National

bdNOG 20th conference successfully held in Sylhet with huge number of participations from home and abroad. The 4 days conference include technical session, keynote speech Q&A and so on Co-hosted by Internet service provider of Bangladesh (ISPAB). On the title “Optimizing DNS Performance in Kubernetes: Challenges and Best Practices” Md …

A new Android banking Trojan called Herodotus has emerged recently. It is offered as Malware-as-a-Service (MaaS) and pretends to be a legitimate app to trick users into installing an APK. After installation, it requests sensitive permissions and can control the device for banking transactions. A modern mobile attack, yet once …

BIND9 DNA Cache poisoning impact 267 IPs in Bangladesh via CVE: 2025-40778. The high severity flaw can allow remote attackers to inject forged DNS records into resolver caches. BGD e-GOV CIRT published an advisory stating all organizations operating BIND 9 resolvers in Bangladesh (ISPs, data centers, government, enterprises) must upgrade …

The government and Bangladesh Telecommunication Regulatory Commission (BTRC) have received credible information that some companies of Bangladesh Internet Service Providing (ISP) sector are trying to destroy the networks and businesses of rival ISPs through DDoS (Distributed Denial of Service) attacks organized from abroad according to Faiz Ahmad Taiyeb adviser (Ministry …

Trellix Advanced Research Center (ARC) found a campaign targeting a European embassy in New Delhi, India. Further investigation uncovered multiple targeted institutions across Sri Lanka, Pakistan, and Bangladesh. This report analyzes the tactics used by SideWinder, an APT group known for espionage in Asia. The investigation shows that SideWinder has …

Bangladesh cyber security watchdog BGD e-GOV CIRT published an advisory (27.10.2025) regarding critical romote code execution vulnarability in Microsoft WSUS CVSS score 9.8 as per NVD, NIST. CIRT has detected a serious security flaw in Microsoft’s WSUS that could let an attacker fully control a WSUS server. This vulnerability not …

Mysterious Elephant is an active APT group identified by Kaspersky GReAT in 2023. It continually evolves its tactics to avoid detection. The group’s recent campaign, starting in early 2025, shows a notable change in their tactics, focusing more on new custom tools and open-source tools like BabShell and MemLoader. The …

Prime Bank PLC is leading the way in enhancing digital security in Bangladesh’s Banking, Financial Services, and Insurance (BFSI) sector by implementing DNS Security Extensions (DNSSEC) for its .com.bd domain. Prime Bank is the first bank in .com.bd to implement DNSSEC, showcasing its commitment to taking proactive cybersecurity measures. As …

A special alert has been issued at all international and domestic airports in Bangladesh due to the threat of cyber attacks. At the same time, 10 special instructions have been given to the airports. A letter of this instruction, signed by Air Commodore Abu Sayeed Mehboob Khan, Member (Planning and …

An organised racket has reportedly siphoned off lakhs from Standard Chartered Bangladesh’s (SCB) credit card holders, raising serious cybersecurity concerns. According to a Bangladesh Bank source, a total of Tk27 lakh was siphoned from the credit cards of 54 customers of Standard Chartered Bangladesh during the last week of August. …