相關新聞 | HKCERT

Hive ransomware ports its Linux VMware ESXi encryptor to Rust

The Hive ransomware operation has converted their VMware ESXi Linux encryptor to the Rust programming language and added new features to make it harder for security researchers to snoop on victim's ransom negotiations.

Bleepingcomputer 2022年03月28日 237 觀看次數

Okta: "We made a mistake" delaying the Lapsus$ hack disclosure

Okta has admitted that it made a mistake delaying the disclosure of hack from the Lapsus$ data extortion group that took place in January. Additionally, the company has provided a detailed timeline of the incident and its investigation activities.

Bleepingcomputer 2022年03月28日 270 觀看次數

Morgan Stanley client accounts breached in social engineering attacks

Morgan Stanley Wealth Management, the wealth and asset management division of Morgan Stanley, says some of its customers had their accounts compromised following vishing attacks. [...]

Bleepingcomputer 2022年03月25日 284 觀看次數

Phishing kits constantly evolve to evade security software

Modern phishing kits sold on cybercrime forums as off-the-shelve packages feature multiple and sophisticated detection avoidance and traffic filtering systems to ensure that internet security solutions won't mark them as a threat. [...]

Bleepingcomputer 2022年03月25日 274 觀看次數

Hackers exploit new WPS Office flaw to breach betting firms

An unknown Chinese-speaking threat actor has been targeting betting companies in Taiwan, Hong Kong, and the Philippines, leveraging a vulnerability in WPS Office to plant a backdoor on the targeted systems.

Bleepingcomputer 2022年03月24日 294 觀看次數

Okta confirms support engineer's laptop was hacked in January

Okta, a major provider of access management systems, has completed its investigation into a breach incident claimed by the Lapsus$ data extortion group. [...]

Bleepingcomputer 2022年03月23日 222 觀看次數

'CryptoRom' Crypto Scam Abusing iPhone Features to Target Mobile Users

Social engineering attacks leveraging a combination of romantic lures and cryptocurrency fraud have been deceiving unsuspecting victims into installing fake apps by taking advantage of legitimate iOS features like TestFlight and Web Clips. Cybersecurity company Sophos, which has named the organized crime campaign "CryptoRom," characterized it...

The Hacker News 2022年03月22日 218 觀看次數

BitRAT malware now spreading as a Windows 10 license activator

A new BitRAT malware distribution campaign is underway, exploiting users looking to activate pirated Windows OS versions for free using unofficial Microsoft license activators.

BleepingComputer 2022年03月22日 213 觀看次數

Microsoft investigating claims of hacked source code repositories

Microsoft says they are investigating claims that the Lapsus$ data extortion hacking group breached their internal Azure DevOps source code repositories and stolen data.

BleepingComputer 2022年03月22日 249 觀看次數

DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data

A DarkHotel phishing campaign breached luxe hotel networks, including Wynn Palace and the Grand Coloane Resort in Macao, a new report says.

Threatpost 2022年03月21日 192 觀看次數