Thursday , April 24 2025
NVDP

BCSI officially announce National Vulnerability Disclosure Program (NVDP)

Bangladesh Cyber Security Intelligence (BCSI) officially launch the National Vulnerability Disclosure Program (NVDP) to enhance the country’s cybersecurity. This initiative aims to create a secure platform for ethical hackers, researchers, and organizations to work together in identifying and addressing vulnerabilities that threaten government systems, critical infrastructure, and private sector entities.

NVDP aims to leverage the skills of top cybersecurity professionals in the country. It promotes responsible vulnerability disclosure to address potential threats proactively and effectively.

SonicWall patched SSLVPN Vuln Allowing Firewall Crashing

SonicWall has revealed a vulnerability in its SonicOS SSLVPN Virtual Office interface that could let remote attackers crash firewall appliances....
Read More
SonicWall patched SSLVPN Vuln Allowing Firewall Crashing

GitLab Releases Security Update For Multiple Vulns

GitLab has announced a security advisory urging users to upgrade their self-managed installations right away. Versions 17.11.1, 17.10.5, and 17.9.7...
Read More
GitLab Releases Security Update For Multiple Vulns

ISPAB president “whatsapp” got hacked via phishing link

Imdadul Haque, the president of Internet Service Provider of Bangladesh (ISPAB) said, I automatically got back my WhatsApp account. What...
Read More
ISPAB president “whatsapp” got hacked via phishing link

Zyxel released patches 2 vulns in its USG FLEX H series firewalls

Zyxel Networks has issued critical security patches for two high-severity vulnerabilities in its USG FLEX H series firewalls. These flaws...
Read More
Zyxel released patches 2 vulns in its USG FLEX H series firewalls

South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked

South Korea's largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related...
Read More
South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked

ChatGPT Develops Exploit for CVEs Before Public PoCs Share

Security researcher Matt Keeley showed that artificial intelligence can now develop working exploits for critical vulnerabilities before public proof-of-concept (PoC)...
Read More
ChatGPT Develops Exploit for CVEs Before Public PoCs Share

TP-Link Router Vulns Allow to Execute Malicious SQL Commands

Several vulnerabilities have been found in TP-Link routers, exposing users to serious security risks from SQL injection flaws in their...
Read More
TP-Link Router Vulns Allow to Execute Malicious SQL Commands

SSL.com’s domain validation system’s bug found: Hacker exploited

SSL.com has revealed a major security flaw in its domain validation system, which could enable attackers to acquire fake SSL...
Read More
SSL.com’s domain validation system’s bug found: Hacker exploited

Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals

Amazon has paused some data center lease negotiations for its cloud division, particularly in international markets, according to Wells Fargo...
Read More
Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals

Hackers Exploit Zoom’s Remote Control Feature for System Access

ELUSIVE COMET is a threat actor conducting a sophisticated attack campaign that uses Zoom's remote control feature to access victims'...
Read More
Hackers Exploit Zoom’s Remote Control Feature for System Access

Key objectives of the program include:

Strengthening National Cybersecurity: Creating a clear way to find and fix weaknesses in critical systems before they can be used.

Empowering Ethical Hackers: Providing a platform for Bangladesh’s best cybersecurity experts to help protect the nation while receiving acknowledgment and rewards for their work.

Protecting Critical Sectors: Working with financial institutions, critical infrastructure organizations, and government agencies to protect them from new threats.

Fostering Public-Private Collaboration: Working together with government and private sectors to improve cybersecurity in Bangladesh.

Key Features of NVDP:

The NVDP is built on the principles of transparency, integrity, and security, and is guided by the following core features:

Verified Researcher Participation: Only verified cybersecurity researchers will have access to the NVDP platform, ensuring all participants uphold high standards of professionalism and ethics.

Confidentiality and Safe Harbor: Researchers’ identities and vulnerability reports are kept private, and the program offers protection for researchers to report vulnerabilities without fear of punishment.

Structured Agreements: Organizations sign detailed agreements that explain the program’s purpose, safety rules, and behavior guidelines, promoting a collaborative and legally secure environment.

Controlled Access to Programs: NVDP invites only qualified researchers to participate in specific programs based on their expertise and the sensitivity of the target scope.

Empowering Cybersecurity Talent:

NVDP enhances vulnerability disclosure by emphasizing talent development and capacity building. It identifies and empowers leading cybersecurity professionals in Bangladesh, providing them with valuable opportunities.

Secure National Assets: Protect government and private systems, like banks and essential services.

Earn Recognition and Rewards: Earn financial rewards, recognition, and career growth for contributions.

Build Expertise: Access exclusive programs and challenges to improve cybersecurity skills and knowledge.

By fostering a community of skilled professionals, NVDP aims to establish Bangladesh as a global leader in cybersecurity talent and innovation.

How to Get Involved:

For Researchers:

Ethical hackers and cybersecurity researchers are encouraged to join NVDP as verified participants. The onboarding process includes:

Submitting proof of competency, such as bug hunting experience, certifications, or CTF participation.
Completing identity verification to become an officially recognized NVDP researcher.
Gaining access to private programs tailored to your expertise and interests.

For Organizations:

Government and private sector organizations can collaborate with NVDP to safeguard their systems and infrastructure. By participating in the program, organizations will:

Gain access to a pool of top cybersecurity talent.
Receive detailed vulnerability reports and mitigation strategies.
Enhance their overall cybersecurity posture through proactive measures.

The NVDP welcomes cybersecurity professionals, ethical hackers, and organizations to join the National Vulnerability Disclosure Program (NVDP) for a safer Bangladesh.

Check Also

“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA

A time-demanding workshop on “Cybersecurity Awareness and Needs Analysis” was held on Thursday (December 19) …

Leave a Reply

Your email address will not be published. Required fields are marked *