InfoSecBulletin Cybersecurity for mankind
An executive from National Australia Bank reveals that the four major banks in the country face continuous attacks, as threat actors launch numerous attacks every minute, around the clock. According to Chris Sheehan, National Australia Bank’s executive for group investigations, all banks are constantly being targeted by attacks. The purpose …
Read More »TimeLine Layout
July, 2024
-
1 July
CVE-2024-20399: Cisco NX-OS Vulnerability Under active Attack
There is a security flaw (CVE-2024-20399) in Cisco NX-OS Software that lets an attacker with local access execute commands as root on the affected device. The vulnerability is caused by not properly checking the arguments used in certain configuration CLI commands. An attacker can take advantage of this vulnerability by …
Read More » -
1 July
NCSA to do maximum work with limited manpower: DG Kamruzzaman
Despite the limited manpower and various limitations, efforts are being made to keep the country’s cyber space safe, said the Director General of the National Cyber Security Agency (NCSA), Abu Sayed Md. Kamruzzaman. He gave this information at a seminar titled “Use of Safe Internet and Prevention of Rumors and …
Read More »
June, 2024
-
30 June
Microsoft Issues CVE Numbers for Cloud Service Vulnerabilities
Microsoft will assign Common Vulnerabilities and Exposures (CVE) numbers to important vulnerabilities found and fixed in their cloud services. This improves transparency and security by publicly disclosing vulnerabilities that can be fixed without user intervention. Microsoft’s decision to assign CVE numbers to cloud service vulnerabilities, regardless of whether customer action …
Read More » -
30 June
Ransomware detail behind Indonesia’s data center breach
Indonesia’s temporary National Data Center (PDN) was attacked by ransomware last Thursday, leading to delays in airport immigration services and new student registration. The hackers are asking for an $8 million ransom, about Rp 131 billion, to give back the stolen data. The ransomware used in this incident is “Brain …
Read More » -
29 June
MerkSpy Exploits Microsoft Office Vulnerability: FortiGuard report
FortiGuard Labs found an attack that uses the CVE-2021-40444 vulnerability in Microsoft Office. This flaw lets attackers run harmful code through specific documents. The attack deployed a spyware called “MerkSpy” which secretly watches user activities, collects sensitive information, and stays on compromised systems. The attack starts with a harmless-looking Microsoft …
Read More » -
29 June
Google Blocking Entrust Certificates in Chrome in November 2024
Starting November 1, 2024, Google will block websites that use certificates from Entrust. Google made this decision because Entrust has not been able to handle security issues promptly and has not complied with their requirements. “Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors …
Read More » -
29 June
CISA Advisories for 7 Industrial Control Systems
CISA issued seven advisories about Industrial Control Systems (ICS) on June 27, 2024. These advisories aim to give prompt information about security issues, vulnerabilities, and exploits related to ICS. ICSA-24-179-01 TELSAT marKoni FM Transmitter ICSA-24-179-02 SDG Technologies PnPSCADA ICSA-24-179-03 Yokogawa FAST/TOOLS and CI Server ICSA-24-179-04 Johnson Controls Illustra Essentials Gen …
Read More » -
28 June
Threat actor exploit vulnerabilities in Oracle WebLogic Server
Researchers said, threat actor exploiting vulnerabilities in Oracle WebLogic Server, notably CVE-2017-3506 and CVE-2023-21839 to deploy cryptocurrency miners via PowerShell scripts. Trend Micro researchers published a new analysis by Ahmed Mohamed Ibrahim, Shubham Singh, and Sunil Bharti. “The threat actor employs fileless execution techniques, using DLL reflective and process injection, …
Read More » -
28 June
TeamViewer’s internal corporate IT environment faced “irregularity “
In a statement On Wednesday, 26 June 2024, team viewer said, “our security team detected an irregularity in TeamViewer’s internal corporate IT environment. We immediately activated our response team and procedures, started investigations together with a team of globally renowned cyber security experts and implemented necessary remediation measures. TeamViewer’s internal …
Read More »