InfoSecBulletin Cybersecurity for mankind
Hacker allegedly exploiting two popular vulnerabilities to attack U.S. defense contractors, U.K. government entities and institutions in Asia, according to new report by Google owned security firm Mandiant. The report focused on UNC5174, a threat actor. According to Mandiant, UNC5174 used to be a member of Chinese hacktivist groups. However, …
Read More »TimeLine Layout
March, 2024
-
21 March
CISA, FBI, and MS-ISAC Release Joint Guidance on DDoS
CISA, FBI, and MS-ISAC updated a guide to help organizations defend against DDoS attacks. The guidance now includes detailed insight into three different types of DDoS techniques: Volumetric, attacks aiming to consume available bandwidth. Protocol, attacks which exploit vulnerabilities in network protocols. Application, attacks targeting vulnerabilities in specific applications or …
Read More » -
21 March
Exploit released for Fortinet RCE bug used in attacks, patch now it
Security researchers created a demonstration of a critical flaw in Fortinet’s FortiClient Enterprise Management Server (EMS) software. The security flaw CVE-2023-48788 is an SQL injection in the DB2 Administration Server (DAS) discovered and reported by the UK’s National Cyber Security Centre (NCSC). It impacts FortiClient EMS versions 7.0 (7.0.1-7.0.10) and …
Read More » -
20 March
87% of UK businesses are vulnerable to cyberattacks: Microsoft
Only 13% of organizations in the UK are resilient to cyber-attacks, while the majority are either vulnerable (48%) or at high risk (39%) of experiencing damaging cyber-incidents. This information comes from a new report by Microsoft in collaboration with the University of London. The tech giant said that the UK’s …
Read More » -
20 March
CISA, NSI, FBI released critical infrastructure defense tips against Volt Typhoon
CISA, NSA, FBI, and other US and international partners released a joint fact sheet called “People’s Republic of China State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders.” This publication includes contributions from various partners. U.S. Department of Energy (DOE) U.S. Environmental Protection Agency (EPA) U.S. Transportation Security Administration (TSA) U.S. …
Read More » -
19 March
Trend Micro report
Earth Krahang hackers breach 70 orgs in 23 countries
The APT group ‘Earth Krahang’ has hacked 70 organizations and attacked at least 116 in 45 countries. Trend Micro researchers have been monitoring a campaign targeting government organizations since early 2022. The group targeted 116 organizations in 35 countries and confirmed at least 70 compromises, including organizations linked to world …
Read More » -
19 March
IBM X-Force report
APT28 Hacker Group Targeting Asia in Widespread Phishing Scheme
As of March 2024, X-Force is tracking the APT28 group is carrying out phishing campaigns using fake government and non-governmental organization documents to target different regions around the world, including Central Asia, Europe, the South Caucasus, and North and South America. The discovered lures include a mix of public and …
Read More » -
18 March
‘Hell Paradise’ Claims
Government Websites in 49 Countries at Risk
According to FalconFeeds x post, a threat actor has listed 49 countries as part of an experiment. They also claim that over 1000 government sites are vulnerable. According to Cyber Express, the threat actor is promoting an onion website called ‘Hell Paradise’ which aims to obtain vulnerable government sites and …
Read More » -
17 March
EU Parliament Approves Artificial Intelligence Act
* Safeguards on general purpose artificial intelligence * Limits on the use of biometric identification systems by law enforcement * Bans on social scoring and AI used to manipulate or exploit user vulnerabilities * Right of consumers to launch complaints and receive meaningful explanations On Wednesday, Parliament approved the Artificial …
Read More » -
17 March
Brilliant Cloud: A public cloud service provider in Bangladesh
InterCloud Limited is a company in Bangladesh that is part of a group with businesses in garment manufacturing, aviation, and telecommunications. Tusuka is known for making denim products in Bangladesh. Novoair is a premium passenger airline in Bangladesh with seven ATR-72 aircraft. In 2008, Novotel Limited started in the telecommunications …
Read More »
