Wednesday , February 19 2025
NVDP

BCSI officially announce National Vulnerability Disclosure Program (NVDP)

Bangladesh Cyber Security Intelligence (BCSI) officially launch the National Vulnerability Disclosure Program (NVDP) to enhance the country’s cybersecurity. This initiative aims to create a secure platform for ethical hackers, researchers, and organizations to work together in identifying and addressing vulnerabilities that threaten government systems, critical infrastructure, and private sector entities.

NVDP aims to leverage the skills of top cybersecurity professionals in the country. It promotes responsible vulnerability disclosure to address potential threats proactively and effectively.

150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain

Indian government and educational websites, along with reputable financial brands, have experienced SEO poisoning, causing user traffic to be redirected...
Read More
150 Gov.t Portal affected  Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain

CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh

The Cyber Threat Intelligence Unit of BGD e-GOV CIRT has found 600 vulnerable PRTG instances in Bangladesh, affected by the...
Read More
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh

Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru

Amazon Web Services (AWS) has been named in an FIR after a builder claimed damages to the tune of Rs...
Read More
Builder claims Rs 150 cr for data loss;  AWS faces FIR In Bengaluru

CISA Warns Active Exploitation of Apple iOS Security Flaw

CISA has issued an urgent warning about a critical zero-day vulnerability in Apple iOS and iPadOS, known as CVE-2025-24200, which...
Read More
CISA Warns Active Exploitation of Apple iOS Security Flaw

Massive IoT Data Breach Exposes 2.7 Billion Records

A major IoT data breach has exposed 2.7 billion records, including Wi-Fi network names, passwords, IP addresses, and device IDs....
Read More
Massive IoT Data Breach Exposes 2.7 Billion Records

SonicWall Firewall Auth Bypass Vulnerability Exploited in Wild

A serious authentication bypass vulnerability in SonicWall firewalls, called CVE-2024-53704, is currently being exploited, according to cybersecurity firms. The increase...
Read More
SonicWall Firewall Auth Bypass Vulnerability Exploited in Wild

AMD Patches High-Severity SMM Vulns Affecting EPYC and Ryzen Processors

AMD has released security patches for two high-severity vulnerabilities in its System Management Mode (SMM). If exploited, these could let...
Read More
AMD Patches High-Severity SMM Vulns Affecting EPYC and Ryzen Processors

Lazarus Group Unleashes New Malware Against Developers Worldwide

Lazarus Group has initiated a complex global campaign aimed at software developers and cryptocurrency users. Operation Marstech Mayhem uses the...
Read More
Lazarus Group Unleashes New Malware Against Developers Worldwide

Daily Security Update Dated : 15.02.2025

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...
Read More
Daily Security Update Dated : 15.02.2025

Salt Typhoon to target Bangladeshi Universities, One identified

RedMike (Salt Typhoon) targeted university devices in Bangladesh, likely to access research in telecommunications, engineering, and technology, especially from institutions...
Read More
Salt Typhoon to target Bangladeshi Universities, One identified

Key objectives of the program include:

Strengthening National Cybersecurity: Creating a clear way to find and fix weaknesses in critical systems before they can be used.

Empowering Ethical Hackers: Providing a platform for Bangladesh’s best cybersecurity experts to help protect the nation while receiving acknowledgment and rewards for their work.

Protecting Critical Sectors: Working with financial institutions, critical infrastructure organizations, and government agencies to protect them from new threats.

Fostering Public-Private Collaboration: Working together with government and private sectors to improve cybersecurity in Bangladesh.

Key Features of NVDP:

The NVDP is built on the principles of transparency, integrity, and security, and is guided by the following core features:

Verified Researcher Participation: Only verified cybersecurity researchers will have access to the NVDP platform, ensuring all participants uphold high standards of professionalism and ethics.

Confidentiality and Safe Harbor: Researchers’ identities and vulnerability reports are kept private, and the program offers protection for researchers to report vulnerabilities without fear of punishment.

Structured Agreements: Organizations sign detailed agreements that explain the program’s purpose, safety rules, and behavior guidelines, promoting a collaborative and legally secure environment.

Controlled Access to Programs: NVDP invites only qualified researchers to participate in specific programs based on their expertise and the sensitivity of the target scope.

Empowering Cybersecurity Talent:

NVDP enhances vulnerability disclosure by emphasizing talent development and capacity building. It identifies and empowers leading cybersecurity professionals in Bangladesh, providing them with valuable opportunities.

Secure National Assets: Protect government and private systems, like banks and essential services.

Earn Recognition and Rewards: Earn financial rewards, recognition, and career growth for contributions.

Build Expertise: Access exclusive programs and challenges to improve cybersecurity skills and knowledge.

By fostering a community of skilled professionals, NVDP aims to establish Bangladesh as a global leader in cybersecurity talent and innovation.

How to Get Involved:

For Researchers:

Ethical hackers and cybersecurity researchers are encouraged to join NVDP as verified participants. The onboarding process includes:

Submitting proof of competency, such as bug hunting experience, certifications, or CTF participation.
Completing identity verification to become an officially recognized NVDP researcher.
Gaining access to private programs tailored to your expertise and interests.

For Organizations:

Government and private sector organizations can collaborate with NVDP to safeguard their systems and infrastructure. By participating in the program, organizations will:

Gain access to a pool of top cybersecurity talent.
Receive detailed vulnerability reports and mitigation strategies.
Enhance their overall cybersecurity posture through proactive measures.

The NVDP welcomes cybersecurity professionals, ethical hackers, and organizations to join the National Vulnerability Disclosure Program (NVDP) for a safer Bangladesh.

Check Also

Deepfake

Meta fails to detect
9 Deepfake videos identified of Dr. Md. Yunus and Shakib Khan

Dr. Md. Yunus, the chief advisor to the interim government of Bangladesh, is the victim …

Leave a Reply

Your email address will not be published. Required fields are marked *