Monday , January 20 2025

Uncategorized

Microsoft January 2025 Patch, 159 Vuls, 10 Critical RCE’s

Microsoft’s January Patch Tuesday update fixed 159 vulnerabilities, including 10 critical Remote Code Execution (RCE) issues. These updates are essential for protecting Windows and related software from exploitation. Key Highlights of December 2024 Patch Tuesday Updates: CVE-2025-21362 & CVE-2025-21354: Both issues are vulnerabilities in Microsoft Excel that allow remote code …

Read More »

CVE-2023-37936
Fortinet released update for a critical cryptographic key vuln

cryptographic key

Fortinet released security patches for a critical vulnerability (CVE-2023-37936) involving a hard-coded cryptographic key. This flaw lets remote, unauthorized attackers use the key to execute unauthorized code through specially crafted cryptographic requests. The use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through …

Read More »

Emerging Phishing Threat in Bangladesh’s Cyber Space

BGD e-GOV CIRT report highlights a recent surge in phishing attacks targeting Bangladeshi government organizations, law enforcement, and educational institutions. These attacks aim to steal sensitive information by impersonating official entities and using malicious attachments and links. Key details include: Target Sectors: Government organizations Law enforcement agencies Educational institutions Phishing …

Read More »

Alert! Fake Crowdstrike Recruitment Emails Spread XMRig cryptominer

XMRig

In a sophisticated phishing campaign, uncovered cybercriminals are exploiting CrowdStrike’s recruitment branding to target developers and deploy the XMRig cryptominer. This scam uses fake job offers to trick victims into downloading harmful software disguised as an “employee CRM application.” The attack starts with a phishing email pretending to be from …

Read More »

Palo Alto Networks Expedition Tool Vuln Lead to Exposure of Firewall Credentials

Expedition

Palo Alto Networks released a security advisory about vulnerabilities in its Expedition migration tool that could expose sensitive data and enable unauthorized actions on affected systems. Expedition, formerly the Migration Tool, is a free tool that helps users migrate to the Palo Alto Networks NGFW platform and provides a temporary …

Read More »

Best Cybersecurity Certifications for Your Career in 2025

Cybersecurity

Cybersecurity professionals serve as the first line of defense against hackers, hacktivists, and ransomware groups. To combat these cyber threats, there is an ever-growing need for skilled individuals who can effectively identify and mitigate cyber risks. As we enter 2025, both aspiring cybersecurity experts and seasoned professionals must stay informed …

Read More »