A targeted phishing campaign was identified originating from the compromised government/law enforcement email accounts. The attacker leveraged legitimate credentials to gain unauthorized access and send fraudulent emails to a wide range of recipients, primarily within government organizations and law enforcement agencies. This campaign reflects a well-coordinated credential-based phishing operation, targeting critical sectors to exploit trust within intra-government communications. The phishing emails typically include: Embedded phishing...
Read More
We would like to inform you that, based on current threat intelligence, there is a potential risk of a large-scale cyberattack targeting Bangladesh’s ICT infrastructure in the coming days. Likely targets include Critical Information Infrastructures (CII) and high-impact sectors such as banking, power, and public services. Recent attack patterns indicate a focus on web application exploitation, website defacement, compromised credentials, and Distributed Denial-of-Service (DDoS) attacks,...
Read More
BGD e-GOV CIRT, BCC remains committed to proactively securing the nation’s cyberspace. As the extended Eid holidays approach, we anticipate an increased risk of cyberattacks, as malicious actors often exploit periods of reduced monitoring and operational oversight. Our Cyber Threat Intelligence Unit has already identified widespread malware activity, including strains such as Android.vo1d and Avalanche-Andromeda, which have compromised thousands of IP addresses nationwide. In addition...
Read More
The Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT), BCC is working to protect the nation’s cyberspace by proactively managing computer security incidents and related threats. As the long Eid holidays approach, cybercriminals may attempt to exploit security gaps due to reduced monitoring and response capabilities. The CTI unit of BGD e-GOV CIRT has recently detected multiple web-based attack attempts, particularly targeting non-office hours...
Read More
As part of BGD e-GOV CIRT continuous efforts to monitor emerging threats and vulnerabilities that could compromise national security, our Cyber Threat Intelligence Unit has identified 600 vulnerable PRTG instances in Bangladesh affected by CVE-2018-19410—a critical-severity vulnerability. This Local File Inclusion (LFI) and Authentication Bypass flaw is actively exploited by cybercriminals and is listed in CISA’s Known Exploited Vulnerabilities (KEV) Catalog. This vulnerability, affecting PRTG...
Read More
