Friday , May 9 2025

InfoSecBulletin Cybersecurity for mankind

Timeline2

2025

2024

31 DecemberFinancial Threat Assessment 2024
BCSI marks Bangladeshi 28 banks high, 10 medium for cyber attack
31 DecemberMisconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster
31 DecemberUS Treasury says it was hacked by China via third party: Beijing denies
30 DecemberPoC Exploited Released for Oracle Weblogic Server Vul
30 DecemberMicrosoft warn dev urgently to update .NET installer link
30 DecemberLook back; The Worst Hacks of 2024
29 DecemberHIPAA to be updated with new cybersecurity regulations, White House
29 DecemberNew NGate Trojan Drains Bank Accounts via ATMs
28 DecemberCPE Seminar Held at ISACA Dhaka Chapter Office Premises
27 DecemberUpdate Immediately
Palo Alto Releases Patch for PAN-OS DoS Flaw
27 DecemberCyberattack Hit Japan Airlines Systems, delaying flights
26 DecemberHacker reportedly leak Indonesia Gov.t 82 GB data
25 DecemberBCSI officially announce National Vulnerability Disclosure Program (NVDP)
25 DecemberCVE-2024-9474
Researcher unveil sophisticated backdoor in Palo Alto Networks firewalls
24 DecemberNew G-Door Vul Allow Hackers Bypass Microsoft 365 Security With Google Docs
24 DecemberCVE-2024-53961
Adobe alerts of critical ColdFusion bug with PoC exploit available
23 DecemberSplunk targets Bangladeshi market: Investing in local talent
22 DecemberCritical PHP Zero-Day Vulnerability found in Craft CMS To Gain RCE
22 DecemberFor US$2.6bn, Mastercard acquires threat intelligence firm Recorded Future
21 DecemberEight New ICS Advisories released by CISA
20 DecemberAuthority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
20 DecemberLondon-based company “Builder.ai” reportedly exposed 1.2 TB data
20 December(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
19 December“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
19 DecemberCVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
18 DecemberU.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
18 DecemberDaily Security Update Dated: 18.12.2024
18 DecemberCISA released best practices to secure Microsoft 365 Cloud environments
18 DecemberData breach! Ireland fines Meta $264 million, Australia $50m
18 DecemberOver 25K SonicWall VPN Firewalls exposed to critical flaws
17 DecemberAI-made nude images incident, one school, 50 female victim
16 DecemberOver 4 lac files ‘leaked’: Telecom Namibia hit by major cyberattack
16 DecemberHSBC sued by ASIC: customers allegedly scammed of $23 million
15 DecemberSophos Thwarts Global Firewall Attack promptly, Protects Thousands from Data Theft
14 DecemberAndroid malware attack Indian banks: Infected 419 devices
14 DecemberIndian-American OpenAI whistleblower Suchir Balaji found dead in San Francisco
14 DecemberCanadian company exposed unprotected almost 5 million records
13 DecemberDaily Security Update Dated: 13.12.2024
13 DecemberGitLab flaw allow Bitcoin ATM giant “Byte Federal” hacked
12 DecemberCVE-2024-11274
GitLab Patch Release for CE and EE
12 DecemberResearcher claim to bypass Microsoft Azure MFA flaw within hour
12 DecemberMeta fails to detect
9 Deepfake videos identified of Dr. Md. Yunus and Shakib Khan
12 DecemberFacebook, Instagram, and Threads are reportedly down
11 DecemberU.S. Charges Chinese man linked to global Firewall hack
11 DecemberHackers Exploit AWS Misconfigurations: allegedly 2TB data lost
11 DecemberMicrosoft December 2024 Patch Tuesday – 71 Vulnerabilities Fixed, 1 Zero-day
10 DecemberCISA listed Over 270 Critical Vulnerabilities: What’s New!
10 DecemberCyberattacks targeting Indian Government rose by 138%
10 DecemberGoogle unveils ‘mindboggling’ quantum computing chip
8 DecemberGoogle’s released “Vanir” Open Sources Security Patch Validation Tool
7 DecemberHacker Claim 1tb, Deloitte denies, What Inside!
7 DecemberNew Windows zero-day: Exposes credentials, Gets unofficial patch
7 DecemberDaily Security Update Dated: 07.12.2024
6 DecemberPatch urgently: Hundred of CISCO switches impacted
6 DecemberMultiple ICS Advisories Released by CISA
5 DecemberNew DroidBot malware to attack 77 banks and CES globally
5 DecemberDeloitte faces alleged cyber incident, claimed over 1tb stolen
5 DecemberSingapore embraces AI data centres with smarter cooling systems
5 DecemberDaily Security Update Dated: 04.12.2024
5 DecemberJP CERT warns I-O DATA zero-day router flaws:Update Needed!
4 DecemberTelecoms on High Alert: CISA, NSA, FBI Publish joint guideline
4 DecemberCISA Flags 3 Actively Exploited Vulnerabilities in KEV
3 DecemberCisco Confirms Active Exploitation Of Decade-Old WebVPN Vulnerability
3 DecemberTP-Link Archer Security Flaw Exposes Devices to Malicious Command Injection
2 DecemberIBM address multiple flaw in security verify access appliance
2 December“Rockstar 2FA” Targets Microsoft 365 Users with AiTM Attacks
1 DecemberWorkshop on “DDoS use cases & solutions for government & BFSI” held at BCS
30 NovemberUganda confirms hack of central bank accounts, Refutes $17 Million Claim
29 NovemberCVE-2024-11667
Hackers actively exploiting Zyxel firewall to deploy Ransomware
29 NovemberDaily Security Update Dated: 29.11.2024
28 NovemberCIRT-in flags Critical Flaw in Oracle Agile PLM Framework
28 NovemberMicrosoft patches four vulnerabilities in its services
28 NovemberData broker exposes 600K+ passwordless sensitive files online
27 NovemberCloudflare logs faces major failure, losing 55% of user data
27 NovemberVMware Patched critical flaw in Aria Operations
27 NovemberHDFC Life hit by data breach, begins investigation
26 NovemberDaily Security Update Dated (26.11.2024) around the world
26 NovemberRomCom Exploits Firefox and Windows Zero-Day
24 NovemberMITRE discloses 2024 CWE Top 25 critical software flaw
24 NovemberPython NodeStealer: harvest credit card and Facebook Ads Manager
23 NovemberCisco Talos
Over 60% of Emails with QR Codes are spam
23 NovemberCERT-In Flags Multiple Critical Vulnerabilities in Zoom app
23 NovemberDaily Security Digest Dated 11/23/24
22 NovemberSafetyDetectives’ Research
Malware evades Microsoft Defender and 2FA, stealing $24K in crypto (video)
22 NovemberOver 145,000 ICS Across 175 Countries Found Exposed Online
22 NovemberWorld to see AI powered “human washing machines”
22 NovemberHacker compromised over 2000 Palo Alto Networks Firewalls
21 November“Forces Penpals” exposed US and UK Military Social Network’s 1 Million Records
20 NovemberCVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
20 NovemberApple Releases Patch for two Actively Exploited Zero-Day
19 NovemberMaxar Space Data Leak, Company admit, Investigation ongoing!
19 NovemberGitHub CLI Vulnerability Could Allow RCE
19 November“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
18 NovemberBugHunt 2024: A Milestone Cyber security Competition held at Dhaka
16 NovemberTP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
16 NovemberWSJ reports
T-Mobile hacked in massive breach of telecom networks
15 NovemberPalo Alto Networks Confirms critical RCE zero-day actively exploited
15 NovemberCISA, FBI Warns
Hacker compromised multiple teleco network at US
15 November(CVE-2024-52301)
Laravel Flaw Unveils Millions of Web Applications to Attack
14 NovemberBitdefender releases free decryptor for ShrinkLocker ransomware

2023

31 DecemberLand ministry to present
2nd generation naming system “Smart Mutation” coming soon
30 December“Leaksmas” Event
Dark Web Expose Massive Volumes Of Leaked PII And Compromised Data
30 DecemberEmbarking cybersecurity journey
CTF at Khulna Division, registration open
29 DecemberMicrosoft Disables MSIX App installer protocol abused in attacks
29 DecemberBig Defence Boost For India
India’s ISRO to launch AI enabled 50 Spy Satellites
28 DecemberSonicWall Discover
Critical Zero-Day in Apache OfBiz ERP System
28 DecemberCISA Finalizes Microsoft 365 Secure Configuration Baselines
27 DecemberDaily Cybersecurity update, December 27, 2023
27 DecemberWarning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining
27 DecemberBarracuda fixes new ESG zero-day exploited by hackers
27 DecemberCisco to Acquire Networking and Security Startup Isovalent
26 DecemberTackling cloud security challenges head-on
26 DecemberRegistration open for KnightCTF 2024
26 DecemberCorvus Insurance report
Record-Breaking Ransomware Month: November Up 110%
26 DecemberCyber security seminar held at Coxbazar
25 DecemberFactors to shape unified data storage in 2024
25 DecemberBrac Bank suspense Int’l cash withdraw
25 DecemberWeb injections back
40+ banks affected by new malware campaign
25 DecemberChrome adds background scans for compromised passwords
22 DecemberMicrosoft warn
New ‘FalseFont’ Backdoor Target Defense Sector
22 DecemberCreating ransomware cartel
LockBit, BlackCat Unite; Chat; raising security concerns
21 DecemberACC file cased
3 crore embezzled from 46 accounts of Midland Bank
21 DecemberBB dissolves National Bank board
21 December“life2vec” by DTU
AI death calculator predicts your death time, 70% accuracy rate
20 DecemberReversingLabs report
Hackers Abusing GitHub Platform Hosting Malware
19 DecemberMost cloud transformations are stuck in the middle
19 DecemberFBI Offers Decryption Tool
FBI Seized ALPHV/Blackcat Ransomware Dark web Site
18 DecemberIran’s state TV said
Suspected cyberattack paralyzes 70% gas stations across Iran
16 DecemberNew survey by IDC
Malaysia face doubling of ransomware incidents in 2023
15 DecemberDraft emergency plan
China to enforce 10 min response time for data breaches
15 December5 Islamic banks risk of being frozen out of certain transactions
15 DecemberCERT-In
Warning! Govt alerts Samsung users; here’s why
15 DecemberMITRE Reveals EMB3D
MITRE reveals Critical Infrastructure Threat Model Framework
14 December“Onpassive”, Bangladesh bank alert fraudulent activities
14 DecemberQuishing: New Phishing Attacks Tactics Rising
13 DecemberMICROSOFT PATCH TUESDAY FIXED 4 CRITICAL FLAWS
13 DecemberSophos updated RCE fix after attacks on unsupported firewalls
13 Decemberprocess injection techniques
Bypassing major EDRS using “POOL PARTY”, Hackers revealed
12 DecemberAPACHE FIXED CRITICAL RCE FLAW CVE-2023-50164 at STRUTS 2
11 Decemberinternet operational technology
17th bdNOG conference start tomorrow for three days
10 DecemberCanada Ransomware Whitepaper-2023
Mid-sized Canadian firms pay an average $1.13 million to ransomware gangs
10 DecemberGovernment plans digital health cards for all citizens
9 DecemberDaily Cybersecurity update, December 09, 2023
8 DecemberSingapore’s AI strategy 2.0 to include localized LLM
8 Decemberset deadline disclosing data
LockBit claim to hit Citizens Bank of West Virginia
7 DecemberUS senator's letter
Governments spying on Apple, Google users through push notifications
7 DecemberNCSA hold seminar
NCSA highlighted requirements of newly approved Cyber Security Act.2023
7 Decemberinterpol biometric hub
INTERPOL biometric tool to capture most wanted criminals
6 DecemberICANN Launches RDRS
RDRS To assist agencies discovering non-public registration data
6 DecemberCyber attack on Sparrso; Hacker’s claim, Sparrso’s denial
5 Decembervulncheck report
15,000 Go Module Repositories on GitHub Vulnerable to Repojacking Attack
5 DecemberBlog post update
Microsoft warns of exploiting critical outlook vulnerability
4 DecemberCID formed a 8-member CIRT team
3 DecemberShadowServer Foundation
About 20,000 Microsoft Exchange Servers at Risk of Cyberattacks
2 DecemberZyxel releases patches to Fix 15 Flaws NAS, Firewall, and AP Devices
2 DecemberDaily Cybersecurity update, December 01, 2023
1 DecemberSecureworks reports
Booking.com hackers intensify attacks on customers
30 NovemberExclude 21 institutions
Bangladesh Bank released list of valid 31 audit firms
30 NovemberDaily Cybersecurity update, November 29, 2023
29 NovemberOver 200 Malicious Android Apps Targeting Banks
29 NovemberChrome Zero-Day Vulnerability Exploited In The Wild
28 NovemberBanglaMegh hiring “Cloud presales engineer”
28 NovemberAlarming increases deepfake video
India to have regulations tackle deepfakes: IT Minister Vaishnaw
27 NovemberGoogle's support forum
Google Drive storage data disappeared, users claim
27 November"Personal Data protection Act-2023" passed
No one can take data without the consent of the individual
27 November"Personal Data Protection Act 2023"
Coming “Personal Data Protection Act 2023”
26 NovemberTrain speed 1000 km per hour
Only 2 hours to travel from Mumbai to Dubai
26 NovemberownCloud alert 3 Critical Vulnerabilities Users to Data Breaches
24 NovemberCustomer suffer since evening
IIG dues 380 crore, 500 Gbps bandwidth down, slow internet countrywide
24 NovemberIIG payment due issues
Internet slow since evening, bandwidth ‘down’ due to IIG dues
24 NovemberCISCO report
Globally, 9 in 10 organizations embraced zero-trust security
23 NovemberHTTP/2 Rapid Reset Attack
Cisco Patched Products Vulnerable to HTTP/2 Rapid Reset Attack
23 NovemberCIRT alert on CVEs
BD CIRT published CVE of f5, Apache, Juniper, Citrix and Atlassian
23 NovemberBlack wing intelligence (video)
Windows hello fingerprint auth bypassed on Microsoft, Dell, Lenovo laptops
22 NovemberMicrosoft launches new bounty program with $20,000 rewards
22 NovemberDataHub Asia
By 2025, Domestic cloud market expected $46.3 million; MD “DataHub Asia”
21 NovemberSecurelist report
Modern Asian APT groups’ tactics, techniques and procedures
21 NovemberTreasury Board of Canada Secretariat statment
Canadian government discloses data breach
21 NovemberDaily Cybersecurity update, November 20, 2023
20 NovemberSocial media politics uncovered
Exploring engagement of political parties on Facebook in Bangladesh
20 NovemberCisco launched AI Readiness Index, Check it now!
20 NovemberCSA Launches First Zero Trust Certification
19 NovemberChange it now
your password can be cracked in seconds, if?
18 NovemberChat GPT president resing
OpenAI president Greg Brockman resigns after CEO Sam Altman
18 NovemberWhy ChatGPT CEO fired from his job?
17 NovemberCERT-In flags Google Chrome vulnerabilities
16 NovemberFocusing data security
Meghna Cloud host “Smart Bangladesh cyber security event” today
15 NovemberMicrosoft pacthes November
Microsoft November 2023 Patch fixes 5 zero-days, 58 flaws
14 NovemberSektorCERT reported
Record 22 Critical Infra hit by Sandworm: An alert for CII globally
14 NovemberKaspersky reveals report
Indian marketers targeted by Delphi-powered malware linked with Vietnam
14 NovemberCISA Sets a Deadline November 17
Juniper Patches Over 30 Vulnerabilities in Junos OS
13 NovemberData published
Boeing breach: LockBit leaks 43 GB of data
13 NovemberGlobal Telco Market expected reach a CAGR of 10.5%
Global Cyber Attack in Telecom Sector Market Synopsis
13 November"Anonymous Collective" claim respnsibility
Cairo International Airport Thwarts Hacking Attempt
12 NovemberSeminar on cyber security held at RUET
11 November“BCS certified ethical hacker” workshop in November – 2023
11 NovemberIBM launched Cloud-Native SIEM improving security
11 NovemberCyber Resilience: Elevating Bangladesh’s Corporate Culture Safeguard
11 NovemberWindows Server 2012/R2: Extended Security Updates
10 NovemberICBC, the world’s biggest bank, hit by ransomware