相關新聞 | HKCERT

Microsoft 365 credentials targeted in new fake voicemail campaign

A new phishing campaign has been targeting U.S. organizations in the military, security software, manufacturing supply chain, healthcare and pharmaceutical sectors to steal Microsoft Office 365 and Outlook credentials.

Bleepingcomputer 2022年06月21日 397 觀看次數

Android-wiping BRATA malware is evolving into a persistent threat

The threat actors operating the BRATA banking trojan have evolved their tactics and incorporated new information-stealing features into their malware. [...]

Bleepingcomputer 2022年06月19日 385 觀看次數

QNAP NAS devices targeted by surge of eCh0raix ransomware attacks

This week a new series of ech0raix ransomware has started targeting vulnerable QNAP Network Attached Storage (NAS) devices according to user reports and sample submissions on the ID-Ransomware platform. [...]

Bleepingcomputer 2022年06月19日 383 觀看次數

MetaMask, Phantom warn of flaw that could steal your crypto wallets

MetaMask and Phantom are warning of a new 'Demonic' vulnerability that could expose a crypto wallet's secret recovery phrase, allowing attackers to steal NFTs and cryptocurrency stored within it.

Bleepingcomputer 2022年06月17日 298 觀看次數

New MaliBot Android banking malware spreads as a crypto miner

Cybersecurity researchers have discovered a new Android banking malware named MaliBot, which poses as a cryptocurrency mining app or the Chrome web browser to target users in Italy and Spain.

Bleepingcomputer 2022年06月17日 296 觀看次數

Cisco Secure Email bug can let attackers bypass authentication

Cisco notified customers this week to patch a critical vulnerability that could allow attackers to bypass authentication and login into the web management interface of Cisco email gateway appliances with non-default configurations. [...]

Bleepingcomputer 2022年06月16日 303 觀看次數

New peer-to-peer botnet infects Linux servers with cryptominers

A new peer-to-peer botnet named Panchan appeared in the wild around March 2022, targeting Linux servers in the education sector to mine cryptocurrency. [...]

Bleepingcomputer 2022年06月16日 305 觀看次數

New Hertzbleed side-channel attack affects Intel, AMD CPUs

A new side-channel attack known as Hertzbleed allows remote attackers to steal full cryptographic keys by observing variations in CPU frequency enabled by dynamic voltage and frequency scaling (DVFS).

BleepingComputer 2022年06月15日 294 觀看次數

New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials

A new high-severity vulnerability has been disclosed in the Zimbra email suite that, if successfully exploited, enables an unauthenticated attacker to steal cleartext passwords of users sans any user interaction.

The Hacker News 2022年06月15日 310 觀看次數

Kaiser Permanente data breach exposes health data of 69K people

Kaiser Permanente, one of America's leading not-for-profit health plans and health care providers, has recently disclosed a data breach that exposed the health information of more than 69,000 individuals. [...]

Bleepingcomputer 2022年06月14日 294 觀看次數