InfoSecBulletin Cybersecurity for mankind
Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so on. Its our daily security digest to cover the latest happenings in the world.
Spend a bit time to read out todays update:
3.3 Million Email Server Expose User Passwords and Messages in Plain Text
By infosecbulletin
/ Saturday , January 4 2025
Around 3.3 million servers are running POP3/IMAP email services without encryption (TLS) enabled, the Shadowserver Foundation, a nonprofit security organization,...
Read More
Memory-Dump-UEFI
Researcher dumping memory to bypass BitLocker on Windows 11
By infosecbulletin
/ Thursday , January 2 2025
Researchers have demonstrated a method to bypass Windows 11’s BitLocker encryption, enabling the extraction of Full Volume Encryption Keys (FVEKs)...
Read More
CVE-2024-49112
PoC Exploit Released for Zero-Click vulnerability in Windows
By infosecbulletin
/ Thursday , January 2 2025
SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, dubbed “LDAP Nightmare”. This critical...
Read More
Financial Threat Assessment 2024
BCSI marks Bangladeshi 28 banks high, 10 medium for cyber attack
By infosecbulletin
/ Tuesday , December 31 2024
Bangladesh Cyber Security Intelligence (BCSI) has published Financial Threat Assessment report for 2024. In an era where financial institutions and...
Read More
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster
By infosecbulletin
/ Tuesday , December 31 2024
Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow integration that, if successfully exploited, could...
Read More
US Treasury says it was hacked by China via third party: Beijing denies
By infosecbulletin
/ Tuesday , December 31 2024
The US Treasury Department said on Monday that Chinese-linked hackers were able to gain access to ‘unclassified documents’ after compromising...
Read More
PoC Exploited Released for Oracle Weblogic Server Vul
By infosecbulletin
/ Monday , December 30 2024
Security researchers have warned that a Proof-of-Concept (PoC) exploit has been publicly released for a critical vulnerability affecting Oracle WebLogic...
Read More
Microsoft warn dev urgently to update .NET installer link
By infosecbulletin
/ Monday , December 30 2024
Microsoft is forcing .NET developers to quickly update their apps and developer pipelines so they do not use 'azureedge.net' domains...
Read More
Look back; The Worst Hacks of 2024
By infosecbulletin
/ Monday , December 30 2024
In 2024, digital security experienced major breaches as cybercriminals and state-backed groups exploited vulnerabilities for large-scale attacks. These incidents were...
Read More
HIPAA to be updated with new cybersecurity regulations, White House
By infosecbulletin
/ Sunday , December 29 2024
Proposed new cybersecurity rules for healthcare institutions will focus on how they protect user data under HIPAA, as stated by...
Read More
Volunteer hackers dive into America’s leaky water infrastructure (Source: The Register)
Starbucks Wrestles With Ransomware Attack on Software Supplier (Source: The Wall Street Journal)
UK hospital suffers cyber incident, systems down (Source: ECHO)
New York fines Geico $9.8 million over data breach (Source: Reuters)
