CISA Unveils advisories for Two Industrial Control Systems

CISA released two advisories about security issues for Industrial Control Systems (ICS) on July 25, 2024. These advisories offer important information about current vulnerabilities and exploits for ICS.

ICSA-24-207-01 Siemens SICAM Products:

• Alert
• Vulnerabilities

Eight New ICS Advisories released by CISA

By infosecbulletin / Saturday , December 21 2024

CISA has released eight advisories on vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities affect essential software and hardware in...

Read More

• Cyber Attack
• Ransomware

Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI

By infosecbulletin / Friday , December 20 2024

Bank Rakyat Indonesia (BRI), the largest state bank by assets, has assured customers that their data and funds are secure...

Read More

• Data Breach

London-based company “Builder.ai” reportedly exposed 1.2 TB data

By infosecbulletin / Friday , December 20 2024

Cybersecurity researcher Jeremiah Fowler reported to Website Planet that he found a non-password-protected 1.2 TB dataset containing over 3 million...

Read More

• Alert
• Vulnerabilities

(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall

By infosecbulletin / Friday , December 20 2024

Sophos has fixed three separate security vulnerabilities in Sophos Firewall.  The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such...

Read More

• Event
• National

“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA

By infosecbulletin / Thursday , December 19 2024

A time-demanding workshop on "Cybersecurity Awareness and Needs Analysis" was held on Thursday (December 19) at Bangladesh Bank Training Academy...

Read More

• Alert
• Vulnerabilities

CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability

By infosecbulletin / Thursday , December 19 2024

Kaspersky's Global Emergency Response Team (GERT) found that attackers are exploiting a patched SQL injection vulnerability (CVE-2023-48788) in Fortinet FortiClient...

Read More

• Hot Topic
• International

U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports

By infosecbulletin / Wednesday , December 18 2024

The US government is considering banning a well-known brand of Chinese-made home internet routers TP-Link due to concerns that they...

Read More

• Daily Security Update

Daily Security Update Dated: 18.12.2024

By infosecbulletin / Wednesday , December 18 2024

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...

Read More

• Uncategorized

CISA released best practices to secure Microsoft 365 Cloud environments

By infosecbulletin / Wednesday , December 18 2024

CISA has issued Binding Operational Directive (BOD) 25-01, requiring federal civilian agencies to improve the security of their Microsoft 365...

Read More

• Uncategorized

Data breach! Ireland fines Meta $264 million, Australia $50m

By infosecbulletin / Wednesday , December 18 2024

The Irish Data Protection Commission fined Meta €251 million ($263.6 million) for GDPR violations related to a 2018 data breach...

Read More

Successful exploitation of these vulnerabilities could allow an attacker to perform an unauthorized password reset which could lead to privilege escalation and potential leak of information.

ICSA-24-207-02 Positron Broadcast Signal Processor: 

Successful exploitation of this vulnerability could allow an attacker to bypass authentication and access unauthorized protected areas of the application.

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.