Three unpatched security flaws in the NGINX Ingress controller for Kubernetes have been revealed. These flaws have a high severity level and could be used by a malicious actor to steal secret credentials from the cluster. The vulnerabilities are as follows: CVE-2022-4886 (CVSS score: 8.8) – Ingress-nginx path sanitization can …

We all love snapping pics on our phones, right? They help us catch life’s fun, goofy, and sweet moments. But what if I told you that sometimes our phone cameras might see more than just smiles? I went on a snooping adventure online and found some stories that made me …

Internet services will face partial disruption in the country for around 20 hours on October 31 and November 2. This is because the country’s first submarine cable will be partially disconnected for an upgrade. The circuits through the South East Asia-Middle East-Western Europe 4 (SEA-ME-WE 4) submarine cable installed Cox’s …

Online fraud is on the rise. Every day a large number of people are falling victim to this fraud. Someone is losing crore money. Money is being extorted through phishing emails, fake job offers, cryptocurrency scams and fake phone calls. Sometimes the phone gets hacked just by revising the phone. …

Bangladesh System Administrators Forum (BDSAF) organized a day-long IT security conference titled “Cyber Security Symposium 2023”. Symposium was held on October 28, at “Brac In” auditorium on various important issues of information technology security and cyber awareness. Md. Shamsul Arefin, secretary of information and technology division, was the chief guest …

F5 warned customers about a serious security flaw in BIG-IP that may lead to unauthorized remote code execution. An issue has been identified in the configuration utility component. It is assigned the CVE identifier CVE-2023-46747 and has a CVSS score of 9.8 out of 10. F5 has stated that an …

The Cyber Threat Intelligence team of BGD e-GOV CIRT has issued a warning about ongoing attacks using two zero-day vulnerabilities in Cisco’s IOS XE Software web UI feature. Successful exploitation attempts have been observed against organizations in Bangladesh. This advisory is intended for IT teams responsible for configuring and managing …

The NID server of the election commission will be down for 64 hours starting from Thursday for maintenance purposes, according to an EC source. The NID wing informed the officials at various levels through text messages. The server room will be moved during maintenance. All server and network services will …

Multiple vulnerabilities in VMware Aria Operations for Logs were privately reported to VMware. VMware Aria Operations for Logs contains an authentication bypass vulnerability VMware has evaluated the severity of this issue to be in the Important Severity Range with a maximum CVSSv3 base score of 8.1. An unauthenticated, malicious actor …

Ransomware activity soared in September after a temporary decrease in August, which was still higher than usual for summer. In September, ransomware groups conducted 514 attacks, surpassing the 459 attacks recorded in March 2023 according to NCC group cyber threat intelligence report. The March attacks were mainly caused by the …