相關新聞 | HKCERT

China broke into govt, defense, finance networks via zero-day in Pulse Secure VPN gateways? No way

Crucial flaw won't be fixed until next month Dozens of defense companies, government agencies, and financial organizations in America and abroad appear to have been compromised by China via vulnerabilities in their Pulse Connect Secure VPN appliances – including a zero-day flaw that won...

The Register 2021年04月21日 391 觀看次數

NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens

The malware seems like a silly coding lark at first, but further exploration shows it can wreak serious damage in follow-on attacks.

Threatpost 2021年04月20日 516 觀看次數

Ransomware: A Deep Dive into 2021 Emerging Cyber-Risks

Our new eBook goes beyond the status quo to take a look at the evolution of ransomware and what to prepare for next.

Threatpost 2021年04月20日 442 觀看次數

WordPress core contributor proposes treating Google FLoC as a security vulnerability

Let's opt every WordPress site out of FLoC. Nice idea, but security update? Really? A proposal by a WordPress core contributor to treat Google's FLoC ad tech as a security vulnerability, and therefore backport an automatic opt-out to previous...

The Register 2021年04月20日 383 觀看次數

Growing reliance on third-party suppliers signals increasing security risks

Adversaries are turning their focus on cheaper, easier targets within an organisation's supply chain, especially as businesses increasingly acquire software from external suppliers.

ZDNet 2021年04月19日 281 觀看次數

Chrome and Chromium updated after yet another exploit is found in browser's V8 JavaScript engine

JS component seems to be focus of researchers and miscreants alike Google has announced new updates to Chrome 89 following the discovery of yet another live exploit for a vulnerability in the V8 JavaScript engine.…

The Register 2021年04月15日 339 觀看次數

FBI Clears ProxyLogon Web Shells from Hundreds of Orgs

In a veritable cyber-SWAT action, the Feds remotely removed the infections without warning businesses beforehand.

Threatpost 2021年04月15日 269 觀看次數

Ransomware Attack Creates Cheese Shortages in Netherlands

Not a Gouda situation: An attack on a logistics firm is suspected to be related to Microsoft Exchange server flaw.

Threatpost 2021年04月15日 493 觀看次數

Critical security alert: If you haven't patched this old VPN vulnerability, assume your network is compromised

Hundreds of organisations that haven't applied a Fortinet VPN security update released in 2019 should assume that cyber criminals are trying to take advantage, NCSC warns.

ZDNet 2021年04月13日 350 觀看次數

IcedID Circulates Via Web Forms, Google URLs

Attackers are filling out and submitting web-based "contact us" forms, thus evading email spam filters.

Threatpost 2021年04月13日 258 觀看次數