InfoSecBulletin Cybersecurity for mankind
Sophos had to update old firewall firmware versions due to a security vulnerability (CVE-2022-3236) after attacked by hackers. There is a code injection flaw in the User Portal and Webadmin of Sophos Firewall. This flaw allows for remote code execution. ALSO READ: Bypassing major EDRS using “POOL PARTY”, Hackers revealed …
Read More »TimeLine Layout
December, 2023
-
13 December
process injection techniques
Bypassing major EDRS using “POOL PARTY”, Hackers revealed
Researchers at cybersecurity firm SafeBreach created a new method called Pool Party. This method allows attackers to bypass EDR solutions. The researchers presented Pool Party at Black Hat Europe 2023. The experts discovered an new way to inject processes by using Windows thread pools. Researchers found eight new process injection …
Read More » -
12 December
APACHE FIXED CRITICAL RCE FLAW CVE-2023-50164 at STRUTS 2
The Apache Software Foundation fixed a critical file upload vulnerability in the Struts 2 open-source framework. This flaw, tracked as CVE-2023-50164, could allow remote code execution. An attacker can manipulate file upload parameters to upload a malicious file and execute code on the server. “An attacker can manipulate file upload …
Read More » -
11 December
internet operational technology
17th bdNOG conference start tomorrow for three days
17th bdNOG Conference and Workshop is going to be held in Dhaka on December 12-15 jointly organized by Bangladesh Network Operators Group (BDING) and Internet Service Providers Association of Bangladesh (ISPAB). Three days technical workshop and one day hosting day will be in the conference. The workshop will train Internet …
Read More » -
10 December
Canada Ransomware Whitepaper-2023
Mid-sized Canadian firms pay an average $1.13 million to ransomware gangs
A recent survey found that mid-sized Canadian companies paid an average of just over $1 million in ransomware payments this year. On Thursday, the results of a survey conducted by Palo Alto Networks were released. The survey involved IT professionals from 1,000 organizations with employee numbers ranging from 100 to …
Read More » -
10 December
Government plans digital health cards for all citizens
The government plans to implement digital health cards for all citizens. This will eliminate the need to keep physical prescription and test files, as all the information will be stored in a digital database. DGHS is implementing a digital database to manage patient information more efficiently. Each patient will receive …
Read More » -
9 December
Daily Cybersecurity update, December 09, 2023
In the digital age, attacks have been generated in every seconds in every corner of the work. Here are the 5 notable happenings in the world in cyber industry: FortiGuard Labs found a new email phishing campaign. It tricks victims by using fake hotel booking details to make them click …
Read More » -
8 December
Singapore’s AI strategy 2.0 to include localized LLM
Singapore launched its first AI strategy in 2019, aiming to deepen the use of AI in transforming the economy. Singapore’s early investment in AI led to the creation of approximately 150 research teams and 900 startups focusing on AI development. Consequently, Singapore has experienced notable advancements in AI, leading to …
Read More » -
8 December
set deadline disclosing data
LockBit claim to hit Citizens Bank of West Virginia
LockBit ransomware group claim to have cyber attack the Citizens Bank of West Virginia. The group post on tweeter that “Just another greedy company that puts their own money above client’s privacy”. The hackers set a deadline for their demands till December 9, 2023, otherwise it will be published. But …
Read More » -
7 December
US senator's letter
Governments spying on Apple, Google users through push notifications
Some governments have asked Apple and Google for the push notification records of their users in order to track down certain individuals. This information comes from U.S. Senator Ron Wyden. “Push notifications are alerts sent by phone apps to users’ smartphones,” Wyden said. Senator Ron Wyden wrote a letter to …
Read More »
