Author Archives: CIRT Team



CIRT Team

in CVE, Security Advisories & Alerts

Linux Kernel eBPF local privilege escalation (CVE-2022-23222) vulnerability

Description:kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Impact: A local attacker...

Read more

0
20 Jun 2022
in Security Advisories & Alerts

Microsoft Releases June 2022 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CVE-2022-30190, also known as “Follina” — the RCE vulnerability in the Microsoft Windows Support Diagnostic Tool that was disclosed in late May and exploited...

Read more

0
20 Jun 2022
in CVE, Security Advisories & Alerts

Follina / CVE-2022-30190: New Microsoft Office zero-day

Security researchers have discovered a new Microsoft Office zero-day vulnerability that is being used in attacks to execute maliciously PowerShell commands via Microsoft Diagnostic Tool (MSDT) simply by opening a Word document. Workarounds: In Microsoft Defender’s Attack Surface Reduction (ASR) activating the rule “Block all Office applications from creating child...

Read more

0
01 Jun 2022
Horizon Scanning Report for Bangladesh Telecom Operators
in English articles, News, Publications

Horizon Scanning Report for Bangladesh Telecom Operators

This report has been created by aggregating the first quarter’s acquired data for 2022 from threat intelligence sources, peer organization feeds, and OSINT assessments. BGD e-GOV CIRT conducted NO penetration testing attempts without well-established rules of engagement for the affected network owners. However, identified IOCs (Indicator of Compromises) were cross-examined...

Read more

0
24 Apr 2022
BGD e-Gov CIRT Arranged Three Days of Training on “Basic Cyber Security” For Bangladesh Army
in Bangla Articles, News

BGD e-Gov CIRT Arranged Three Days of Training on “Basic Cyber Security” For Bangladesh Army

গত ২২-২৪ মার্চ ২০২২ তারিখে BGD e-GOV CIRT বাংলাদেশ সেনাবাহিনির এর জন্য Basic Cyber Security এর উপর ৩ দিন ব্যাপি প্রশিক্ষণের অয়োজন করে । সেখানে MIST এর কর্মকর্তারা অংশ গ্রহণ করে। প্রশিক্ষণ শেষে অংশগ্রহণকারীদের মাঝে সনদ বিতরন করা হয়।

0
28 Mar 2022
BGD e-Gov CIRT Arranged Four Days of Training on “Cybersecurity and Secure Computer User” For Bangladesh Army
in Bangla Articles, News

BGD e-Gov CIRT Arranged Four Days of Training on “Cybersecurity and Secure Computer User” For Bangladesh Army

গত ১৩ -১৬ মার্চ ২০২২ তারিখে BGD e-GOV CIRT বাংলাদেশ সেনাবাহিনির এর জন্য Secure Computer User এর উপর ৪ দিন ব্যাপি প্রশিক্ষণের অয়োজন করে । সেখানে Army Information Technology Support Organization এর কর্মকর্তারা অংশ গ্রহণ করে।

0
21 Mar 2022
Page 1 of 512345