InfoSecBulletin Cybersecurity for mankind

Microsoft will assign Common Vulnerabilities and Exposures (CVE) numbers to important vulnerabilities found and fixed in their cloud services. This improves transparency and security by publicly disclosing vulnerabilities that can be fixed without user intervention. Microsoft’s decision to assign CVE numbers to cloud service vulnerabilities, regardless of whether customer action …

Indonesia’s temporary National Data Center (PDN) was attacked by ransomware last Thursday, leading to delays in airport immigration services and new student registration. The hackers are asking for an $8 million ransom, about Rp 131 billion, to give back the stolen data. The ransomware used in this incident is “Brain …

FortiGuard Labs found an attack that uses the CVE-2021-40444 vulnerability in Microsoft Office. This flaw lets attackers run harmful code through specific documents. The attack deployed a spyware called “MerkSpy” which secretly watches user activities, collects sensitive information, and stays on compromised systems. The attack starts with a harmless-looking Microsoft …