CISA Released Two Industrial Control Systems Advisories

CISA released two advisories on February 6, 2024. They contain important information about security issues, vulnerabilities, and exploits related to Industrial Control Systems (ICS).

ICSA-24-037-01 HID Global Encoders: Successful exploitation of this vulnerability could allow an attacker to read data from reader configuration cards and credentials. Reader configuration cards contain credential and device administration keys which could be used to create malicious configuration cards or credentials.

• Alert
• Vulnerabilities

Eight New ICS Advisories released by CISA

By infosecbulletin / Saturday , December 21 2024

CISA has released eight advisories on vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities affect essential software and hardware in...

Read More

• Cyber Attack
• Ransomware

Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI

By infosecbulletin / Friday , December 20 2024

Bank Rakyat Indonesia (BRI), the largest state bank by assets, has assured customers that their data and funds are secure...

Read More

• Data Breach

London-based company “Builder.ai” reportedly exposed 1.2 TB data

By infosecbulletin / Friday , December 20 2024

Cybersecurity researcher Jeremiah Fowler reported to Website Planet that he found a non-password-protected 1.2 TB dataset containing over 3 million...

Read More

• Alert
• Vulnerabilities

(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall

By infosecbulletin / Friday , December 20 2024

Sophos has fixed three separate security vulnerabilities in Sophos Firewall.  The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such...

Read More

• Event
• National

“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA

By infosecbulletin / Thursday , December 19 2024

A time-demanding workshop on "Cybersecurity Awareness and Needs Analysis" was held on Thursday (December 19) at Bangladesh Bank Training Academy...

Read More

• Alert
• Vulnerabilities

CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability

By infosecbulletin / Thursday , December 19 2024

Kaspersky's Global Emergency Response Team (GERT) found that attackers are exploiting a patched SQL injection vulnerability (CVE-2023-48788) in Fortinet FortiClient...

Read More

• Hot Topic
• International

U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports

By infosecbulletin / Wednesday , December 18 2024

The US government is considering banning a well-known brand of Chinese-made home internet routers TP-Link due to concerns that they...

Read More

• Daily Security Update

Daily Security Update Dated: 18.12.2024

By infosecbulletin / Wednesday , December 18 2024

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...

Read More

• Uncategorized

CISA released best practices to secure Microsoft 365 Cloud environments

By infosecbulletin / Wednesday , December 18 2024

CISA has issued Binding Operational Directive (BOD) 25-01, requiring federal civilian agencies to improve the security of their Microsoft 365...

Read More

• Uncategorized

Data breach! Ireland fines Meta $264 million, Australia $50m

By infosecbulletin / Wednesday , December 18 2024

The Irish Data Protection Commission fined Meta €251 million ($263.6 million) for GDPR violations related to a 2018 data breach...

Read More

ICSA-24-037-02 HID Global Reader Configuration Cards: Successful exploitation of this vulnerability could allow an attacker to read the credential and device administration keys from a configuration card. Those keys could be used to create malicious configuration cards or credentials.

Review the new ICS advisories released by CISA for technical details and mitigation recommendations.