Author Archives: CIRT Team



CIRT Team

in Security Advisories & Alerts

Indicator of compromise (IoC) of Transparent Trib

Transparent Tribe (also known as PROJECTM and MYTHIC LEOPARD) is a very prolific group that is well-known in the cybersecurity industry for its massive espionage campaigns. The APT group Transparent Tribe is mounting an ongoing cyberespionage campaign, researchers said, which is aimed at military and diplomatic targets around the world. Transparent Tribe mainly relies on both spear phishing and watering hole attacks to gain its...

Read More

0
08 Apr 2021
in Security Advisories & Alerts

Threat actor group “ALTDOS” targeting Bangladesh

Threat actor group “ALTDOS” operate by accessing and exfiltrating companies databases and have focus mainly on South-East Asia including Bangladesh.“ALTDOS” is known to extort companies for ransom for the data exfiltrated. Not much is known about this group, other than the breach reports. Target sectors: Financial-services,retail,communications,construction,energy,pharmaceuticals,telecommunications External Reference relared to “ALTDOS” threat actor:https://www.databreaches.net/thai-media-and-content-conglomerate-mono-next-public-company-hit-by-altdos-hackers/https://www.databreaches.net/thai-securities-trading-firm-goes-offline-after-cyberattack/

0
08 Apr 2021
in Security Advisories & Alerts

Multiple Vulnerabilities in VMware vRealize Operations Manager Could Allow for Remote Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in VMware vRealizeOperations Manager, which could result in remote code execution. VMwarevRealize Operations Manager is an IT management platform which enablesvisibility, optimization and management of an organization’s physical,virtual and cloud infrastructure. This software comes within an APIwhich enables developers to build vRealize Operations Manager clients tocommunicate with the server over HTTP. Successful exploitation of thesevulnerabilities could allow an attacker to...

Read More

0
07 Apr 2021
in Security Advisories & Alerts

Multiple Vulnerabilities in Cisco Jabber Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco Jabber the mostsevere of which could allow for arbitrary code execution. Cisco Jabberprovides instant messaging (IM), voice, video, voice messaging, desktopsharing, and conferencing on any device. Successful exploitation of themost severe of these vulnerabilities could allow an unauthenticated,remote attacker to execute code on the affected systems. Depending onthe privileges associated with the application, an attacker could theninstall programs;...

Read More

0
07 Apr 2021
in Security Advisories & Alerts

Multiple Vulnerabilities in F5 BIG-IP and BIG-IQ Products Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in F5 products, the mostsevere of which could allow for remote code execution. * BIG-IP and BIG-IP Advanced WAF/ASM are a family of products coveringsoftware and hardware designed around application availability, accesscontrol, and security solutions.* BIG-IQ enables administrators to centrally manage BIG-IPinfrastructure across the IT landscape. It discovers, tracks, manages,and monitors physical and virtual BIG-IP devices – in the cloud,...

Read More

0
31 Mar 2021
in Security Advisories & Alerts

Multiple Vulnerabilities in ArubaNetworks Instant Access Point Could Allow for Arbitrary Code Execution

DESCRIPTION:Multiple vulnerabilities have been discovered in ArubaNetwork’s InstantAccess Point that could allow for arbitrary code execution. Aruba (aHewlett Packard Enterprise company) is the worldwide second-largestenterprise WLAN vendor. ArubaNetworks Instant Access Point is Wi-Fihardware which virtualizes Aruba Mobility Controller capabilities on802.11 access points (APs). Successful exploitation of thesevulnerabilities could allow an attacker to execute arbitrary code incontext of the user running the application. Depending on the...

Read More

0
31 Mar 2021
বাংলাদেশ কম্পিউটার কাউন্সিলে সাইবার নিরাপত্তা সম্পর্কিত কর্মশালা
in Articles, Bangla Articles, News

বাংলাদেশ কম্পিউটার কাউন্সিলে সাইবার নিরাপত্তা সম্পর্কিত কর্মশালা

বাংলাদেশ কম্পিউটার কাউন্সিলে অনুষ্ঠিত হলো দিনব্যাপী সাইবার নিরাপত্তা সম্পর্কিত অবহিতকরণ কর্মশালা। উক্ত কর্মশালায় মিলিটারি ইনস্টিটিউট অফ সায়েন্স অ্যান্ড টেকনোলজি, সংক্ষেপে এমআইএসটিতে অধ্যয়নরত সশস্ত্রবাহিনীর শিক্ষার্থী ও শিক্ষকবৃন্দ অংশগ্রহণ করেন। বুধবার সকাল ১০টা থেকে বিকাল ৫টা পর্যন্ত বাংলাদেশ কম্পিউটার কাউন্সিল এর সভাকক্ষে এ কর্মশালা অনুষ্ঠিত হয়। কর্মশালায় প্রধান অতিথি হিসেবে উপস্থিত ছিলেন বিসিসি’র নির্বাহী পরিচালক পার্থপ্রতিম দেব এবং কর্মশালাটি পরিচালনা করেন বিসিসি’র পরিচালক (সিএ অপারেশন ও নিরাপত্তা)...

Read More

0
16 Mar 2021
Page 4 of 134« First...23456...102030...Last »