相關新聞 | HKCERT

Microsoft Expands Access to Windows Recall AI Feature

The activity-recording capability has drawn concerns from the security community and privacy experts, but the tech giant is being measured in its gradual rollout, which is still in preview mode.

Dark Reading 2024年12月07日 71 觀看次數

Veeam Urges Updates After Discovering Critical Vulnerability

The vulnerability affects certain versions of the Veeam Service Provider Console that can only be fixed by updating with the latest patch.

Dark Reading 2024年12月05日 92 觀看次數

Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability

Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA).

The Hacker News 2024年12月04日 108 觀看次數

Exploit released for critical WhatsUp Gold RCE flaw, patch now

A proof-of-concept (PoC) exploit for a critical-severity remote code execution flaw in Progress WhatsUp Gold has been published, making it critical to install the latest security updates as soon as possible.

Bleeping Computer 2024年12月04日 101 觀看次數

BootKitty UEFI malware exploits LogoFAIL to infect Linux systems

The recently uncovered 'Bootkitty' UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka 'LogoFAIL,' to infect computers running on a vulnerable UEFI firmware. [...]

Bleepingcomputer 2024年12月03日 78 觀看次數

Gen AI could speed up coding, but businesses should still consider risks

Organizations keen to fund gen AI-powered software development for the anticipated benefits should also understand that this may come with adverse effects.

ZDnet 2024年11月28日 123 觀看次數

Hackers abuse popular Godot game engine to infect thousands of PCs

Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months. [...]

Bleepingcomputer 2024年11月28日 107 觀看次數

Hackers exploit ProjectSend flaw to backdoor exposed servers

Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. [...]

Bleepingcomputer 2024年11月28日 102 觀看次數

Microsoft re-releases Exchange updates after fixing mail delivery

Microsoft has re-released the November 2024 security updates for Exchange Server after pulling them earlier this month due to email delivery issues on servers using custom mail flow rules. [...]

Bleepingcomputer 2024年11月28日 96 觀看次數

New NachoVPN attack uses rogue VPN servers to install malicious updates

A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. [...]

Bleepingcomputer 2024年11月27日 105 觀看次數