相關新聞 | HKCERT

Password recovery tool infects industrial systems with Sality malware

A threat actor is infecting industrial control systems (ICS) to create a botnet through password "cracking" software for programmable logic controllers (PLCs).

Bleepingcomputer 2022年07月18日 267 觀看次數

PayPal phishing kit added to hacked WordPress sites for full ID theft

A newly discovered phishing kit targeting PayPal users is trying to steal a large set of personal information from victims that includes government identification documents and photos. [...]

Bleepingcomputer 2022年07月15日 398 觀看次數

New Lilith ransomware emerges with extortion site, lists first victim

A new ransomware operation has been launched under the name 'Lilith,' and it has already posted its first victim on a data leak site created to support double-extortion attacks. [...]

Bleepingcomputer 2022年07月14日 408 觀看次數

New UEFI firmware flaws impact over 70 Lenovo laptop models

The UEFI firmware used in several laptops made by Lenovo is vulnerable to three buffer overflow vulnerabilities that could enable attackers to hijack the startup routine of Windows installations. [...]

Bleepingcomputer 2022年07月14日 352 觀看次數

Hackers impersonate cybersecurity firms in callback phishing attacks

Hackers are impersonating well-known cybersecurity companies, such as CrowdStrike, in callback phishing emails to gain initial access to corporate networks.

Bleepingcomputer 2022年07月13日 315 觀看次數

Microsoft: Phishing bypassed MFA in attacks against 10,000 orgs

Microsoft says a massive series of phishing attacks has targeted more than 10,000 organizations starting with September 2021, using the gained access to victims' mailboxes in follow-on business email compromise (BEC) attacks.

Bleepingcomputer 2022年07月13日 289 觀看次數

New ‘Luna Moth’ hackers breach orgs via fake subscription renewals

A new data extortion group has been breaching companies to steal confidential information, threatening victims to make the files publicly available unless they pay a ransom. The gang received the name Luna Moth and has been active since at least March in phishing campaigns that delivered remote access...

Bleepingcomputer 2022年07月13日 375 觀看次數

Hackers can unlock Honda cars remotely in Rolling-PWN attacks

A team of security researchers found that several modern Honda car models have a vulnerable rolling code mechanism that allows unlocking the cars or even starting the engine remotely. [...]

Bleepingcomputer 2022年07月12日 427 觀看次數

Microsoft says decision to unblock Office macros is temporary

Microsoft says last week's decision to roll back VBA macro auto-blocking in downloaded Office documents is only a temporary change. [...]

Bleepingcomputer 2022年07月12日 303 觀看次數

Hackers Exploiting Follina Bug to Deploy Rozena Backdoor

A newly observed phishing campaign is leveraging the recently disclosed Follina security vulnerability to distribute a previously undocumented backdoor on Windows systems.

The Hacker News 2022年07月11日 294 觀看次數