InfoSecBulletin Cybersecurity for mankind
The Cyber Threat Intelligence Unit at BGD e-GOV CIRT has noticed an increase in cyber-attacks on organizations. These attacks are aimed at compromising third-party service providers. Several organizations in Bangladesh have experienced data breaches.
Some individuals employed by third party service providers, tasked with offering technical support to various client organizations, have been targeted by information-stealing malware.
SonicWall patched SSLVPN Vuln Allowing Firewall Crashing
GitLab Releases Security Update For Multiple Vulns
ISPAB president “whatsapp” got hacked via phishing link
Zyxel released patches 2 vulns in its USG FLEX H series firewalls
South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked
ChatGPT Develops Exploit for CVEs Before Public PoCs Share
TP-Link Router Vulns Allow to Execute Malicious SQL Commands
SSL.com’s domain validation system’s bug found: Hacker exploited
Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals
Hackers Exploit Zoom’s Remote Control Feature for System Access
The malware stole important data like system information, browser cookies, and user account credentials. Then, the hackers used this stolen data to get into the client organizations’ networks without permission. The attack got worse quickly, as the hackers used advanced techniques to gain more access to important assets and move around within the compromised organization.
BGD e-GOV CIRT issues this alert to all organizations in Bangladesh, warning about the significant risks stemming from compromises at third-party service providers. CIRT strongly encouraged organizations to take proactive steps to protect their assets from potential attacks.
CIRT instructs some the preventive measures to follow for attack risks originating from third party service
providers:
1. Clearly define access control policies for third-party employees.
2. Limit network access to specific segments required for their tasks.
3. Use VPN with strict access policies.
4. Provide regular phishing awareness training.
5. Enforce device security policies.
6. Use temporary credentials with limited validity.
7. Monitor and audit their activities.
8. Establish an incident response plan.
9. Include security requirements in contractual agreements and CIRT mention to their cyber threat alert that organization to report any incidents to BGD e-GOV CIRT at [email protected].
