WhatsApp down for millions of users globally: App not working for group and individual chats; Twitter gets flooded with memes
Instant messaging app WhatsApp is down since 12.30 pm today as users are not able to send messages to group chats and only one tick was showing to messages sent to individuals. The messages sent to Group chats are not being delivered. Many WhatsApp users reported facing issues with their chats globally. Not only smartphone users but even WhatsApp web and WhatsApp desktop apps were...
Read More
বিজিডি ই-গভ সার্ট এর আয়োজনে আর্থিক প্রতিষ্ঠান সমূহের সাইবার ড্রিল ২০২২ অনুষ্ঠিত
তথ্য ও যোগাযোগ প্রযুক্তি বিভাগের আওতায় স্থাপিত বাংলাদেশ সরকারের জাতীয় কম্পিউটার ইনসিডেন্ট রেসপন্স টিম ‘বিজিডি ই-গভ সার্ট’ -এর বাৎসরিক আয়োজনে ২২-১০-২০২২ তারিখে ব্যাংক ও আর্থিক প্রতিষ্ঠান সমূহের জন্য একটি সাইবার ড্রিল অনুষ্ঠিত হয়। এ সাইবার ড্রিলে ব্যাংক ও আর্থিক প্রতিষ্ঠান হতে ৫০ টি টিমে ২৩২ জন সক্রিয়ভাবে অংশগ্রহণ করেন। ইস্টার্ন ব্যাংক লি. এর EBL Defend Ace টিম, এক্সিম ব্যাংক লি. এর EXM Cyber Rangers এবং...
Read More
Feature-Rich ‘Alchimist’ Cyberattack Framework Targets Windows, Mac, Linux Environments
Experts discovered a new attack framework, including a C2 tool dubbed Alchimist, used in attacks against Windows, macOS, and Linux systems. Researchers from Cisco Talos discovered a new, previously undocumented attack framework that included a C2 dubbed Alchimist. The framework is likely being used in attacks aimed at Windows, macOS, and Linux systems. The experts also spotted a new GoLang malware dubbed Insekt supporting remote...
Read More
Signal will remove support for SMS text messages on Android
Signal says it will start to phase out SMS and MMS message support from its Android app to streamline the user experience and prioritize security and privacy. While this announcement may surprise those who don’t know Signal can also be used to manage this type of text message, the Signal for Android app could be configured as the default SMS/MMS app since its beginning as TextSecure, an...
Read More
Worok: A New Cyber Espionage Group Targeting Private and Local Government Entities Mostly in Asia
A new cyber espionage threat group that has been previously unknown named Worok and has been observed using undocumented tools targeting private and local government entities mostly in Asia. Based on the report by ESET, the group has been active for at least 2020 and observed a significant break in operation from 2021-05 to 2022-01, but in 2022-02, their operation resumed, targeting an energy company, and a public...
Read More
by CIRT Team
Facebook warns about 400 password-stealing apps! Camera, beauty, VPN apps on the list
The tech giant has uncovered more than 400 malicious Android and iOS apps this year which steal usernames and passwords. 45 out of the 400 apps it found were on iOS, while the rest were on Android. They masquerade themselves as popular services like photo editors, games and VPNs to trick people into downloading them. How do these malicious apps work? Apart from displaying fun...
Read More
Microsoft confirms two Exchange Server zero days are being used in cyberattacks
Microsoft confirmed it is investigating two zero days affecting its Exchange Server software late Thursday following a report from Vietnamese cybersecurity firm GTSC that the vulnerabilities are being exploited in the wild. GTSC said it discovered the issues in August while doing security incident monitoring and response, then reported the issue to Microsoft’s Zero Day Initiative, which confirmed the bugs. The attacks GTSC reported chain together the two vulnerabilities. ...
Read More
The North Korean Lazarus Group Hacked Energy Providers Worldwide
INTRODUCTION Cisco Talos observed North Korean state-sponsored APT Lazarus Group conducting malicious activity between February and July 2022. Lazarus has been previously attributed to the North Korean government by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The entry vectors involve the successful exploitation of vulnerabilities in VMWare products to establish initial footholds into enterprise networks, followed by the deployment of the group’s custom malware implants, VSingle and YamaBot. In...
Read More
Vice Society: a discreet but steady double extortion ransomware group
What is Vice Society? Vice Society is a little-known double extortion group that joined the cybercrime ecosystem a year ago. Since then, it showed a steady activity, encrypting and exfiltrating its victim’s data and threatening their victims to leak their information to pressure them into paying a ransom. Unlike other RaaS (Ransomware-as-a-Service) double extortion groups, Vice Society focuses on getting into the victim system to deploy ransomware binaries...
Read More
by CIRT Team
আর্থিক প্রতিষ্ঠান সাইবার ড্রিল ২০২২
BGD e-GOV CIRT গত বছরের মত এবারও সকল আর্থিক প্রতিষ্ঠানে কর্মরত সাইবার পেশাজীবিদের অংশগ্রহণের মাধ্যমে তাদের সাইবার নিরাপত্তায় ইন্সিডেন্ট হ্যান্ডলিং বিষয়ে দক্ষতা বৃদ্ধি ও সাইবার নিরাপত্তার ধারণা দেওয়ার জন্য আগামী ২২ অক্টোবর ২০২২ তারিখে Financial Institution Cyber Drill 2022 এর আয়োজন করতে যাচ্ছে। Registration এর জন্য প্রতিটি দলের জন্য ১০,০০০ (দশ হাজার) টাকা নিবন্ধন ফি ধার্য্য করা হয়েছে যা CIRT এর e-shop এর মাধ্যমে পেমেন্ট...
Read More
