相關新聞 | HKCERT

QNAP urges customers to disable UPnP port forwarding on routers

Taiwanese hardware vendor QNAP urged customers on Monday to disable Universal Plug and Play (UPnP) port forwarding on their routers to prevent exposing their network-attached storage (NAS) devices to attacks from the Internet. [...]

Bleepingcomputer 2022年04月20日 149 觀看次數

GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens

Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations.

The Hacker News 2022年04月19日 170 觀看次數

New EnemyBot DDoS botnet recruits routers and IoTs into its army

A new Mirai-based botnet malware named Enemybot has been observed growing its army of infected devices through vulnerabilities in modems, routers, and IoT devices, with the threat actor operating it known as Keksec. [...]

Bleepingcomputer 2022年04月14日 188 觀看次數

US warns of govt hackers targeting industrial control systems

A joint cybersecurity advisory issued by CISA, NSA, FBI, and the Department of Energy (DOE) warns of government-backed hacking groups being able to hijack multiple industrial devices using a new ICS-focused malware toolkit. [...]

Bleepingcomputer 2022年04月14日 202 觀看次數

Critical flaw in Elementor WordPress plugin may affect 500k sites

The authors of the Elementor Website Builder plugin for WordPress have just released version 3.6.3 to address a critical remote code execution flaw that may impact as many as 500,000 websites. [...]

Bleepingcomputer 2022年04月13日 213 觀看次數

Critical HP Teradici PCoIP flaws impact 15 million endpoints

HP is warning of new critical security vulnerabilities in the Teradici PCoIP client and agent for Windows, Linux, and macOS that impact 15 million endpoints.

BleepingComputer 2022年04月13日 160 觀看次數

Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware

The recently disclosed critical Spring4Shell vulnerability is being actively exploited by threat actors to execute the Mirai botnet malware, particularly in the Singapore region since the start of April 2022.

Thehackernews 2022年04月11日 166 觀看次數

FIN7 crime-gang pen tester headed to US prison for five years

He's the third FIN7 gangster to face time behind bars Another member of notorious cybercrime ring FIN7 is headed to jail after the gang breached major companies' networks across the US and stole more than $1 billion from these businesses' customers.…

The Register 2022年04月08日 211 觀看次數

Microsoft takes down APT28 domains used in attacks against Ukraine

Microsoft has successfully disrupted attacks against Ukrainian targets coordinated by the Russian APT28 hacking group after taking down seven domains used as attack infrastructure. [...]

Bleepingcomputer 2022年04月08日 172 觀看次數

This new malware targets AWS Lambda environments

A new malware variant that targets AWS Lambda has been discovered.

ZDNet 2022年04月07日 154 觀看次數