A Step-By-Step Guide to Securing a Tomcat Server With LetsEncrypt SSL Certificate
Secure Socket Layer (SSL) is a protocol that provides security for communications between client and server by implementing encrypted data and certificate-based authentication. If you’re using Apache Tomcat as a Server for your web-application , chances are that at least some of the data you’re handling is sensitive, and SSL...
Read more
![2019 CWE Top 25 Most Dangerous Software Errors [mitre]](https://www.cirt.gov.bd/wp-content/uploads/2019/09/2019CWETop25-420x390.png)
2019 CWE Top 25 Most Dangerous Software Errors [mitre]
Introduction The Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Errors (CWE Top 25) is a demonstrative list of the most widespread and critical weaknesses that can lead to serious vulnerabilities in software. These weaknesses are often easy to find and exploit. They are dangerous because they will frequently...
Read more
Security Tip (ST19-003) Privacy and Mobile Device Apps
What are the risks associated with mobile device apps? Applications (apps) on your smartphone or other mobile devices can be convenient tools to access the news, get directions, pick up a ride share, or play games. But these tools can also put your privacy at risk. When you download an...
Read more
Operation Tripoli
A large-scale campaign has been distributing malware on Facebook for an unspecified number of years primarily targeting the country of Libya, according to Check Point researchers. The threat actors behind this campaign are utilizing the geopolitical and political pages themed around Libya that attempt to convince individuals to download malicious...
Read more
New FinSpy iOS and Android implants revealed ITW
FinSpy is spyware made by the German company Gamma Group. Through its UK-based subsidiary Gamma International Gamma Group sells FinSpy to government and law enforcement organizations all over the world. FinSpy is used to collect a variety of private user information on various platforms. Its implants for desktop devices were...
Read more
Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers
An advanced, persistent attack targeting telecommunication providers, active since at least 2012, according to Cybereason researchers. The attack, dubbed Operation Soft Cell, was aiming to obtain all data stored in the active directory of a large telecommunications provider, compromising usernames and passwords within the organization, as well as billing information,...
Read more
Sodinokibi Ransomware Now Pushed by Exploit Kits and Malvertising
Exploit kit researcher nao_sec has discovered “Sodinokibi” ransomware is now being distributed though malvertising that leads to the RIG exploit kit. Sodinokibi has been making news since the “GandCrab” family of ransomware has retired, but by distributing through hacking sites to replace legitimate software with ransomware, and by hacking into...
Read more
Riltok mobile Trojan: A banker with global reach
Kaspersky Lab researchers have identified a new variant of the Riltok mobile banking trojan that has been in operation since March 2018. The actors distributing Riltok have primarily focused on targeting individuals that reside in Russia, but versions for markets in France, Italy, Ukraine, and the United Kingdom have been...
Read more
বিজিপি রুট লিক (BGP Route Leak) এবং প্রতিকারে সম্ভাব্য করণীয়
বিজিপি রুট লিক (BGP Route Leak) কি? ইন্টারনেট ইঞ্জিনিয়ারিং টাস্ক ফোর্স (আইইটিএফ/ IETF) এর RFC 7908 মতে বিজিপি রুট লিক (BGP Route Leak) নিমক্ত ভাবে সংজ্ঞায়িত করা হয়েছেঃ “The propagation of routing announcement(s) beyond their intended scope. That is, an announcement from an Autonomous System (AS) of a learned BGP...
Read more
High Commissioner of India, Dhaka visits BGD e-GOV CIRT Operations Center
High Commissioner of India, Ms Riva Ganguly Das has visited BGD e-GOV CIRT Security operations center on 19 June, 2019. She visited different components of BGD e-GOV CIRT and got briefed about the daily activities of security operations center, cycler censor activities, cyber range lab and digital forensic lab. Hon’ble...
Read more
