Friday , June 6 2025
NVDP

BCSI officially announce National Vulnerability Disclosure Program (NVDP)

Bangladesh Cyber Security Intelligence (BCSI) officially launch the National Vulnerability Disclosure Program (NVDP) to enhance the country’s cybersecurity. This initiative aims to create a secure platform for ethical hackers, researchers, and organizations to work together in identifying and addressing vulnerabilities that threaten government systems, critical infrastructure, and private sector entities.

NVDP aims to leverage the skills of top cybersecurity professionals in the country. It promotes responsible vulnerability disclosure to address potential threats proactively and effectively.

Critical Cisco ISE flaw impacts cloud deployments on AWS, Microsoft Azure, and OCI

Cisco fixed a critical vulnerability in the Identity Services Engine (ISE) that could let unauthorized attackers carry out harmful actions....
Read More
Critical Cisco ISE flaw impacts cloud deployments on AWS, Microsoft Azure, and OCI

App builiding platform exposes over 3 million records, including PII

Cybersecurity researcher Jeremiah Fowler discovered an unprotected database with 3,637,107 records likely from a no-code app-building platform. The unprotected database,...
Read More
App builiding platform exposes over 3 million records, including PII

CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

IBM has issued a security advisory for vulnerabilities in its QRadar Suite Software and Cloud Pak for Security platforms. These...
Read More
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

ALERT
Thousands of IP addresses compromised nationwide: CIRT warn

As Bangladesh prepares for the extended Eid-ul-Adha holidays, the BGD e-GOV Computer Incident Response Team (CIRT) has issued an urgent...
Read More
ALERT  Thousands of IP addresses compromised nationwide: CIRT warn

New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

In March 2025, the Threatfabric mobile Threat Intelligence team identified Crocodilus, a new Android banking Trojan designed for device takeover....
Read More
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Qualcomm has issued security patches for three zero-day vulnerabilities in the Adreno GPU driver, affecting many chipsets that are being...
Read More
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Critical RCE Flaw Patched in Roundcube Webmail

Roundcube Webmail has fixed a critical security flaw that could enable remote code execution after authentication. Disclosed by security researcher...
Read More
Critical RCE Flaw Patched in Roundcube Webmail

Hacker claim Leak of Deloitte Source Code & GitHub Credentials

A hacker known as "303" claim to breach the company's systems and leaked sensitive internal data on a dark web...
Read More
Hacker claim Leak of Deloitte Source Code & GitHub Credentials

CISA Issued Guidance for SIEM and SOAR Implementation

CISA and ACSC issued new guidance this week on how to procure, implement, and maintain SIEM and SOAR platforms. SIEM...
Read More
CISA Issued Guidance for SIEM and SOAR Implementation

Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

The Qualys Threat Research Unit (TRU) found two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities....
Read More
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

Key objectives of the program include:

Strengthening National Cybersecurity: Creating a clear way to find and fix weaknesses in critical systems before they can be used.

Empowering Ethical Hackers: Providing a platform for Bangladesh’s best cybersecurity experts to help protect the nation while receiving acknowledgment and rewards for their work.

Protecting Critical Sectors: Working with financial institutions, critical infrastructure organizations, and government agencies to protect them from new threats.

Fostering Public-Private Collaboration: Working together with government and private sectors to improve cybersecurity in Bangladesh.

Key Features of NVDP:

The NVDP is built on the principles of transparency, integrity, and security, and is guided by the following core features:

Verified Researcher Participation: Only verified cybersecurity researchers will have access to the NVDP platform, ensuring all participants uphold high standards of professionalism and ethics.

Confidentiality and Safe Harbor: Researchers’ identities and vulnerability reports are kept private, and the program offers protection for researchers to report vulnerabilities without fear of punishment.

Structured Agreements: Organizations sign detailed agreements that explain the program’s purpose, safety rules, and behavior guidelines, promoting a collaborative and legally secure environment.

Controlled Access to Programs: NVDP invites only qualified researchers to participate in specific programs based on their expertise and the sensitivity of the target scope.

Empowering Cybersecurity Talent:

NVDP enhances vulnerability disclosure by emphasizing talent development and capacity building. It identifies and empowers leading cybersecurity professionals in Bangladesh, providing them with valuable opportunities.

Secure National Assets: Protect government and private systems, like banks and essential services.

Earn Recognition and Rewards: Earn financial rewards, recognition, and career growth for contributions.

Build Expertise: Access exclusive programs and challenges to improve cybersecurity skills and knowledge.

By fostering a community of skilled professionals, NVDP aims to establish Bangladesh as a global leader in cybersecurity talent and innovation.

How to Get Involved:

For Researchers:

Ethical hackers and cybersecurity researchers are encouraged to join NVDP as verified participants. The onboarding process includes:

Submitting proof of competency, such as bug hunting experience, certifications, or CTF participation.
Completing identity verification to become an officially recognized NVDP researcher.
Gaining access to private programs tailored to your expertise and interests.

For Organizations:

Government and private sector organizations can collaborate with NVDP to safeguard their systems and infrastructure. By participating in the program, organizations will:

Gain access to a pool of top cybersecurity talent.
Receive detailed vulnerability reports and mitigation strategies.
Enhance their overall cybersecurity posture through proactive measures.

The NVDP welcomes cybersecurity professionals, ethical hackers, and organizations to join the National Vulnerability Disclosure Program (NVDP) for a safer Bangladesh.

Check Also

Financial Threat Assessment 2024
BCSI marks Bangladeshi 28 banks high, 10 medium for cyber attack

Bangladesh Cyber Security Intelligence (BCSI) has published Financial Threat Assessment report for 2024. In an …

Leave a Reply

Your email address will not be published. Required fields are marked *