Juniper Networks released updates to fix high-severity vulnerabilities in SRX Series and EX Series. These vulnerabilities could be exploited by attackers to gain control of vulnerable systems. The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and impact all versions of Junos OS. There are vulnerabilities …

Apple opposes the UK government’s idea to pre-approve new security features from tech companies. If the UK Home Office rejects an update, it cannot be released in any other country, and the public will not be informed. The government is seeking to update the Investigatory Powers Act (IPA) 2016. The …

Data Privacy Day, also called Data Protection Day in Europe, is a global event that happens every year on January 28. It aims to promote awareness about online privacy, data protection, and ways to protect your personal information in the digital world. It’s a good time to reflect on your …

On January 27, a seminar on “Cyber Security Assurance” was conducted by Assistant Commissioner Nishat Anjum in the meeting room of the Deputy Commissioner’s office, Sylhet. The day-long seminar was organized by the National Cyber Security Agency in collaboration with the office of the District Commissioner, Sylhet. Abu Sayed Md. …

The Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich Ermakov, a Russian national connected to the 2022 Medibank hack and the REvil ransomware group. According to a report by Intel471, Ermakov was very involved in cybercrime, working as a ransomware operator and affiliate. It is also thought that …

In the Pwn2Own Automotive first edition, competitors earned $1,323,750 by hacking Tesla twice and demonstrating 49 zero-day bugs in various electric car systems from January 24 to January 26. Hackers targeted electric vehicle chargers, infotainment systems, and car operating systems during a contest organized by Trend Micro’s Zero Day Initiative …

Cisco warns that some Unified Communications Manager and Contact Center Solutions products have a critical remote code execution security vulnerability. Cisco’s Unified Communications and Contact Center Solutions offer voice, video, and messaging services, as well as customer engagement and management. The company issued a security bulletin about a vulnerability (CVE-2024-20253) …

Top ethical hackers are currently competing in Tokyo. They have discovered nearly 40 zero-day vulnerabilities in Tesla and other products. The first car-focused Zero Day Initiative (ZDI) Pwn2Own contest takes place from January 24-26. ZDI is the world’s largest bug bounty program, encouraging ethical hackers to find and report vulnerabilities …

Cybercriminals now offer services and products to other cybercriminals is a significant development in the last two decades. Cybercrime-as-a-service has made it easier for criminals to get into cybercrime, allowing them to specialize and commit crimes on a larger scale. For instance, instead of coding malware, a criminal can buy …

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-22527 Atlassian Confluence Data Center and Server Template Injection Vulnerability CVE-2023-22527 Detail: A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE …