in the Chrome web browser. CVE-2024-4058 is a vulnerability in the ANGLE graphics layer engine. It allows attackers to execute arbitrary code on macOS systems. Toan Pham and Bao Pham from …
Read More »Hackers backdoored Cisco ASA devices via two zero-days
A Cisco customer noticed the first confirmed activity in early January 2024, but the attacks actually began in November 2023. The researchers also found evidence that indicates this capability was being tested and developed as early as July 2023. The initial access vector in this campaign – dubbed ArcaneDoor – …
Read More »