InfoSecBulletin Cybersecurity for mankind
The rising number of attacks targeting cryptocurrency businesses underscores the urgent requirement for enhanced security measures. Once, Mixin suffered a devastating loss of assets amounting to $200 million when it fell victim to a cyberattack targeting its cloud service provider.
National Student Clearinghouse recently experienced a troubling data breach that has affected numerous schools throughout the United States. Recently, the government of Bermuda fell victim to a cyberattack, which has been traced back to Russian threat actors.
US introduces Cyber Trust Mark for smart devices
By infosecbulletin
/ Thursday , January 9 2025
Launched in July 2023, the new US Cyber Trust Mark allows smart devices from participating vendors to showcase their cyber...
Read More
CISA warns of critical Oracle, Mitel flaws active exploitation
By infosecbulletin
/ Wednesday , January 8 2025
CISA has urgent warnings for organizations regarding three security flaws in Mitel and Oracle systems that are currently being exploited....
Read More
Best Cybersecurity Certifications for Your Career in 2025
By infosecbulletin
/ Wednesday , January 8 2025
Cybersecurity professionals serve as the first line of defense against hackers, hacktivists, and ransomware groups. To combat these cyber threats,...
Read More
CVE-2024-40766
48,000+ Vulnerable SonicWall Devices exposed to ransomware attack
By infosecbulletin
/ Tuesday , January 7 2025
Over 48,000 SonicWall devices are still vulnerable to a serious security flaw, putting organizations worldwide at risk of ransomware attacks....
Read More
India releases draft Digital Personal Data Protection Rules
By infosecbulletin
/ Monday , January 6 2025
On Friday, the Indian government released the draft Digital Personal Data Protection Rules, requiring social media and online platforms to...
Read More
Microsoft to invest $80 Billion in AI Data Center
By infosecbulletin
/ Monday , January 6 2025
Microsoft recently shared a vision for the future of American technology and economic competitiveness, highlighting Artificial Intelligence (AI) as central...
Read More
City Bank Customer financial reports posted dark market for sale
By infosecbulletin
/ Sunday , January 5 2025
According to Bangladesh Cyber Security Intelligence (BCSI) report, City Bank has been the victim of a cyber attack. The hacker...
Read More
3.3 Million Email Server Expose User Passwords and Messages in Plain Text
By infosecbulletin
/ Saturday , January 4 2025
Around 3.3 million servers are running POP3/IMAP email services without encryption (TLS) enabled, the Shadowserver Foundation, a nonprofit security organization,...
Read More
Memory-Dump-UEFI
Researcher dumping memory to bypass BitLocker on Windows 11
By infosecbulletin
/ Thursday , January 2 2025
Researchers have demonstrated a method to bypass Windows 11’s BitLocker encryption, enabling the extraction of Full Volume Encryption Keys (FVEKs)...
Read More
CVE-2024-49112
PoC Exploit Released for Zero-Click vulnerability in Windows
By infosecbulletin
/ Thursday , January 2 2025
SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, dubbed “LDAP Nightmare”. This critical...
Read More
Here’s everything you need to know:
- Mixin, a cryptocurrency business based in Hong Kong, recently fell victim to a massive $200 million asset theft. This significant loss occurred when malicious threat actors targeted their cloud service provider, causing the temporary suspension of deposit and withdrawal services.
- A new TA866 campaign has been unveiled by researchers. This campaign strategically utilizes a fresh strain of Python malware in order to specifically target users who speak the Tatar language. This malware possesses the ability to capture screenshots and then effortlessly transmit them to a remote server through FTP.
- ESET has recently detected a novel backdoor malware, known as Deadglyph, that has been deployed in a sophisticated cyberespionage campaign against a government agency located in the Middle East. The malware has been linked to a UAE state-sponsored group named Stealth Falcon.
- A new attack campaign has been uncovered by Securonix Threat Research, targeting Ukraine’s military. This sophisticated operation, carried out by the notorious threat group UAC-0154, involves the use of malware-laced lure files disguised as UAV service manuals.
- Palo Alto Network’s Unit 42 published a new report on the Gelsemium APT group. They revealed that this group conducted a cyberespionage campaign against a Southeast Asian government. The campaign lasted for a impressive six-month period from 2022 to 2023.
