Daily Cybersecurity update, November 03

*About 5,000 Okta employees had their data accessed during a third-party data breach on October 12. The breach involved stolen information, including names, Social Security numbers, and medical insurance details of both current and former employees.

*The AP News website was down because of a DDoS attack. Only some pages and story links didn’t load, but the delivery to customers and mobile apps worked fine.

• Hot Topic
• International

FBI seized BreachForums, including telegram channel

By infosecbulletin / Wednesday , May 15 2024

FBI has seized hacking forum "BreachForums" popularly known as a Breached hacking forum in the underground market on Wednesday morning...

Read More

• Cyber Attack
• National
• Ransomware

Kaspersky report
Bangladesh faces over 34,000 ransomware attacks

By infosecbulletin / Wednesday , May 15 2024

Antivirus manufacturer Kaspersky inform that it has detected over 34,000 ransomware attacks targeting various organizations in Bangladesh from January to...

Read More

• Vulnerabilities

FortiOS & FortiProxy SSL-VPN Flaw Allows IP Spoofing

By infosecbulletin / Wednesday , May 15 2024

A vulnerability has been discovered in Fortinet’s FortiOS SSL-VPN and FortiProxy SSL-VPN. The flaw is identified as FG-23-225 which allows...

Read More

• Ransomware

Ransomware Activities this week: Threatmon report

By infosecbulletin / Wednesday , May 15 2024

According to the Threatmon advanced threat monitoring platform, LockBit is in the top position in the category of top active...

Read More

• International

ALERT
CISA Releases Four Industrial Control Systems Advisories

By infosecbulletin / Wednesday , May 15 2024

On Tuesday (May 14), CISA released four Industrial Control Systems (ICS) advisories which provide timely information about current security issues,...

Read More

• Vulnerabilities

Microsoft May 2024 Patch Tuesday fixes 61 flaws 2 zero-days

By infosecbulletin / Wednesday , May 15 2024

Microsoft patched May 2024 Tuesday including updates for 61 flaws and three publicly disclosed zero days. This update fixed Microsoft...

Read More

• National

Newly circulated reserve theft is false: Bangladesh Bank

By infosecbulletin / Tuesday , May 14 2024

On Tuesday (14.05.2024) Bangladesh Bank spokesperson Majbaul Haque said to media that the information published in the report is completely...

Read More

• Bank
• National

Bangladesh bank published CBS guideline Version 2.0

By infosecbulletin / Monday , May 13 2024

The banking industry in Bangladesh is the core driver in economic development of the country. The focus on inclusion and...

Read More

• International
• Vulnerabilities

Fortinet report
Attackers exploiting vulnerabilities 50% faster, just 4.76 days

By infosecbulletin / Monday , May 13 2024

Fortinet reported that in the second half of 2023, the average time form the disclosure of a vulnerability to its...

Read More

• Cyber Attack

TechCrunch report
Indian gov.t sites compromised to plant online betting ads

By infosecbulletin / Sunday , May 12 2024

Indian government websites have been used by scammers to place ads that send visitors to online betting sites. TechCrunch found...

Read More

*MITRE has released version 14 of the ATT&CK framework. It includes improvements to detections and ICS and mobile matrices. The new version covers a total of 760 software, 143 activity groups, and 24 campaigns in enterprise, mobile, and ICS matrices.

*48 malicious packages were found in the npm repository. These packages can deploy a reverse shell on compromised systems. They used legitimate names to deceive users.