The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified six security vulnerabilities that are being actively exploited. These vulnerabilities have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. CVE-2023-27524 is a high-severity vulnerability in Apache Superset. It has a CVSS score of 8.9 and could allow remote code …
Read More »
Hudson Researchers reported that on December 20th, ‘irleaks’ claimed to have 160 million records from 23 top insurance companies in Iran for sale. The hacker says they have stolen data like names, birth dates, phone numbers, national codes, and more. They have shared a sample of the data and want …
Read More »
Bangladesh Bank’s Financial Intelligence Unit (BFIU) warned about the fraudulent activities of the MLM company ‘Onpassive‘. BFIU issued a warning on Thursday (December 14). ALSO READ: Quishing: New Phishing Attacks Tactics Rising The intelligence unit has reported that there have been cases of large-scale embezzlement from ordinary people through different …
Read More »
Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT) proactively releases critical threat intelligence information to ensure the security of Bangladesh’s cyberspace. Following this, CIRT has recently identified critical vulnerabilities for critical information infrastructure (CII). CIRT published cyber alert for critical information infrastructure (CII) on Thursday (23 November). The report …
Read More »
Bangladesh Bank alert on a cyber attack on 15 August to the bank and financial institutions. Sunday (6 July) Bangladesh Bank issued the alert. Taken the cyber threat by the threat actor as serious the alert read the following: ALSO READ: 15 August target possible big cyber attack in BD; …
Read More »
CISA has released three Industrial Control Systems (ICS) advisories on July 6, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-23-187-01 PiiGAB M-Bus ICSA-23-187-02 ABUS TVIP …
Read More »
Three hacking groups, Killnet, Anonymous Sudan, and REvil, have threatened to launch a “destructive” attack against the European financial system, starting with the SWIFT international communications system. The attack is expected to take place within the next 48 hours. The groups are reportedly motivated by political reasons, as they are …
Read More »
A newly discovered multi-stage Adversary-in-the-Middle (AitM) phishing and BEC attack campaign has been targeting banking and financial organizations. According to Microsoft, the attack originated from a compromised trusted vendor and transitioned to a series of AitM and BEC attacks. During this period, the attackers abused the trusted relationship between vendors, …
Read More »
Google on Monday released security updates to patch a high-severity vulnerability in its Chrome web browser. The vulnerability, known as CVE-2023-3079, is a type confusion bug in the V8 JavaScript engine. It has been reported that this vulnerability is being actively exploited in the wild. The update is available for …
Read More »
Vixen Panda APT Group suspected of targeting foreign ministry in cyberattack A Chinese hacker group, Vixen Panda, is suspected of targeting the Foreign Ministry in a recent cyberattack. As per a new report by Euractiv, the hackers showed a keen interest in policy documents. German Arms Manufacturer Rheinmetall Targeted in …
Read More »
InfoSecBulletin Cybersecurity for mankind