The Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT), BCC is working to protect the nation’s cyberspace by proactively managing computer security incidents and related threats. As the long Eid holidays approach, cybercriminals may attempt to exploit security gaps due to reduced monitoring and response capabilities. The CTI unit of BGD e-GOV CIRT has recently detected multiple web-based attack attempts, particularly targeting non-office hours...
Read More
As part of BGD e-GOV CIRT continuous efforts to monitor emerging threats and vulnerabilities that could compromise national security, our Cyber Threat Intelligence Unit has identified 600 vulnerable PRTG instances in Bangladesh affected by CVE-2018-19410—a critical-severity vulnerability. This Local File Inclusion (LFI) and Authentication Bypass flaw is actively exploited by cybercriminals and is listed in CISA’s Known Exploited Vulnerabilities (KEV) Catalog. This vulnerability, affecting PRTG...
Read More
TLP: CLEAR Distribution: Public Type of Threat: Phishing E-Mail Date: 12 January 2025 Executive Summary Recently, we have observed a surge in phishing attacks targeting various government organizations, law enforcement agencies, educational institutions, and others, with the attacks spreading further through compromised accounts. This campaign is targeted to steal sensitive information by impersonating official entities and leveraging malicious attachments and links. This advisory provides details...
Read More
TLP: CLEAR Distribution: Public Type of Threat: RCE Vulnerability (CVE-2023-46747) Date: 06 November 2024 Executive Summary The Cyber Threat Intelligence Unit of the Bangladesh e-GOV Computer Incident Response Team (BGD e-GOV CIRT) has uncovered active evidence of compromise associated with a critical vulnerability in F5 BIG-IP systems, widely used across Bangladesh’s IT infrastructure. The investigation revealed that attackers managed to gain shell access on...
Read More
The Cyber Threat Intelligence (CTI) Unit at BGD e-GOV CIRT has recently identified a stealer malware campaign linked to the notorious Lumma Stealer malware family. Further investigation has revealed that multiple variants of stealer malware are being distributed using similar tactics. This report details how our threat intelligence researchers detected and analyzed this evolving malware campaign. Our CTI Unit has been actively monitoring stealer malware...
Read More
