ব্যাংকিং ও অন্যান্য আর্থিক প্রতিষ্ঠানগুলোর সাইবার নিরাপত্তা ব্যাবস্থা আরো সুশংহত করার লক্ষ্যে কাজ করে যাচ্ছে বাংলাদেশ কম্পিউটার ইনসিডেন্ট রেসপন্স টিম- সংক্ষেপে বিজিডি ই-গভঃ সার্ট। নিজেদেরকে দক্ষতা বৃদ্ধির উদ্দেশ্যে শনিবার বিজিডি ই-গভ সার্ট এর সম্মেলন কক্ষে “কোর ব্যাংকিং সল্যুশন অডিট টেকনিক্স” শীর্ষক প্রশিক্ষণ কর্মশালার আয়োজন করা হয়। উক্ত কর্মশালায় বিজিডি ই-গভ সার্ট, ন্যাশনাল ডাটা সেন্টার এবং বাংলাদেশ ন্যাশনাল ডিজিটাল আর্কিটেকচার টিমের সদস্যগণ অংশগ্রহন করেন। কর্মশালায় সোনালী...
Read More
সকল বিশ্ববিদ্যালয়ের শিক্ষার্থীদের অংশগ্রহণের মাধ্যমে তাদের দক্ষতা বৃদ্ধি ও সাইবার নিরাপত্তার ধারণা দেওয়ার জন্য আগামী ২৩-২৪ আগস্ট ২০২১ তারিখে দুইদিন ব্যাপী একটি সাইবার ড্রিল আয়োজনের উদ্যোগ গ্রহণ করা হয়েছে। Registration is Closed.
Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind the attacks against SolarWinds, the SUNBURST backdoor, TEARDROP malware, GoldMax malware, and other related components. The campaign, initially observed and tracked by Microsoft since January 2021, evolved over a series of waves demonstrating significant experimentation. On May 25, 2021, the campaign escalated as NOBELIUM leveraged the...
Read More
DESCRIPTION:A vulnerability has been discovered in Microsoft Windows JET DatabaseEngine that could allow for arbitrary code execution. Microsoft WindowsJET Database Engine provides data access to various applications such asMicrosoft Access, Microsoft Visual Basic, and third-party applications.Successful exploitation of this vulnerability could result in arbitrarycode execution within the context of the application, an attackergaining the same privileges as the logged-on user, or the bypassing ofsecurity restrictions....
Read More
Zeppelin ransomware is also referred to as Buran and has its origin in the Vega/VegaLocker family, a Delphi-based ransomware-as-a-service (RaaS).According to researcher Vitali Kremez, Zeppelin binaries are generated via a GUI wizard by affiliates who then distribute the malware in exchange for revenue sharing. Vega samples were first discovered in the beginning of 2019, being distributed alongside other widespread financial malware as part of a...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe Products, themost severe of which could allow for arbitrary code execution. * Acrobat and Reader is a family of application software and Webservices mainly used to create, view, and edit PDF documents.* Animate is a multimedia authoring computer animation program.* Experience Manager is a content management solution for buildingwebsites, mobile apps, and forms.* InCopy is a professional word...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Wi-Fi enabled devices,the most severe of which could allow for data exfiltration. IEEE 802.11is part of the IEEE 802 set of local area network technical standards,and specifies the set of medium access control and physical layerprotocols for implementing wireless local area network communication.Successful exploitation of the most severe of these vulnerabilitiescould allow an attacker to exfiltrate user data. IMPACT:*...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for arbitrary code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco SD-WAN vManageSoftware, the most severe of which could allow for arbitrary codeexecution. Cisco SD-WAN provides a centralized management interface ofan organization’s WAN including their cloud and data center environment.Successful exploitation of the most severe of these vulnerabilitiescould allow an unauthenticated, remote attacker to executeadministrative functions and obtain an admin account. An attacker couldthen view, change, or delete data;...
Read More
