Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. Researchers warn the code will quickly become a commodity and be leveraged in DDoS attacks via botnets such as Reaper or IOTrooper. Ankit Anubhav, researcher at NewSky Security first identified the code on Monday that was posted...
Read More
The massive size of the WordPress plugins ecosystem is starting to show signs of rot, as yet another incident has been reported involving the sale of old abandoned plugins to new authors who immediately proceed to add a backdoor to the original code. The WordPress security team has intervened and removed all plugins from the official WordPress Plugins Directory. WordPress security firm Wordfence discovered the...
Read More
ডাউনলোড এর জন্য ভিসিট করুন www.cirt.gov.bd মোবাইল অ্যাপ্লিকেশনটির ডাউনলোড লিংক https://play.google.com/store/apps/details?id=com.cirt.axion.bdcirt (প্লে-ষ্টোরে গিয়ে BGD e-GOV CIRT লিখে সার্চ করলেও পাওয়া যাবে) অথবা, এই QR কোডটি স্ক্যান করুন – BGD e-GOV CIRT এর লক্ষ্য BGD e-GOV CIRT এর লক্ষ্য হলো বাংলাদেশের অভ্যন্তরে আইসিটি কর্মসূচী বিকাশ ও সম্প্রসারণের লক্ষ্যে সাইবার সিকিউরিটি বিষয়ক যেকোনো ব্যবস্থাপনায় (incident management) দক্ষতা প্রতিষ্ঠার মাধ্যমে সরকারের প্রচেষ্টাকে ফলপ্রসূ করা। সাইবার নিরাপত্তা প্রদানের প্রচেষ্টা...
Read More
Description: Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. This attack only affects Windows operating systems. Other operating systems are unaffected. Impact: A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/
VMware has released security updates to address four vulnerabilities in its ESXi, vCenter Server Appliance (vCSA), Workstation and Fusion products. The flaws were addressed with the release of six patches for ESXi, version 12.5.8 of Workstation, version 8.5.9 of Fusion, and version 6.5 U1d of vCSA. Some of the flaws could be exploited by an attacker for arbitrary code execution. Security experts from Cisco Talos group discovered...
Read More
We found a new cryptocurrency-mining bot spreading through Facebook Messenger, which we first observed in South Korea. We named this Digmine based on the moniker (비트코인 채굴기 bot) it was referred to in a report of recent related incidents in South Korea. We’ve also seen Digmine spreading in other regions such as Vietnam, Azerbaijan, Ukraine, Vietnam, Philippines, Thailand, and Venezuela. It’s not far-off for Digmine to reach other countries...
Read More
Data centers aren’t exactly going extinct, but given the massive shift to public clouds, you need to make some significant adjustments if your mindset doesn’t already include or understand the cloud. The problem is that not every organization knows how to prepare for and embrace the cloud-driven future. It can take some major mental adjustments to shift mindset from on-prem environments based on the data center,...
Read More
To be honest, this is not something that should come as a surprise. Many are involved with cybercrime because they feel that they are safe from arrest. It is also one of the few crimes that offer a helpdesk! Indeed within the majority of ransomware demands victims are given the option of communicating with those behind such malicious campaigns. One of the questions we often ask is...
Read More
Over the course of the current week, WordPress sites around the globe have been the targets of a massive brute-force campaign during which hackers attempted to guess admin account logins in order to install a Monero miner on compromised sites. The brute-force attack started on Monday morning, 03:00 AM UTC and is still going strong at the time of writing. Brute-force attack targets over 190,000...
Read More
Tens of thousands of long-range WiFi routers used to provide home wireless broadband, especially in remote or rural areas, are riddled with vulnerabilities that could let a hacker take over IT networks, security researchers said Tuesday. The vulnerabilities, some of which can be exploited remotely if the router’s management interface is directly connected to the internet, were discovered in Cambium Networks’ ePMP and cnPilot product...
Read More
