RansomHub targets Bangladeshi Confidence group of companies limited. The rapidly growing RansomHub ransomware group set time to release the data. The time remaining 4 days to release while publishing the report. According to the RansomHub ransomware group post, they are going to publish 350GB of confidence group data after the …
Read More »
OpenAI has neutralized over 20 malicious cyber operations using its AI chatbot, ChatGPT, for creating malware, spreading misinformation, avoiding detection, and spear-phishing. The report confirms that since the start of the year, generative AI tools are being used to improve offensive cyber operations. OpenAI’s latest report reveals that Chinese and …
Read More »
The Cyber Threat Intelligence (CTI) Unit at BGD e-GOV CIRT has discovered a malware campaign involving the Lumma Stealer family. They’ve found that various types of stealer malware are being spread using similar methods. CIRT is monitoring stealer malware campaigns and has found malware that steals sensitive information. Recently, the …
Read More »
National Attack Surface (NAS) report for the first half of 2024 reveals that 56.6% of cyberattacks in Bangladesh targeted educational institutions, indicating a serious lack of maintenance and updates for school websites, making them highly vulnerable. During this period, 32.4% of attacks targeted government websites, revealing significant security flaws. The …
Read More »
A new ransomware campaign is targeting individuals and organizations in the UK and US. The “Prince Ransomware” attack uses a phishing scam that pretends to be from the British postal service, Royal Mail. The Attack Methodology: Researchers at Proofpoint noticed the Prince Ransomware campaign in mid-September. The attack method is …
Read More »
In September, cybersecurity experts discovered 31 new ransomware variants that threaten individuals and businesses. These programs encrypt valuable data, making it inaccessible, and demand high ransoms for decryption keys. This not only risks personal and sensitive information but also creates significant financial burdens for victims. Ownerd SHA-256: 519a765a3341b03a035d158605eef4620e1094f0e3d1e7be1d1ac4750f2a0552 Extensions: .ownerd …
Read More »
CISA warns of two serious vulnerabilities in Optigo Networks ONS-S8 Aggregation Switches, which could allow authentication bypass and remote code execution in critical infrastructure. The flaws involve weak authentication, allowing users to bypass password requirements, and issues with validating user input, which could lead to remote code execution, arbitrary file …
Read More »
DataDog security researchers found that hackers are widely exploiting Docker Swarm, Kubernetes, and SSH servers. The newly discovered malware campaign focuses on “Docker” and “Kubernetes” environments and uses “Docker API” endpoint vulnerabilities as the ‘initial access vector.’ Hackers Exploiting Servers in Large Scale: The hackers install “cryptocurrency mining software” on …
Read More »
Microsoft cybersecurity researchers found that the “Storm-0501” ransomware group is targeting hybrid cloud environments. Storm-0501 Attacking Cloud Environments: Storm-0501 is a ‘financially motivated’ threat group that has launched a sophisticated ‘multi-stage attack’ targeting “hybrid cloud environments” across various ‘U.S. sectors’ and ‘critical infrastructure.’ The group exploited vulnerabilities in Zoho ManageEngine, …
Read More »
A threat actor likely operating out of India is relying on various cloud services to conduct cyberattacks against energy, defense, government, telecommunications, and technology entities of Bangladesh, Cloudflare reports. Tracked as SloppyLemming, this group is linked to Outrider Tiger, a threat actor associated with India, previously Crowdstrike said, that uses …
Read More »
InfoSecBulletin Cybersecurity for mankind