Nearly 90% of organizations have started adopting zero-trust security, but there is still a lot of work to be done, says a report from CISCO. 86.5% of global information security professionals have begun implementing parts of the zero-trust security model. However, only 2% have completed their deployments. Cisco measures maturity …
Read More »CISCO report
HTTP/2 Rapid Reset Attack
Cisco Patched Products Vulnerable to HTTP/2 Rapid Reset Attack
A new high-severity vulnerability has been discovered in multiple Cisco products, which could potentially allow HTTP/2 Rapid Reset Attack. A new technique for launching distributed denial of service (DDoS) attacks has been discovered. It is identified as CVE-2023-44487 and has a high severity rating of 7.5. In addition, this vulnerability …
Read More »
CIRT alert on CVEs
BD CIRT published CVE of f5, Apache, Juniper, Citrix and Atlassian
Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT) proactively releases critical threat intelligence information to ensure the security of Bangladesh’s cyberspace. Following this, CIRT has recently identified critical vulnerabilities for critical information infrastructure (CII). CIRT published cyber alert for critical information infrastructure (CII) on Thursday (23 November). The report …
Read More »
Black wing intelligence (video)
Windows hello fingerprint auth bypassed on Microsoft, Dell, Lenovo laptops
Security researchers were able to bypass authentication on three popular laptops by testing the fingerprint sensors used for Windows Hello. The research was done by Blackwing Intelligence and Microsoft’s MORSE. Target devices include a Dell Inspiron 15 with a Goodix fingerprint sensor, a Lenovo ThinkPad T14s with a Synaptics sensor, …
Read More »Microsoft launches new bounty program with $20,000 rewards
Microsoft has launched a bug bounty program for the Microsoft Defender security platform. Rewards range from $500 to $20,000. Microsoft has the authority to decide how much money people will receive as a reward for finding and reporting vulnerabilities. The amount will depend on how serious the vulnerability is, how …
Read More »
DataHub Asia
By 2025, Domestic cloud market expected $46.3 million; MD “DataHub Asia”
“To support country’s growing digital economy, protecting sensitive data with cost saving ‘purpose-built data center’ is needed” according to Md. Shoroer Morshed Porag, Managing Director of DataHub Asia. He remarked this on a seminar held Tuesday (21 November) at Dhaka titled “Purpose-Built Data center: Destination of Choice” arranged by DataHub …
Read More »
Securelist report
Modern Asian APT groups’ tactics, techniques and procedures
Research is regularly published about Asian APT groups targeting organizations from different industries. These campaigns and incidents don’t only happen in one region. Research like this usually includes detailed information about the tools used by APT actors, the vulnerabilities they exploit, and sometimes even specific attribution. Despite the abundance of …
Read More »
Treasury Board of Canada Secretariat statment
Canadian government discloses data breach
The Canadian government reported that two contractors have been hacked, revealing sensitive information of an unknown number of government employees. Last month, there were security breaches that affected two companies: Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services. These companies provide relocation services to Canadian government …
Read More »Daily Cybersecurity update, November 20, 2023
The fallout from the MOVEit Transfer data breach is growing. The U.S. CMS announced that hundreds of thousands of Medicare recipients were affected. Additionally, the Canadian government revealed a data breach affecting former and current public service employees. On a different note, the INC Ransom group, a new threat, added …
Read More »
Social media politics uncovered
Exploring engagement of political parties on Facebook in Bangladesh
Bangladeshi political parties are fueling tensions in the lead up to the 12th National Assembly elections. The tensions have spread to social media. Parties frequently post on Facebook about the program, violence, leaders’ statements, and counter-accusations. Page followers react with love, like, wow, haha. A study shows that people’s reaction …
Read More »