CIRT Team
in CVE, Security Advisories & Alerts
CVE-2022-1388 : BIG-IP iControl REST vulnerability
CVE-2022-1388: On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Impact: This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands,...
Read More
in English articles, News, Publications
Horizon Scanning Report for Bangladesh Telecom Operators
This report has been created by aggregating the first quarter’s acquired data for 2022 from threat intelligence sources, peer organization feeds, and OSINT assessments. BGD e-GOV CIRT conducted NO penetration testing attempts without well-established rules of engagement for the affected network owners. However, identified IOCs (Indicator of Compromises) were cross-examined by threat intelligence unit researchers for further verification to achieve ‘true positives.’ The sole purpose...
Read More
in Bangla Articles, News
BGD e-Gov CIRT Arranged Three Days of Training on “Basic Cyber Security” For Bangladesh Army
গত ২২-২৪ মার্চ ২০২২ তারিখে BGD e-GOV CIRT বাংলাদেশ সেনাবাহিনির এর জন্য Basic Cyber Security এর উপর ৩ দিন ব্যাপি প্রশিক্ষণের অয়োজন করে । সেখানে MIST এর কর্মকর্তারা অংশ গ্রহণ করে। প্রশিক্ষণ শেষে অংশগ্রহণকারীদের মাঝে সনদ বিতরন করা হয়।
in Bangla Articles, News
BGD e-Gov CIRT Arranged Four Days of Training on “Cybersecurity and Secure Computer User” For Bangladesh Army
গত ১৩ -১৬ মার্চ ২০২২ তারিখে BGD e-GOV CIRT বাংলাদেশ সেনাবাহিনির এর জন্য Secure Computer User এর উপর ৪ দিন ব্যাপি প্রশিক্ষণের অয়োজন করে । সেখানে Army Information Technology Support Organization এর কর্মকর্তারা অংশ গ্রহণ করে।
in English articles, News
BGD e-Gov CIRT Arranged Three Days of Training on “Cybersecurity and Secure Computer User”
BGD e-Gov CIRT arranged a three days training on “Cybersecurity and Secure Computer User” for 20 officials of Information and Communication Technology Division from 22nd February 2022 to 24th February 2022. Senior Secretary of ICT Division N M Zeaul Alam PAA inaugurated the capacity building training for ICT Division. Joint Secretary, Deputy Secretary and other officials of ICT Division participated in the training.
in Security Advisories & Alerts
Multiple Vulnerabilities in Google Android OS Could Allow for Escalation of Privilege
DESCRIPTION: Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for escalation of privilege. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for escalation of privilege. Depending on the privileges associated with...
Read More
in Security Advisories & Alerts
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe products, themost severe of which could allow for Arbitrary Code Execution. * Premiere Rush is a video editor.* Illustrator is a vector graphics editor and design program.* Photoshop is a graphics editor.* Adobe After Effects is a digital visual effects, motion graphics, andcompositing application.* Creative Cloud is a cloud service provided by Adobe where its softwarecan be accessed...
Read More
