CISA reveals 2 Industrial Control Systems Advisories

On October 1, 2024, CISA released two advisories regarding Industrial Control Systems (ICS), highlighting current security issues, vulnerabilities, and exploits in the field.

ICSA-24-275-01 Optigo Networks ONS-S8 Spectra Aggregation Switch:

• Cyber Attack
• Ransomware

Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI

By infosecbulletin / Friday , December 20 2024

Bank Rakyat Indonesia (BRI), the largest state bank by assets, has assured customers that their data and funds are secure...

Read More

• Data Breach

London-based company “Builder.ai” reportedly exposed 1.2 TB data

By infosecbulletin / Friday , December 20 2024

Cybersecurity researcher Jeremiah Fowler reported to Website Planet that he found a non-password-protected 1.2 TB dataset containing over 3 million...

Read More

• Alert
• Vulnerabilities

(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall

By infosecbulletin / Friday , December 20 2024

Sophos has fixed three separate security vulnerabilities in Sophos Firewall.  The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such...

Read More

• Event
• National

“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA

By infosecbulletin / Thursday , December 19 2024

A time-demanding workshop on "Cybersecurity Awareness and Needs Analysis" was held on Thursday (December 19) at Bangladesh Bank Training Academy...

Read More

• Alert
• Vulnerabilities

CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability

By infosecbulletin / Thursday , December 19 2024

Kaspersky's Global Emergency Response Team (GERT) found that attackers are exploiting a patched SQL injection vulnerability (CVE-2023-48788) in Fortinet FortiClient...

Read More

• Hot Topic
• International

U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports

By infosecbulletin / Wednesday , December 18 2024

The US government is considering banning a well-known brand of Chinese-made home internet routers TP-Link due to concerns that they...

Read More

• Daily Security Update

Daily Security Update Dated: 18.12.2024

By infosecbulletin / Wednesday , December 18 2024

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...

Read More

• Uncategorized

CISA released best practices to secure Microsoft 365 Cloud environments

By infosecbulletin / Wednesday , December 18 2024

CISA has issued Binding Operational Directive (BOD) 25-01, requiring federal civilian agencies to improve the security of their Microsoft 365...

Read More

• Uncategorized

Data breach! Ireland fines Meta $264 million, Australia $50m

By infosecbulletin / Wednesday , December 18 2024

The Irish Data Protection Commission fined Meta €251 million ($263.6 million) for GDPR violations related to a 2018 data breach...

Read More

• Cyber Attack
• Vulnerabilities

Over 25K SonicWall VPN Firewalls exposed to critical flaws

By infosecbulletin / Wednesday , December 18 2024

More than 25,000 SonicWall SSL VPN devices are vulnerable to critical flaws, with 20,000 running outdated SonicOS/OSX firmware that is...

Read More

Successful exploitation of these vulnerabilities could allow an attacker to achieve remote code execution, arbitrary file upload, or bypass authentication.

ICSA-24-275-02 Mitsubishi Electric MELSEC iQ-F FX5-OPC:

Successful exploitation of this vulnerability could allow a remote attacker to cause a Denial-of-Service (DoS) condition on the product by getting a legitimate user to import a specially crafted PKCS#12 format certificate.

CISA advises users and administrators to check the latest ICS advisories for technical information and mitigations.