InfoSecBulletin Cybersecurity for mankind
New information about the Lockbit ransomware gang might be coming soon. The gang’s old dark web leak site was taken down by law enforcement in February, but it has now reappeared, hinting at the release of new information in a few days. Several parts of the site were updated on …
Read More »TimeLine Layout
May, 2024
-
6 May
GAO: NASA Faces ‘Inconsistent’ Cybersecurity Across Spacecraft
The GAO reviewed NASA’s cybersecurity practices and found that there is a need to update spacecraft acquisition policies and standards. They specifically focused on assessing the cybersecurity requirements in NASA contracts for spacecraft projects. The GAO report reviewed NASA’s spacecraft cybersecurity policies and standards. They looked at three different spacecraft …
Read More » -
5 May
Moshiul Islam accepted as member to Forbes Technology Council
Moshiul Islam Mishu, Founder & CEO of Enterprise Infosec Consultants (EIC), has been accepted into the Forbes Technology Council, the foremost growth and networking organization for successful Technology Professionals and Leaders worldwide. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs, and technology executives. He is a vetted …
Read More » -
4 May
Microsoft Outlook Flaw Exploited by APT28 to compromise Czech, German Entities
Friday (03.05.2024) the ministry of foreign affairs of the Czech republic issued a press release highlighting the cyberattack carried by Russian actor apt28 on Czechia. The press release reads, “Czechia jointly with Germany, the European Union, NATO and international partners strongly condemns activities of the Russian state-controlled actor APT28, who …
Read More » -
4 May
“Bangladesh cyber security intelligence” (BCSI), As far as known!
While surfing the internet for the regular activities, suddenly found a domain named (bcsi.gov.bd), “Bangladesh cyber security intelligence” (BCSI) in elaborating form. Curious mind wants to know the fact, so deep dive the domain and found a Facebook page also. According to the website, “Bangladesh cyber security intelligence” (BCSI) to …
Read More » -
2 May
Addressing the Critical Cybersecurity Landscape of 2024
The rapid pace of technological transformation presents both extraordinary opportunities and significant risks. Gartner’s authoritative insights into the cybersecurity trends of 2024 underscore the need for organizations to evolve their defensive strategies alongside their digital ambitions. Yesterday, viruses delivered via floppy disks were our primary concern; today, the attack surface …
Read More » -
2 May
CISA Releases Three Industrial Control Systems Advisories
CISA released three advisories about Industrial Control Systems (ICS) on April 30, 2024. These advisories give current security information, vulnerabilities, and exploits related to ICS. ICSA-24-121-01 Delta Electronics CNCSoft-G2 DOPSoft: Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. ICSA-24-016-01 SEW-EURODRIVE MOVITOOLS MotionStudio (Update A): Successful …
Read More » -
1 May
CISA
GitLab account takeover bug is actively exploited in attacks
The U.S. federal agency CISA has included CVE-2023-7028 in its Known Exploited Vulnerabilities Catalog. This means that the vulnerability is currently being targeted by attackers. CISA has instructed federal agencies to protect their systems by May 22, giving them a deadline of three weeks. The U.S. cybersecurity agency hasn’t shared …
Read More » -
1 May
Azure Logs utilizing to identify threats: Insights From Microsoft
Microsoft security experts recently conducted an exploration on how to effectively use Azure Logs to identify and counteract threat actions. Azure’s defense mechanism relies on effectively understanding and using logs to hunt for threats. Microsoft focuses on integrating best practices for log management, analysis, and incident response to stay proactive …
Read More »
April, 2024
-
30 April
NCSC
NEW UK LAW BANS DEFAULT PASSWORDS ON SMART DEVICES
The UK’s NCSC wants smart device manufacturers to follow new law banning default passwords. The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will be effective on April 29, 2024. “From 29 April 2024, manufacturers of consumer ‘smart’ devices must comply with new UK law.” …
Read More »
