The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security. Report : Following is the CVE report from BGD e-GOV CIRT for the month of January 2020.
We are all familiar with the Elastic Stack for various purposes. Today, I will let you know about a feature which was previously paid one, but in Elastic Stack 7.0 it has been made free. Role based access control is a feature which will allow users to have permission in specific domain only. This is a must need for a large environment where there are...
Read More
Summary New vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep software up to date. Timely patching is one of the most efficient and cost-effective steps an organization can take to minimize its exposure to cybersecurity threats. On January 14, 2020, Microsoft released software fixes to address 49 vulnerabilities as part of their monthly Patch Tuesday announcement. Among...
Read More
Today, Microsoft released patch for CVE-2020-0601, a vulnerability in windows “crypt32.dll” component that could allow attackers to perform spoofing attacks. This was discovered and reported by National Security Agency (NSA) Researchers. The vulnerability affects Windows 10 and Windows Server 2016/2019 systems. This is a serious vulnerability and patches should be applied immediately. An attacker could exploit this vulnerability by using a spoofed code-signing certificate, meaning an...
Read More
For a long period of time phishing is one of the major cyber threats in cyberspace. Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication.[1] For past few years we have noticed a rise in the phishing attack in all part of the globe. Anti Phishing...
Read More
Description: Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more...
Read More
Description: Cisco has released security updates to address multiple vulnerabilities in Data Center Network Manager (DCNM). A remote attacker could exploit these vulnerabilities to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: Cisco Data Center Network...
Read More
Description: Microsoft has released information about CVE-2019-1491, a vulnerability in SharePoint Server. An attacker could exploit this vulnerability to obtain sensitive information. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1491 https://support.microsoft.com/en-us/help/20191210/security-update-deployment-information-december-10-2019
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security. Report : Following is the CVE report from BGD e-GOV CIRT for the month of November – December 2019.
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security. Report : Following is the CVE report from BGD e-GOV CIRT for the month of October 2019.
