InfoSecBulletin Cybersecurity for mankind
Google Cloud will no longer charge users when they seek to transfer their data to a competitor, the firm has announced. This will apply to all customers globally from today. A blog post announcing the decision also took aim at hyperscaler rivals that have continued to charge such fees, arguing …
Read More »TimeLine Layout
January, 2024
-
12 January
CISA alert
CISA Releases Nine Industrial Control Systems Advisories
CISA issued nine advisories about Industrial Control Systems (ICS) on January 11, 2024, to give timely information about security issues, vulnerabilities, and exploits related to ICS. ICSA-24-011-03 Rapid Software LLC Rapid SCADA ICSA-24-011-04 Horner Automation Cscape ICSA-24-011-05 Schneider Electric Easergy Studio ICSA-24-011-06 Siemens Teamcenter Visualization and JT2Go ICSA-24-011-07 Siemens Spectrum …
Read More » -
11 January
Boost Bank and AEON Bank
Two new digital banks start operations in Malaysia
The central bank of Malaysia, Bank Negara, has approved two more digital banks to begin operations. The two banks are Boost Bank, a collaboration between fintech company Boost and RHB Banking Group, and AEON Bank, a subsidiary of AEON Financial Service. In 2022, Bank Negara granted digital banking licenses to …
Read More » -
11 January
CVE-2024-20272
CISCO FIXED CRITICAL UNITY CONNECTION VULNERABILITY
Cisco released updates to fix a security flaw in Unity Connection that could allow an attacker to run commands on the system. The vulnerability CVE-2024-20272 (CVSS score: 7.3) is an arbitrary file upload bug in the web-based management interface. It happens due to a lack of authentication in a specific …
Read More » -
11 January
Talk time decreased 841 crore minutes, SMS by 708 crore
Telecom sector operators in business challenges
The technology change has brought challenges to all sectors. Many sectors are struggling to adapt and some are facing a crisis. Telecom operators are also affected as people are using talktime and SMS less. The usage has decreased significantly in the past year. People nowadays prefer using data-based communication applications …
Read More » -
11 January
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29357 Microsoft SharePoint Server Privilege Escalation Vulnerability. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. CVE-2023-29357 Detail: Description: Microsoft SharePoint …
Read More » -
10 January
Microsoft to train 100,000 AI developers in India
Microsoft has launched AI Odyssey, a new initiative to train 100,000 developers in India in AI. The program aims to provide a month-long learning experience for developers to gain and demonstrate AI skills for important projects aligned with business goals. Microsoft’s AI Odyssey program aims to provide developers with opportunities …
Read More » -
10 January
Market.us report
Cyber Insurance Market to be Worth Over $49.5bn by 2030
The global cyber insurance market is expected to reach $90.6 billion by 2033, with a growth rate of 22.3% annually from 2023, as analyzed by Market.Us. The industry is expected to reach $14.8 billion by the end of 2024, up from a projected $12.1 billion in 2023. The report pointed …
Read More » -
10 January
CISA Flags 6 Vulnerabilities – Apple, Apache, Adobe , D-Link, Joomla Under Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified six security vulnerabilities that are being actively exploited. These vulnerabilities have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. CVE-2023-27524 is a high-severity vulnerability in Apache Superset. It has a CVSS score of 8.9 and could allow remote code …
Read More » -
10 January
Microsoft patched for 48 CVEs on Tuesday January 2024
Microsoft disclosed 48 vulnerabilities in its products and services in 2024. 46 of them are considered “important” severity. A critical security vulnerability, known as CVE-2024-20674, was fixed on Tuesday. This vulnerability affects the Windows Kerberos authentication protocol. By carrying out a man-in-the-middle attack, an attacker could exploit this vulnerability to …
Read More »
