相關新聞
Apple Fixes 2 Zero-Day Security Bugs, One Exploited in the Wild
iOS 15.3 & iPadOS 15.3 fix the Safari browser flaw that could have spilled users’ browsing data, plus a zero day IOMobileFrameBuffer bug exploited in the wild.
Threatpost
2022年01月27日 204 觀看次數
![](https://media.threatpost.com/wp-content/uploads/sites/103/2021/10/27115334/apple-with-bandaid-e1635350026287.jpeg)
New Year, New Threats: 4 Tips to Activate Your Best Cyber-Defense
Need a blueprint for architecting a formidable cyber-defense? Kerry Matre, senior director at Mandiant, shares hers in this detailed breakdown.
Threatpost
2022年01月27日 205 觀看次數
![](https://media.threatpost.com/wp-content/uploads/sites/103/2022/01/26151713/knight-cyber-defense-scaled-e1643228405151.jpeg)
Attackers now actively targeting critical SonicWall RCE bug
A critical severity vulnerability impacting SonicWall's Secure Mobile Access (SMA) gateways addressed last month is now targeted in ongoing exploitation attempts.
ZDnet
2022年01月26日 192 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2022/01/24/Sonicwall.jpg)
PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)
The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed by default on every major Linux distribution. This easily exploited vulnerability allows any unprivileged user to gain full root privileges on a vulnerable host by...
ZDnet
2022年01月26日 187 觀看次數
Trellix finds OneDrive malware targeting government officials in Western Asia
Hackers are using Microsoft OneDrive in a multi-stage espionage campaign aimed at high-ranking government officials in Western Asia, according to a new report from Trellix.
ZDnet
2022年01月26日 211 觀看次數
Linux Servers at Risk of RCE Due to Critical CWP Bugs
The two flaws in Control Web Panel – a popular web hosting management software used by 200K+ servers – allow code execution as root on Linux servers.
Threatpost
2022年01月25日 192 觀看次數
![](https://media.threatpost.com/wp-content/uploads/sites/103/2021/07/01164740/Linux-OS.jpg)
Log4j: Mirai botnet found targeting ZyXEL networking devices
A report explained that the Log4j vulnerability is being used to "infect and assist in the proliferation of malware used by the Mirai botnet."
ZDnet
2022年01月25日 225 觀看次數
![](https://www.zdnet.com/a/img/resize/ae87ac070a5b3d088fcafae17c131be3067edb71/2022/01/10/d0db5c59-423a-428b-a098-a043e397f51b/shutterstock-2090832775.jpg?width=770&height=578&fit=crop&auto=webp)
FBI warns of malicious QR codes used to steal your money
The Federal Bureau of Investigation (FBI) warned Americans this week that cybercriminals are using maliciously crafted Quick Response (QR) codes to steal their credentials and financial info.
BleepingComputer
2022年01月24日 310 觀看次數
![](https://www.bleepstatic.com/content/hl-images/2022/01/21/FBI_QR_Code.jpg)
Hackers hijack smart contracts in cryptocurrency token 'rug pull' exit scams
Misconfiguration provides the perfect opportunity for token-based theft.
ZDnet
2022年01月24日 182 觀看次數
![](https://www.zdnet.com/a/img/resize/2271ef902266baeee69e832e2e10f13be07ab0bb/2019/01/23/ea1e5dd9-47ff-4ef1-bdc1-4cc05b9b1126/istock-cryptocurrency-coins.jpg?width=770&height=578&fit=crop&auto=webp)
Box 2FA Bypass Opens User Accounts to Attack
A security bug in the file-sharing cloud app could have allowed attackers using stolen credentials to skate by one-time SMS code verification requirements.
Threatpost
2022年01月20日 181 觀看次數
![](https://media.threatpost.com/wp-content/uploads/sites/103/2019/01/11104331/2FA_two-factor-authentication.jpg)