InfoSecBulletin Cybersecurity for mankind
Kaspersky has launched a new virus removal tool called KVRT for Linux, which allows users to scan and remove malware and known threats for free. Linux systems are often thought to be secure, but a security firm has shown that this is not always the case. They have discovered several …
Read More »TimeLine Layout
June, 2024
May, 2024
-
31 May
Cyber Attack Took Down 600,000+ Routers in the U.S.
Over 600,000 small office/home office (SOHO) routers were disabled in a cyber attack, cutting off users’ internet access. Security analysts at Lumen Technologies’ Black Lotus Labs discovered and reported on an attack in a recent blog post. There was a mysterious event in the U.S. that happened from October 25 …
Read More » -
31 May
Navigating the Cyber Threat Landscape – Digital bank, Bangladesh perspective
Digital banking has played a pivotal role in expanding financial access for millions in Bangladesh, showcasing technology’s capacity to uplift lives and create opportunities. The nation’s high mobile penetration rate and the widespread adoption of Mobile Financial Services (MFS) like bKash and Nagad have empowered millions, especially in rural areas, …
Read More » -
31 May
ALERT
NGINX Releases Security Updates: HTTP/3 Vulnerabilities Patched
NGINX team released important updates for their web server software and is advising users to upgrade as soon as possible. The updates fix four important vulnerabilities in the HTTP/3 implementation, especially affecting configurations using the “ngx_http_v3_module.” CVE-2024-32760: A vulnerability in NGINX Plus or NGINX OSS causes HTTP/3 QUIC module to …
Read More » -
31 May
CISA Releases Seven Industrial Control Systems Advisories
On May 30, 2024, CISA published seven advisories about Industrial Control Systems (ICS). These advisories share important information regarding security issues, vulnerabilities, and exploits related to ICS. ICSA-24-151-01 LenelS2 NetBox ICSA-24-151-02 Fuji Electric Monitouch V-SFT ICSA-24-151-03 Inosoft VisiWin ICSA-24-151-04 Westermo EDW-100 ICSA-22-356-03 Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC …
Read More » -
31 May
CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw
CISA added a security flaw in the Linux kernel to the KEV catalog. This flaw is being actively exploited. The CVE-2024-1086 (CVSS score: 7.8) is a high-severity issue. It is related to a use-after-free bug in the netfilter component. This bug allows a local attacker to gain root privileges from …
Read More » -
30 May
Business Leaders & Celebrities’ Accounts Exposed
Jeremiah Fowler, a cybersecurity researcher, found and informed WebsitePlanet about a database without password protection. It held around 121,000 user accounts of entrepreneurs and business leaders from Clarity.fm, a platform for connecting entrepreneurs with experts. The database had 155,531 records, including 121,000 member profiles with personal and professional email addresses, …
Read More » -
30 May
Hacker Claim to compromise over 15 Asian telecom
A large dataset belonging to BSNL, an Indian state-owned telecommunications company, has been put up for sale by cybercriminals on an underground forum. On May 27, 2024, it was discovered that “kiberphant0m” was selling unauthorized access to databases stolen from BSNL, as well as data from other Asian telecom companies …
Read More » -
29 May
Check Point released emergency fix for VPN vulnerability
Check Point has released hotfixes for a VPN vulnerability used in attacks to gain remote access to firewalls and try to breach corporate networks. On Monday, the company warned about an increase in attacks on VPN devices and provided recommendations on how admins can protect their devices. The CVE-2024-24919 vulnerability …
Read More » -
29 May
First American December data breach impacts 44,000 people
In December 2023, The First American Financial Corporation, a major title insurance company in the US, experienced a cyberattack. This resulted in the personal information of approximately 44,000 individuals being exposed. The company disclosed this data breach to the US Securities and Exchange Commission (SEC) on May 28, 2024. This …
Read More »
