CIRT Team
in English articles
CYBER RESILIENCE IN ASIA-PACIFIC
Cyber resilience effort and strategy have traditionally been considered from the position of enabling governments and businesses to deliver the intended outcomes despite disruptions to information and communication systems. There has also been a general focus on the security and resilience of critical information infrastructures, such as industrial control systems,...
Read more
in Bangla Articles
জাতীয় সাইবার ড্রিল ২০২১, নিবন্ধন
সাম্প্রতিক সময়ে সাইবার আক্রমন বেড়ে যাওয়ায় বিভিন্ন প্রতিষ্ঠান নিজেদের তথ্য নিরাপত্তা নিশ্চিত করতে বিভিন্ন উপায় অবলম্বন করছে। তন্মধ্যে প্রতিষ্ঠানের ব্যবহারকারীদের সচেতনতা বৃদ্ধি ও সাইবার নিরাপত্তা কর্মীদের হাতে কলমে প্রশিক্ষন অন্যতম। সাইবার নিরাপত্তা কর্মীদের হাতে কলমে প্রশিক্ষন ও মুল্যায়নের মাধ্যম হিসেবে Capture The Flag (CTF) বিশ্বজুড়ে জনপ্রিয় ও বহুল সমাদৃত একটি...
Read more
in Security Advisories & Alerts
OBSERVED APT-C-61 THREAT ACTOR’S MALICIOUS ACTIVITIES TARGETING BANGLADESH
CYBER THREAT ALERT Cyber Threat Intelligence unit of BGD e-GOV CIRT recently observed a series of malicious and suspicious activities, organized by an unknown APT group named APT-C-61, which was being observed starting in mid-2021. In primary observation, till now the target was important organizations such as national institutions, military...
Read more
in Security Advisories & Alerts
CVE-2020-0951: Windows Defender Application Control Security Feature Bypass Vulnerability
Description: A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC. The CVE-2020-0951 vulnerability affects both PowerShell 7 and PowerShell 7.1 versions.To...
Read more
in Security Advisories & Alerts
CVE-2021-41355: .NET Core and Visual Studio Information Disclosure Vulnerability
Description: An Information Disclosure vulnerability exists in .NET where System.DirectoryServices.Protocols.LdapConnection may send credentials in plain text on non-Windows Operating systems. CVE-2021-41355 impacts users of PowerShell 7.1.To check the PowerShell version you are running and determine if you are vulnerable to attacks exploiting these two bugs, you can execute the pwsh...
Read more
in Security Advisories & Alerts
A Vulnerability in Microsoft MSHTML Could Allow for Remote Code Execution
DESCRIPTION:A vulnerability has been discovered in Microsoft MSHTML, which couldallow for remote code execution. MSHTML (also known as Trident) is theengine used for Internet Explorer. It is also used by Microsoft Officeapplications for rendering web based content. Successful exploitation ofthis vulnerability could result in remote code execution in the contextof...
Read more
in Security Advisories & Alerts
Multiple Vulnerabilities in Mozilla Firefox and Thunderbird Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Mozilla Firefox,Firefox Extended Support Release (ESR), and Thunderbird, the most severeof which could allow for arbitrary code execution. Mozilla Firefox is aweb browser used to access the Internet. Mozilla Firefox ESR is aversion of the web browser intended to be deployed in largeorganizations. Successful...
Read more
