相關新聞 | HKCERT

With 18,378 vulnerabilities reported in 2021, NIST records fifth straight year of record numbers

A record 18,378 vulnerabilities were reported in 2021 but the number of high severity vulnerabilities was lower than 2020.

ZDnet 2021年12月09日 208 觀看次數

Magnat malvertising campaigns spreads malicious Chrome extensions, backdoors and info stealers

Experts spotted a series of malvertising campaigns using fake installers of popular apps and games to deliver a backdoor and a malicious Chrome extension.

Security Affairs 2021年12月07日 260 觀看次數

FBI: Cuba ransomware group hit 49 critical infrastructure organizations

The FBI claimed the group has made at least $43.9 million in ransom payments.

ZDnet 2021年12月04日 238 觀看次數

Warning: Yet Another Zoho ManageEngine Product Found Under Active Attacks

Enterprise software provider Zoho on Friday warned that a newly patched critical flaw in its Desktop Central and Desktop Central MSP is being actively exploited by malicious actors, marking the third security vulnerability in its products to be abused in the wild in a span of four months. <!--...

The Hacker News 2021年12月04日 251 觀看次數

New malware hides as legit nginx process on e-commerce servers

eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions.

Bleeping Computer 2021年12月03日 260 觀看次數

Nine WiFi routers used by millions were vulnerable to 226 flaws

Security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them, even when running the latest firmware.

Bleeping Computer 2021年12月03日 261 觀看次數

Emotet now spreads via fake Adobe Windows App Installer packages

The Emotet malware is now distributed through malicious Windows App Installer packages that pretend to be Adobe PDF software.

Bleeping Computer 2021年12月02日 247 觀看次數

Critical Wormable Security Flaw Found in Several HP Printer Models

Cybersecurity researchers on Tuesday disclosed multiple security flaws affecting 150 different multifunction printers (MFPs) from HP Inc that could be potentially abused by an adversary to take control of vulnerable devices, pilfer sensitive information, and infiltrate enterprise networks to mount other attacks. The two weaknesses...

The Hacker News 2021年12月01日 255 觀看次數

It's the flu season – FluBot, that is: Surge of info-stealing Android malware detected

And a bunch of bank-account-raiding trojans also identified FluBot, a family of Android malware, is circulating again via SMS messaging, according to authorities in Finland.…

The Register 2021年12月01日 285 觀看次數

Hackers Using Compromised Google Cloud Accounts to Mine Cryptocurrency

Threat actors are exploiting improperly-secured Google Cloud Platform (GCP) instances to download cryptocurrency mining software to the compromised systems as well as abusing its infrastructure to install ransomware, stage phishing campaigns, and even generate traffic to YouTube videos for view count manipulation.

The Hacker News 2021年11月30日 278 觀看次數