相關新聞 | HKCERT

GoDaddy hack causes data breach affecting 1.2 million customers

In a data breach notification published today, GoDaddy said that the data of up to 1.2 million of its customers was exposed after hackers gained access to the company's Managed WordPress hosting environment.

BleepingComputer 2021年11月23日 183 觀看次數

Experts found 11 malicious Python packages in the PyPI repository

Researchers discovered 11 malicious Python packages in the PyPI repository that can steal Discord access tokens, passwords, and conduct attacks.

Security Affairs 2021年11月19日 287 觀看次數

Thousands of Firefox users accidentally commit login cookies on GitHub

Thousands of Firefox cookie databases containing sensitive data are available on request from GitHub repositories, data potentially usable for hijacking authenticated sessions.

The Register 2021年11月19日 233 觀看次數

MosesStaff Locks Up Targets, with No Ransom Demand, No Decryption

A politically motivated group is paralyzing Israeli entities with no financial goal – and no intention of handing over decryption keys.

ThreatPost 2021年11月17日 208 觀看次數

SharkBot — A New Android Trojan Stealing Banking and Cryptocurrency Accounts

Cybersecurity researchers on Monday took the wraps off a new Android trojan that takes advantage of accessibility features on the devices to siphon credentials from banking and cryptocurrency services in Italy, the U.K., and the U.S.

The Hacker News 2021年11月17日 208 觀看次數

Emotet malware is back and rebuilding its botnet via TrickBot

The Emotet malware was considered the most widely spread malware in the past, using spam campaigns and malicious attachments to distribute the malware.

Bleeping Computer 2021年11月16日 189 觀看次數

Fake Ransomware Infection Spooks Website Owners

Starting this past Friday we have seen a number of websites showing a fake ransomware infection. Google search results for “FOR RESTORE SEND .1 BITCOIN” were sitting at 6 last week and increased to 291 at the time of writing this.

Sucuri Blog 2021年11月16日 424 觀看次數

Hoax Email Blast Abused Poor Coding in FBI Website

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an interview with the person who claimed responsibility for the hoax, the spam...

Krebs on Security 2021年11月14日 229 觀看次數

Top 10 Cybersecurity Best Practices to Combat Ransomware

Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile.

Threatpost 2021年11月13日 193 觀看次數

Millions of Routers, IoT Devices at Risk from New Open-Source Malware

BotenaGo, written in Google’s Golang programming language, can exploit more than 30 different vulnerabilities.

Threatpost 2021年11月12日 171 觀看次數