Tuesday , January 16 2024
Alert, Vulnerabilities
In a blog post BishopFox said, SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities with the potential for remote code execution. SonicWall published advisories for CVE-2022-22274 and CVE-2023-0656 a year apart and reported that no exploitation had been observed in the wild; …
Read More »
Friday , January 12 2024
Alert, International
CISA issued nine advisories about Industrial Control Systems (ICS) on January 11, 2024, to give timely information about security issues, vulnerabilities, and exploits related to ICS. ICSA-24-011-03 Rapid Software LLC Rapid SCADA ICSA-24-011-04 Horner Automation Cscape ICSA-24-011-05 Schneider Electric Easergy Studio ICSA-24-011-06 Siemens Teamcenter Visualization and JT2Go ICSA-24-011-07 Siemens Spectrum …
Read More »
Wednesday , January 10 2024
Alert, Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified six security vulnerabilities that are being actively exploited. These vulnerabilities have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. CVE-2023-27524 is a high-severity vulnerability in Apache Superset. It has a CVSS score of 8.9 and could allow remote code …
Read More »
Tuesday , January 2 2024
Alert, Cyber Attack, Data Breach, Hot Topic, International
Hudson Researchers reported that on December 20th, ‘irleaks’ claimed to have 160 million records from 23 top insurance companies in Iran for sale. The hacker says they have stolen data like names, birth dates, phone numbers, national codes, and more. They have shared a sample of the data and want …
Read More »
Thursday , December 14 2023
Alert, Bank, National
Bangladesh Bank’s Financial Intelligence Unit (BFIU) warned about the fraudulent activities of the MLM company ‘Onpassive‘. BFIU issued a warning on Thursday (December 14). ALSO READ: Quishing: New Phishing Attacks Tactics Rising The intelligence unit has reported that there have been cases of large-scale embezzlement from ordinary people through different …
Read More »
Thursday , November 23 2023
Alert, Bank, International, National, Uncategorized, Vulnerabilities
Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT) proactively releases critical threat intelligence information to ensure the security of Bangladesh’s cyberspace. Following this, CIRT has recently identified critical vulnerabilities for critical information infrastructure (CII). CIRT published cyber alert for critical information infrastructure (CII) on Thursday (23 November). The report …
Read More »
Sunday , August 6 2023
Alert, Bank, Hot Topic, National
Bangladesh Bank alert on a cyber attack on 15 August to the bank and financial institutions. Sunday (6 July) Bangladesh Bank issued the alert. Taken the cyber threat by the threat actor as serious the alert read the following: ALSO READ: 15 August target possible big cyber attack in BD; …
Read More »
Friday , July 7 2023
Alert
CISA has released three Industrial Control Systems (ICS) advisories on July 6, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-23-187-01 PiiGAB M-Bus ICSA-23-187-02 ABUS TVIP …
Read More »
Friday , June 16 2023
Alert, Hot Topic, International
Three hacking groups, Killnet, Anonymous Sudan, and REvil, have threatened to launch a “destructive” attack against the European financial system, starting with the SWIFT international communications system. The attack is expected to take place within the next 48 hours. The groups are reportedly motivated by political reasons, as they are …
Read More »
Tuesday , June 13 2023
Alert, Hot Topic
A newly discovered multi-stage Adversary-in-the-Middle (AitM) phishing and BEC attack campaign has been targeting banking and financial organizations. According to Microsoft, the attack originated from a compromised trusted vendor and transitioned to a series of AitM and BEC attacks. During this period, the attackers abused the trusted relationship between vendors, …
Read More »
InfoSecBulletin Cybersecurity for mankind
