InfoSecBulletin Cybersecurity for mankind
Bangladeshi-born Bengali American data scientist, Dr. Rumman Chowdhury, has earned a well-deserved spot on the esteemed TIME 100 AI list. This incredible accolade acknowledges her remarkable impact in the world of Artificial Intelligence (AI). Dr. Chowdhury is a prominent figure in the field of applied algorithmic ethics. By combining data …
Read More »TimeLine Layout
September, 2023
-
8 September
Daily Cybersecurity Update, September 07, 2023
Tenable entered a definitive agreement to acquire cloud security startup Ermetic for $240 million in cash and $25 million in restricted stock and restricted stock units. Malwarebytes Labs spotted a malvertising campaign targeting both Windows and Mac users with a new Atomic Stealer variant. It uses phishing sites and Google …
Read More » -
7 September
MITRE and CISA Release Tool to Help Organizations Mitigate OT Attacks
The MITRE Corporation and the US Cybersecurity and Infrastructure Security Agency (CISA) released Caldera for OT, a new extension to the open source Caldera platform that emulates adversarial attacks against operational technology (OT). Caldera for OT is the result of a collaboration between MITRE, CISA, and the Homeland Security Systems …
Read More » -
7 September
Hacker group again threat attack Bangladesh 19 September: CIRT Alert
The Indian Cyber Force (ICF) hackers group again threat they are going to attack Bangladesh coming 19 September for the 2nd time. Prior to that, they attack Bangladeshi infrastructure on 15 August and according the calculation provided by the BGD e-Gov CIRT on that day more than 10 websites were …
Read More » -
3 September
Chrome extensions can steal plaintext passwords from websites
A team of researchers from the University of Wisconsin-Madison has uploaded to the Chrome Web Store a proof-of-concept extension that can steal plaintext passwords from a website’s source code. An examination of the text input fields in web browsers revealed that the coarse-grained permission model underpinning Chrome extensions violates the principles …
Read More » -
1 September
VMware Tools contains a SAML Token Signature Bypass Vulnerability
A SAML token signature bypass vulnerability in VMware Tools was responsibly reported to VMware with a maximum CVSSv3 base score of 7.5. Updates are available to remediate this vulnerability in the affected VMware products. Click here to read full report.
Read More »
August, 2023
-
30 August
Credentials of NASA, Tesla, Verizon, and 2K others leaked by workplace safety organization
The National Safety Council has leaked nearly 10,000 emails and passwords of their members, exposing 2000 companies, including governmental organizations and big corporations. The National Safety Council (NSC) is a non-profit organization in the United States providing workplace and driving safety training. On its digital platform, NSC provides online resources …
Read More » -
30 August
Lockbit 3.0 Builder Leaked: Anyone Can Blend Ransomware
It has come to the attention of researchers that the LockBit 3.0 builder has suffered from a leak, which now allows anyone to create various versions of the LockBit ransomware according to their own preferences. This poses a serious security risk that should not be taken lightly. LockBit” is a …
Read More » -
28 August
Final approval of the Cyber Security Act in the Cabinet in Bangladesh
The Cabinet has given final approval to the Cyber Security Act. Law Minister Anisul Haque said that the approval was given on Monday (August 28). He said that the final approval of the Cyber Security Act has been given by making special changes in some sections besides further reducing the …
Read More » -
27 August
Mobile Neuron to scan for OWASP Mobile Top 10 vulnerabilities, iOS/Android weaknesses
ImmuniWeb has released Neuron Mobile, a security testing solution for mobile applications. It scans iOS and Android apps for OWASP Mobile Top 10 vulnerabilities and weaknesses. According to ImmuniWeb, Neuron Mobile is a fully automated solution that includes dynamic and static application security testing (DAST/SAST), along with software composition analysis …
Read More »
