CISA published four advisories on March 26, 2024, about security problems, vulnerabilities, and exploits in Industrial Control Systems (ICS). ICSA-24-086-01 Automation-Direct C-MORE EA9 HMI ICSA-24-086-02 Rockwell Automation PowerFlex 527 ICSA-24-086-03 Rockwell Automation Arena Simulation ICSA-24-086-04 Rockwell Automation FactoryTalk View ME CISA encourages users and administrators to review the newly released …
Read More »
An experimental national roaming service has been launched for the first time in the country to reduce network disruptions for Teletalk customers. As a result, Teletalk will use Banglalink’s network. State Minister for Posts, Telecommunications and Information Technology Zunayd Ahmed Palak inaugurated this service organized at BCC on the occasion …
Read More »
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint alert about making software secure by eliminating SQL injection vulnerabilities. This was in response to a recent major incident involving SQL injection that affected thousands of organizations and emphasizes how common this type of security flaw is. …
Read More »
The Checkmarx Research team found out that hackers attacked the software supply chain and managed to breach the Top.gg GitHub organization, which has over 170,000 users, and also targeted individual developers. These hackers took over accounts by stealing browser cookies, added bad code with verified commits, created a fake Python …
Read More »
Many users around the world are experiencing issues with OpenAI’s ChatGPT, such as not being able to log in, missing chat histories, and chat screens that won’t load correctly. Sometimes when you open ChatGPT, you might get a blank screen that just says “How can I help you today?” without …
Read More »
In October 2023, Sekoia analysts discovered a new Adversary-in-The-Middle (AiTM) phishing kit used by several hackers for widespread attacks. This kit is linked to the Tycoon 2FA Phishing-as-a-Service (PhaaS) platform, active since at least August 2023. The Sekoia Threat Detection & Research (TDR) team analyzed the Tycoon 2FA PhaaS kit …
Read More »
SonicWall Capture Labs found a vulnerability with the Artica Proxy appliance. This vulnerability affects over 100K servers globally. Artica Proxy is a proxy solution that performs tasks like web filtering, SSL inspection, and bandwidth management. SonicWall has developed measures to mitigate the vulnerability. There is a security vulnerability called CVE-2024-2054 …
Read More »
The writing is first published to medium where Henry N. Caga wrote about how he find out Google’s vulnerability and achieved hall of fame recognition. Henry N. Caga wrote I stumbled upon a discovery that sent shockwaves through my system: an XSS (Cross-Site Scripting) vulnerability lurking within one of Google’s …
Read More »
Microsoft to restrict access to 50 of its cloud products in Russia, as reported by the Russian company Softline. The restrictions will also affect local software, with the deactivation of license keys. Russian media TASS reported the list primarily includes corporate applications such as those for business management, accounting, automation, …
Read More »
Microsoft released urgent updates to fix a problem causing Windows domain controllers to crash after installing the March 2024 Windows Server security updates. Microsoft released the following emergency Windows Server cumulative updates that should fix the LSASS memory leak and prevent impacted servers from crashing and restarting: KB5037422 (Windows Server …
Read More »
InfoSecBulletin Cybersecurity for mankind
