相關新聞 | HKCERT

Hackers Deploy IceApple Exploitation Framework on Hacked MS Exchange Servers

Researchers have detailed a previously undocumented .NET-based post-exploitation framework called IceApple that has been deployed on Microsoft Exchange server instances to facilitate reconnaissance and data exfiltration.

Bleepingcomputer 2022年05月13日 175 觀看次數

HP fixes bug letting attackers overwrite firmware in over 200 models

HP has released BIOS updates today to fix two high-severity vulnerabilities affecting a wide range of PC and notebook products, which allow code to run with Kernel privileges.

Bleepingcomputer 2022年05月12日 275 觀看次數

Critical F5 BIG-IP vulnerability targeted by destructive attacks

A recently disclosed F5 BIG-IP vulnerability has been used in destructive attacks, attempting to erase a device's file system and make the server unusable.

Bleepingcomputer 2022年05月11日 300 觀看次數

New REvil Samples Indicate Ransomware Gang is Back After Months of Inactivity

The notorious ransomware operation known as REvil (aka Sodin or Sodinokibi) has resumed after six months of inactivity, an analysis of new ransomware samples has revealed.

The hacker news 2022年05月11日 298 觀看次數

Kaspersky uncovers fileless malware inside Windows event logs

The cybersecurity company says this is the first time they have seen this type of malware hiding method. The post Kaspersky uncovers fileless malware inside Windows event logs appeared first on TechRepublic.

TechRepublic 2022年05月10日 211 觀看次數

Microsoft releases fixes for Azure flaw allowing RCE attacks

Microsoft has released security updates to address a security flaw affecting Azure Synapse and Azure Data Factory pipelines that could let attackers execute remote commands across Integration Runtime infrastructure. [...]

Bleepingcomputer 2022年05月10日 197 觀看次數

Google to Add Passwordless Authentication Support to Android and Chrome

Google today announced plans to implement support for passwordless logins in Android and the Chrome web browser to allow users to seamlessly and securely sign in across different devices and websites irrespective of the platform. [...]

The Hacker News 2022年05月06日 253 觀看次數

Researchers Disclose Years-Old Vulnerabilities in Avast and AVG Antivirus

Two high-severity security vulnerabilities, which went undetected for several years, have been discovered in a legitimate driver that's part of Avast and AVG antivirus solutions. [...]

The Hacker News 2022年05月06日 464 觀看次數

Attackers hijack UK NHS email accounts to steal Microsoft logins

For about half a year, work email accounts belonging to over 100 employees of the National Health System (NHS) in the U.K. were used in several phishing campaigns, some aiming to steal Microsoft logins. [...]

Bleepingcomputer 2022年05月05日 333 觀看次數

Pixiv, DeviantArt artists hit by NFT job offers pushing malware

Users on Pixiv, DeviantArt, and other creator-oriented online platforms report receiving multiple messages from people claiming to be from the "Cyberpunk Ape Executives" NFT project, with the main goal to infect artists' devices with information-stealing malware. [.....

Bleepingcomputer 2022年05月05日 288 觀看次數