InfoSecBulletin Cybersecurity for mankind
The NSA released an information sheet called “Advancing Zero Trust Maturity Throughout the Application and Workload Pillar.” This sheet will help organizations protect their applications from unauthorized users and maintain constant visibility of their workload. This CSI gives recommendations for achieving different levels of application and workload capabilities under the …
Read More »TimeLine Layout
May, 2024
-
25 May
Data protection is sovereignty: Mohammad A. Arafat
INFOCOM Dhaka ends promoting cyber resiliency
The two day long 7th edition of INFOCOM, India’s biggest business, technology, and leadership event, themed “Sustainable Disruption”, concluded today in Dhaka. The event gathered over 50 speakers from government, business, IT, media, academia, and other leaders from Bangladesh and India. “INFOCOM Dhaka’s main objective is to drive collaborative growth …
Read More » -
25 May
Phoenix Summit 2024
Two days phoenix summit ended successfully at Dhaka
TheTeamPhoenix, a non-profit organization, successfully hosted Phoenix Summit 2024, the largest cyber security event in Bangladesh, from May 23-24. This summit aimed to inspire and empower both novices and seasoned enthusiasts, professionals in the field of cyber security and technology. Phoenix Summit 2024 was more than just a conference; it …
Read More » -
23 May
CISA Added Apache Flink CVE-2020-17519 Vulnerability to KEV
CISA warns Apache Flink users about a critical vulnerability. Cybercriminals are exploiting this flaw to compromise systems. Apache Flink is a widely used open-source platform for processing large datasets in real-time analytics, machine learning, and data-intensive applications. Its capability to handle both bounded and unbounded data streams makes it a …
Read More » -
23 May
Cisco released software updates for CVE 2024-20360
Cisco, a global network solutions leader, has reported a security issue with its Firepower Management Center (FMC) software. This vulnerability, known as CVE-2024-20360, has a CVSS score of 8.8, indicating a high severity level and a risk of widespread exploitation. The vulnerability comes from not checking the input correctly in …
Read More » -
23 May
Ivanti Patches Critical RCE Flaws in Endpoint Manager
Ivanti on Tuesday declare to patch for several products, including fixes for critical vulnerabilities in Endpoint Manager (EPM). Ivanti resolved six out of the ten security defects resolved in EPM are critical-severity SQL Injection bugs. Tracked as CVE-2024-29822 through CVE-2024-29827, the bugs impact the Core server of Ivanti EPM 2022 …
Read More » -
22 May
German police warn of cyberattacks via Office 365
Companies in Germany are facing a new wave of cyberattacks. The State Criminal Police Office of North Rhine-Westphalia has issued a warning. Cybercriminals are targeting Microsoft 365, particularly email and document management, as a way to launch their attacks. “Unknown perpetrators take over email accounts and then send messages on …
Read More » -
22 May
Hacktivists group target Philippines government ransomware attack
SentinelOne researchers found that the Ikaruz Red Team is targeting the Philippines government using different ransomware builders like LockBit, Vice Society, Clop, and AlphV to carry out “small-scale” attacks. They are also sharing data leaks from various organizations in the Philippines. Ikaruz Red Team (IRT) has been targeting entities in …
Read More » -
22 May
CISA ALERT
CISA Warns Exploiting NextGen Healthcare Mirth Connect Flaw
The US cybersecurity agency, CISA, added a flaw in NextGen Healthcare’s Mirth Connect product to its catalog of Known Exploited Vulnerabilities (KEV). A vulnerability in the open source product, known as CVE-2023-43208, allows remote code execution without authentication due to a data deserialization problem. A patch was rolled out with …
Read More » -
21 May
BangabandhuGrandmaster.com Faces Massive Data Breach
Bangabandhugrandmaster.com, a website dedicated to Bangabandhu Sheikh Mujibur Rahman’s ideas and life, has suffered a major data breach. The breach happened on May 20, 2024, when a significant amount of user data was exposed. The Bangabandhugrandmaster.com data breach revealed an SQL file with detailed information about 94,000 users. The exposed …
Read More »
