相關新聞
Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks
SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.
DARKReading
2022年08月04日 405 觀看次數
Microsoft accounts targeted with new MFA-bypassing phishing kit
A new large-scale phishing campaign targeting credentials for Microsoft email services use a custom proxy-based phishing kit to bypass multi-factor authentication.
BleepingComputer
2022年08月04日 284 觀看次數
VirusTotal Reveals Most Impersonated Software in Malware Attacks
Threat actors are increasingly mimicking legitimate applications like Skype, Adobe Reader, and VLC Player as a means to abuse trust relationships and increase the likelihood of a successful social engineering attack.
The Hacker News
2022年08月04日 269 觀看次數
VMware urges admins to patch critical auth bypass bug immediately
VMware has warned admins today to patch a critical authentication bypass security flaw affecting local domain users in multiple products and enabling unauthenticated attackers to gain admin privileges.
Bleepingcomputer
2022年08月03日 278 觀看次數
Bot army risk as 3,000+ apps found spilling Twitter API keys
Please stop leaving credentials where miscreants can find them
Want to build your own army? Engineers at CloudSEK have published a report on how to do just that in terms of bots and Twitter, thanks to API keys leaking from applications.…
The Register
2022年08月02日 213 觀看次數
Facebook ads push Android adware with 7 million installs on Google Play
Several adware apps promoted aggressively on Facebook as system cleaners and optimizers for Android devices are counting millions of installations on Google Play store. [...]
Bleepingcomputer
2022年07月30日 243 觀看次數
As Microsoft blocks Office macros, hackers find new attack vectors
Hackers who normally distributed malware via phishing attachments with malicious macros gradually changed tactics after Microsoft Office began blocking them by default, switching to new file types such as ISO, RAR, and Windows Shortcut (LNK) attachments.
BleepingComputer
2022年07月28日 249 觀看次數
FileWave fixes bugs that left 1,000+ orgs open to ransomware, data theft
Internet-connected MDM instances, each with an 'unrestricted number' of managed devices, were vulnerable FileWave has fixed a couple vulnerabilities in its endpoint management software that could allow a remote attacker to bypass authentication and take full control of the deployment and associated devices....
The Register
2022年07月28日 227 觀看次數
Google once again delays phasing out third-party cookies
Chrome will now fully support the tracking technology until the second half of 2024
ZDnet
2022年07月28日 207 觀看次數
We're likely only seeing 'the tip of the iceberg' of Pegasus spyware use against the US
House intel chair raises snoop tool concerns as Google and others call for greater crack down Google and internet rights groups have called on Congress to weigh in on spyware, asking for sanctions and increased enforcement against so-called legit surveillanceware makers.…
The Register
2022年07月28日 291 觀看次數