Saturday , April 19 2025

SQL database of Bangladesh RTHD’s Training Data compromised

infosecbulletin Tuesday , July 30 2024 Cyber Attack, National

Bangladesh Road Transport and Highways Division (RTHD) experienced a data breach recently. An attacker, who goes by the alias “frog,” successfully accessed the SQL data of RTHD’s Road and Road Training Department. The breach was discovered earlier this week and is being analyzed by the expert team at Bangladesh Cyber Security Intelligence (BCSI).

According to the BCSI report, they are still determining the full extent of the breach. Initial findings indicate that sensitive information about road transport and training records may have been accessed and possibly taken. The compromised SQL database is thought to hold important data that could be misused if it falls into the wrong hands.

CVE-2025-2492
ASUS warns of critical auth bypass flaw in routers

By infosecbulletin / Friday , April 18 2025
Hackers can exploit a vulnerability in Asus routers to execute unauthorized functions. This serious issue, rated 9.2 out of 10,...
Read More
CVE-2025-2492 ASUS warns of critical auth bypass flaw in routers

16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia

By infosecbulletin / Friday , April 18 2025
According to Shadowserver Foundation around 17,000 Fortinet devices worldwide have been compromised using a new technique called "symlink". This number...
Read More
16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia

Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

By infosecbulletin / Friday , April 18 2025
A critical security flaw has been found in the Erlang/Open Telecom Platform (OTP) SSH implementation, allowing an attacker to run...
Read More
Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

CISA warns of increasing risk tied to Oracle legacy Cloud leak

By infosecbulletin / Thursday , April 17 2025
On Wednesday, CISA alerted about increased breach risks due to the earlier compromise of legacy Oracle Cloud servers, emphasizing the...
Read More
CISA warns of increasing risk tied to Oracle legacy Cloud leak

CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App

By infosecbulletin / Thursday , April 17 2025
Cisco issued a security advisory about a serious vulnerability in its Webex App that allows unauthenticated remote code execution (RCE)...
Read More
CVE-2025-20236 Cisco Patches Unauthenticated RCE Flaw in Webex App

Apple released emergency security updates for 2 zero-day vulns

By infosecbulletin / Thursday , April 17 2025
On Wednesday, Apple released urgent operating system updates to address two security vulnerabilities that had already been exploited in highly...
Read More
Apple released emergency security updates for 2 zero-day vulns

Oracle Released Patched for 378 flaws for April 2025

By infosecbulletin / Wednesday , April 16 2025
On April 15, 2025, Oracle released a Critical Patch Update for 378 flaws for its products. The patch update covers...
Read More
Oracle Released Patched for 378 flaws for April 2025

CVE-2025-24054
Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

By infosecbulletin / Wednesday , April 16 2025
Check Point Research warns of the active exploitation of a new vulnerability, CVE-2025-24054, which lets hackers leak NTLMv2-SSP hashes using...
Read More
CVE-2025-24054 Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

Bengaluru firm got ransomware attack, Hacker demanded $70,000

By infosecbulletin / Wednesday , April 16 2025
Bengaluru's Whiteboard Technologies Pvt Ltd was hit by a ransomware attack, with hackers demanding a ransom of up to $70,000...
Read More
Bengaluru firm got ransomware attack, Hacker demanded $70,000

MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

By infosecbulletin / Wednesday , April 16 2025
MITRE Vice President Yosry Barsoum warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness...
Read More
MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

BCSI members are carefully examining the compromised data to determine the complete extent and consequences of the incident. Their work is essential in identifying the weaknesses used by “frog” and preventing similar breaches from happening again.

The data breach at the Road and Road Training Department is a serious problem. It could put sensitive information like training records, personal details, and department communications at risk. This could lead to identity theft, fraud, and other cybercrimes.

Source: BCSI

The breach could have big impacts on Bangladesh’s road transport. Training programs and road security could be compromised, affecting the safety and efficiency of the transportation network.

BCSI said they are continuing the investigation. it’s crucial for everyone involved to stay alert and take active steps to improve their cybersecurity. The breach at RTHD’s Road and Road Training Department highlights the need to protect sensitive data and strengthen defenses against advanced cyber threats.

BCSI urges cybersecurity community and government agencies to collaborate in order to address the challenges posed by cybercriminals and safeguard Bangladesh’s critical infrastructure from future attacks.

Check Also

Ivanti

Hackers Exploit Ivanti VPN Vulns 12 Countries to Infiltrate Multiple Orgs

In late March, TeamT5 found that a China-linked APT group exploited a critical vulnerability in …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin