Tuesday , December 24 2024

infosecbulletin

CISCO report
Globally, 9 in 10 organizations embraced zero-trust security

Zero trust

Nearly 90% of organizations have started adopting zero-trust security, but there is still a lot of work to be done, says a report from CISCO. 86.5% of global information security professionals have begun implementing parts of the zero-trust security model. However, only 2% have completed their deployments. Cisco measures maturity …

Read More »

HTTP/2 Rapid Reset Attack
Cisco Patched Products Vulnerable to HTTP/2 Rapid Reset Attack

Cisco

A new high-severity vulnerability has been discovered in multiple Cisco products, which could potentially allow HTTP/2 Rapid Reset Attack. A new technique for launching distributed denial of service (DDoS) attacks has been discovered. It is identified as CVE-2023-44487 and has a high severity rating of 7.5. In addition, this vulnerability …

Read More »

CIRT alert on CVEs
BD CIRT published CVE of f5, Apache, Juniper, Citrix and Atlassian

Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT) proactively releases critical threat intelligence information to ensure the security of Bangladesh’s cyberspace. Following this, CIRT has recently identified critical vulnerabilities for critical information infrastructure (CII). CIRT published cyber alert for critical information infrastructure (CII) on Thursday (23 November). The report …

Read More »

Black wing intelligence (video)
Windows hello fingerprint auth bypassed on Microsoft, Dell, Lenovo laptops

Laptop

Security researchers were able to bypass authentication on three popular laptops by testing the fingerprint sensors used for Windows Hello. The research was done by Blackwing Intelligence and Microsoft’s MORSE. Target devices include a Dell Inspiron 15 with a Goodix fingerprint sensor, a Lenovo ThinkPad T14s with a Synaptics sensor, …

Read More »

DataHub Asia
By 2025, Domestic cloud market expected $46.3 million; MD “DataHub Asia”

“To support country’s growing digital economy, protecting sensitive data with cost saving ‘purpose-built data center’ is needed” according to Md. Shoroer Morshed Porag, Managing Director of DataHub Asia. He remarked this on a seminar held Tuesday (21 November) at Dhaka titled “Purpose-Built Data center: Destination of Choice” arranged by DataHub …

Read More »

Securelist report
Modern Asian APT groups’ tactics, techniques and procedures

Asian APT

Research is regularly published about Asian APT groups targeting organizations from different industries. These campaigns and incidents don’t only happen in one region. Research like this usually includes detailed information about the tools used by APT actors, the vulnerabilities they exploit, and sometimes even specific attribution. Despite the abundance of …

Read More »

Treasury Board of Canada Secretariat statment
Canadian government discloses data breach

Canada

The Canadian government reported that two contractors have been hacked, revealing sensitive information of an unknown number of government employees. Last month, there were security breaches that affected two companies: Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services. These companies provide relocation services to Canadian government …

Read More »

Social media politics uncovered
Exploring engagement of political parties on Facebook in Bangladesh

Social media icon

Bangladeshi political parties are fueling tensions in the lead up to the 12th National Assembly elections. The tensions have spread to social media. Parties frequently post on Facebook about the program, violence, leaders’ statements, and counter-accusations. Page followers react with love, like, wow, haha. A study shows that people’s reaction …

Read More »