相關新聞
FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT
The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. [...]
The Hacker News
2024年05月11日 118 觀看次數
Citrix warns admins to manually mitigate PuTTY SSH client bug
Citrix notified customers this week to manually mitigate a PuTTY SSH client vulnerability that could allow attackers to steal a XenCenter admin's private SSH key. [...]
Bleepingcomputer
2024年05月10日 55 觀看次數
New attack leaks VPN traffic using rogue DHCP servers
A new attack dubbed "TunnelVision" can route traffic outside a VPN's encryption tunnel, allowing attackers to snoop on unencrypted traffic while maintaining the appearance of a secure VPN connection. [...]
Bleepingcomputer
2024年05月08日 138 觀看次數
Billions of Android Devices Open to 'Dirty Stream' Attack
Microsoft has uncovered a common vulnerability pattern in several apps allowing code execution; at least four of the apps have more than 500 million installations each; and one, Xiaomi's File Manager, has at least 1 billion installations.
Dark Reading
2024年05月03日 142 觀看次數
CISA says GitLab account takeover bug is actively exploited in attacks
CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets. [...]
Bleepingcomputer
2024年05月02日 131 觀看次數
DropBox says hackers stole customer data, auth secrets from eSignature service
Cloud storage firm DropBox says hackers breached production systems for its DropBox Sign eSignature platform and gained access to authentication tokens, MFA keys, hashed passwords, and customer information. [...]
Bleepingcomputer
2024年05月02日 111 觀看次數
Microsoft Graph API Emerges as a Top Attacker Tool to Plot Data Theft
Weaponizing Microsoft's own services for command-and-control is simple and costless, and it helps attackers better avoid detection.
Dark Reading
2024年05月02日 91 觀看次數
Microsoft won't fix Windows 0x80070643 errors, manual fix required
Microsoft has confirmed that it won't provide an automated fix for a known issue causing 0x80070643 errors when installing recent Windows Recovery Environment (WinRE) updates. [...]
Bleepingcomputer
2024年05月02日 93 觀看次數
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
A new malware called Cuttlefish is targeting small office and home office (SOHO) routers with the goal of stealthily monitoring all traffic through the devices and gather authentication data from HTTP GET and POST requests.
"This malware is modular, designed...
The Hacker News
2024年05月02日 124 觀看次數
Fake job interviews target developers with new Python backdoor
A new campaign tracked as “Dev Popper” is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT).
Bleeping Computer
2024年04月29日 129 觀看次數
