CVE-2022-1388: On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Impact: This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands,...
Read More
This report has been created by aggregating the first quarter’s acquired data for 2022 from threat intelligence sources, peer organization feeds, and OSINT assessments. BGD e-GOV CIRT conducted NO penetration testing attempts without well-established rules of engagement for the affected network owners. However, identified IOCs (Indicator of Compromises) were cross-examined by threat intelligence unit researchers for further verification to achieve ‘true positives.’ The sole purpose...
Read More
গত ২২-২৪ মার্চ ২০২২ তারিখে BGD e-GOV CIRT বাংলাদেশ সেনাবাহিনির এর জন্য Basic Cyber Security এর উপর ৩ দিন ব্যাপি প্রশিক্ষণের অয়োজন করে । সেখানে MIST এর কর্মকর্তারা অংশ গ্রহণ করে। প্রশিক্ষণ শেষে অংশগ্রহণকারীদের মাঝে সনদ বিতরন করা হয়।
গত ১৩ -১৬ মার্চ ২০২২ তারিখে BGD e-GOV CIRT বাংলাদেশ সেনাবাহিনির এর জন্য Secure Computer User এর উপর ৪ দিন ব্যাপি প্রশিক্ষণের অয়োজন করে । সেখানে Army Information Technology Support Organization এর কর্মকর্তারা অংশ গ্রহণ করে।
BGD e-Gov CIRT arranged a three days training on “Cybersecurity and Secure Computer User” for 20 officials of Information and Communication Technology Division from 22nd February 2022 to 24th February 2022. Senior Secretary of ICT Division N M Zeaul Alam PAA inaugurated the capacity building training for ICT Division. Joint Secretary, Deputy Secretary and other officials of ICT Division participated in the training.
DESCRIPTION: Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for escalation of privilege. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for escalation of privilege. Depending on the privileges associated with...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe products, themost severe of which could allow for Arbitrary Code Execution. * Premiere Rush is a video editor.* Illustrator is a vector graphics editor and design program.* Photoshop is a graphics editor.* Adobe After Effects is a digital visual effects, motion graphics, andcompositing application.* Creative Cloud is a cloud service provided by Adobe where its softwarecan be accessed...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft products, themost severe of which could allow for remote code execution in thecontext of the logged on user. Depending on the privileges associatedwith the user, an attacker could then install programs; view, change, ordelete data; or create new accounts with full user rights. Users whoseaccounts are configured to have fewer user rights on the system could beless impacted...
Read More
