InfoSecBulletin Cybersecurity for mankind
Trend Micro warned customers to quickly secure their systems due to a remote code execution vulnerability in its Apex One endpoint security platform that is currently being exploited. Apex One is an endpoint security platform designed to automatically detect and respond to threats, including malicious tools, malware, and vulnerabilities. The …
Read More »TimeLine Layout
August, 2025
-
6 August
Bangladeshi gov.t/law enforcement email accounts compromised
A coordinated phishing campaign has been uncovered targeting critical Bangladeshi infrastructure — particularly government organizations and law enforcement agencies. This attack leveraged compromised official email credentials to distribute fraudulent emails containing malicious attachments and deceptive login pages reported by BGD e-Gov CIRT. 📌 Key Attack Techniques: Email Spoofing Using Trusted …
Read More » -
6 August
Dell Laptop PCs 100+ models affected through “ReVault” attack
More than 100 Dell laptop models in the Latitude and Precision series are vulnerable due to five common security issues affecting their firmware and Microsoft Windows APIs, according to a Cisco Talos report. Talos researchers named the vulnerabilities ReVault. They allow an attacker to keep access to a victim’s device …
Read More » -
6 August
Cisco reveals data breach affecting Cisco.com user accounts
On July 24, 2025, Cisco learned of a vishing attack aimed at one of its representatives, allowing a bad actor to access basic profile information from a third-party CRM system. Upon learning of the incident, the actor’s access to that CRM system instance was immediately terminated and Cisco commenced an …
Read More » -
5 August
Firepass Offers Safer, Cheaper Alternative to Traditional Fire Systems
SmartData, has introduced advanced fire-extinguishing technology; Firepass, is gaining attention in Bangladesh as a fire prevention solution. This technology prevents fire from spreading in a specific area and can quickly extinguish any fire that starts. Now, this technology is cheaper than the traditional fire fighting system in Bangladesh but its …
Read More » -
5 August
Cloud intrusions surged 136% H1 of 2025
Cloud intrusions increased significantly in the first half of 2025, rising 136% compared to all of 2024, as reported by CrowdStrike’s 2025 Threat Hunting Report. Researchers noted that the data shows more attackers are learning to target cloud environments by exploiting misconfigurations, maintaining access, and moving laterally. The explosion in …
Read More » -
4 August
Fraud Alert
Fake Website Impersonates Bangladesh’s National Card Scheme TakaPay
Bangladesh Bank has issued a public warning regarding a fraudulent website operating under the guise of the country’s official National Card Scheme, TakaPay. According to the central bank, the fake website (https://takapaycard.com) is illegally collecting sensitive personal information, including names, phone numbers, email addresses, national IDs, and passport numbers. The …
Read More » -
4 August
HashiCorp patched A Vault Flaw Allowing Code Execution
HashiCorp has recently fixed a critical vulnerability—CVE-2025-6000—in its secrets management tool, Vault. With a CVSS score of 9.1, this flaw could let privileged Vault operators run arbitrary code on the host system if misconfigured. “A privileged Vault operator within the root namespace with write permission to sys/audit may obtain code …
Read More » -
3 August
SOCRadar Report
Emerging “SafePay” Ransomware Infected 260+ Victims Worldwide
A new ransomware threat in 2025, SafePay, has executed over 265 attacks across various continents. The group emerged in September 2024, initially targeting around 20 victims. Since early 2025, it has significantly intensified its operations and now poses a serious threat in global ransomware. SafePay’s victims are mostly in developed …
Read More » -
1 August
CISA unveils open-sources Thorium platform for malware, forensic analysis
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced today that Thorium, an open-source platform for malware and forensic analysis, is now publicly available for government, public, and private sectors. Thorium is a scalable cybersecurity tool created with Sandia National Laboratories that automates tasks in cyberattack investigations. It can handle …
Read More »