相關新聞 | HKCERT

DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack

A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers. “During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects that...

The Hacker News 2024年03月14日 209 觀看次數

Hackers exploit Windows SmartScreen flaw to drop DarkGate malware

A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers. [...]

Bleepingcomputer 2024年03月14日 178 觀看次數

Hackers exploit Windows SmartScreen flaw to drop DarkGate malware

A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.

Bleeping Computer 2024年03月14日 184 觀看次數

Malawi Passport System Back Online After Debilitating Cyberattack

Passport printing and distribution will resume first in Lilongwe as the immigration system gets back on its feet.

Dark Reading 2024年03月14日 143 觀看次數

PixPirate Android malware uses new tactic to hide on phones

The latest version of the PixPirate banking trojan for Android employs a new method to hide on phones while remaining active, even if its dropper app has been removed.

Bleeping Computer 2024年03月14日 184 觀看次數

Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs

Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws. [...]

Bleepingcomputer 2024年03月13日 185 觀看次數

Microsoft says Windows 10 21H2 support is ending in June

Microsoft announced today that it would end support for Windows 10 21H2 in June when the Enterprise and Education editions reach the end of service. [...]

Bleepingcomputer 2024年03月12日 168 觀看次數

Researchers expose Microsoft SCCM misconfigs usable in cyberattacks

Security researchers have created a knowledge base repository for attack and defense techniques based on improperly setting up Microsoft's Configuration Manager, which could allow an attacker to execute payloads or become a domain controller. [...]

Bleepingcomputer 2024年03月12日 164 觀看次數

Fake Leather wallet app on Apple App Store is a crypto drainer

The developers of the Leather cryptocurrency wallet are warning of a fake app on the Apple App Store, with users reporting it is a wallet drainer that stole their digital assets. [...]

Bleepingcomputer 2024年03月11日 134 觀看次數

Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability

Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-...

The Hacker News 2024年03月11日 173 觀看次數