InfoSecBulletin Cybersecurity for mankind
Uganda’s finance ministry confirmed media reports that hackers breached the central bank’s systems and stole money, but refuted the claims to steal the money as much as $17 million. Uganda’s Minister of State for Finance, Henry Musasizi, addressed media reports alleging that a Southeast Asian hacker group hacked the Bank …
Read More »TimeLine Layout
November, 2024
-
29 November
CVE-2024-11667
Hackers actively exploiting Zyxel firewall to deploy Ransomware
CERT Germany and Zyxel have alerted about a serious vulnerability in Zyxel firewalls, identified as CVE-2024-11667. This flaw is being exploited to spread Helldown ransomware, with reports of at least five affected organizations in Germany. CVE-2024-11667 is a directory traversal vulnerability in Zyxel’s ZLD firmware versions 5.00 to 5.38. Exploiting …
Read More » -
29 November
Daily Security Update Dated: 29.11.2024
Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so on. Its our daily security digest to cover the latest happenings in the world. Spend a bit time to read out todays update: Hackers steal millions of dollars from Alabama …
Read More » -
28 November
CIRT-in flags Critical Flaw in Oracle Agile PLM Framework
CERT-In has flagged a security vulnerability in Oracle’s Agile Product Lifecycle Management (PLM) software, identified as CVE-2024-21287 and cataloged as CIVN-2024-0350. This high-risk threat was detected on November 26, 2024. CVE-2024-21287 affects Oracle Agile PLM Framework version 9.3.6, which is commonly used by organizations for managing product lifecycles and enhancing …
Read More » -
28 November
Microsoft patches four vulnerabilities in its services
On November 26th, Microsoft patched four vulnerabilities detected in Dynamics 365 Sales, the Partner.Microsoft.Com portal, Microsoft Copilot Studio and Azure PolicyWatch. Microsoft Copilot Studio, a platform for developers to create AI agents and speed up coding with automation, had a critical vulnerability rated 9.3 out of 10 (CVE-2024-49038). Microsoft has …
Read More » -
28 November
Data broker exposes 600K+ passwordless sensitive files online
SL Data Services/Propertyrec, an information research provider exposes a non-password-protected database containing more than 600K records according to the security researcher Jeremiah Fowler. The dataset contains over 713 GB records including vehicle records, property ownership reports and court records. Jeremiah Fowler said, around 95% of the limited sample of documents …
Read More » -
27 November
Cloudflare logs faces major failure, losing 55% of user data
Cloudflare suffered an incident roughly 3.5 hours On November 14, 2024 impacting the majority of customers using Cloudflare Logs. Cloudflare lost about 55% of the logs normally send to customers were not sent and were lost on that incident. Log services are crucial for network operations, helping businesses analyze traffic, …
Read More » -
27 November
VMware Patched critical flaw in Aria Operations
VMware revealed several critical vulnerabilities in its Aria Operations product, with the most severe allowing attackers to gain root user privileges on affected systems. The advisory, VMSA-2024-0022, released on November 26, 2024, addresses five distinct vulnerabilities: CVE-2024-38831 is a local privilege escalation vulnerability with a CVSSv3 score of 7.8. CVE-2024-38832 …
Read More » -
27 November
HDFC Life hit by data breach, begins investigation
On Monday, Indian HDFC life insurance said, They got some instances of data leaks. “We have received communication from an unknown source, who has shared certain data fields of our customers with us, with mala fide intent,” HDFC Life said in a regulatory filing. The company has started to security …
Read More » -
26 November
Daily Security Update Dated (26.11.2024) around the world
Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so on. Its our daily security digest to cover the latest happenings in the world. Spend a bit time to read out todays update: Volunteer hackers dive into America’s leaky water …
Read More »
