InfoSecBulletin Cybersecurity for mankind
A new technique for launching distributed denial of service (DDoS) attacks has been discovered. It is identified as CVE-2023-44487 and has a high severity rating of 7.5. In addition, this vulnerability has been known to be actively exploited by threat actors in the wild.
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
CISA released best practices to secure Microsoft 365 Cloud environments
Data breach! Ireland fines Meta $264 million, Australia $50m
CVE-2023-44487: HTTP/2 Rapid Reset
A threat actor could exploit this vulnerability by leveraging an HTTP/2 weakness, causing a Distributed Denial of Service on vulnerable Cisco devices.
HTTP/2 rapid reset is a type of attack that uses the efficiency of the HTTP/2 protocol to launch a DDoS attack.
A threat actor can make the client open many simultaneous streams on one TCP connection, with each stream corresponding to an HTTP request.
Click here to read the full article.
BD CIRT published CVE of f5, Apache, Juniper, Citrix and Atlassian
