相關新聞
Deepfake colleagues trick HK clerk into paying HK$200m
A clerk working for the Hong Kong branch of a multinational company gave HK$200 million of the firm's money to fraudsters after being tricked into joining a video conference where all the other participants were AI-generated deepfakes, police said on Sunday. [...
RTHK
2024年02月07日 270 觀看次數
Fortinet FortiSIEM Hit by Two 10/10 Severity Vulnerabilities
The FortiSIEM product from Fortinet has been found to have two new critical vulnerabilities, CVE-2024-23108 and CVE-2024-23109, which allow for remote code execution by unauthenticated attackers.
Cyware News
2024年02月07日 165 觀看次數
Ivanti devices hit by wave of exploits for latest security hole
At this point you might be better off just shutting the stuff down
Various miscreants are attempting to exploit the latest Ivanti flaw, a server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 that can be used to hijack equipment....
The Register
2024年02月06日 188 觀看次數
Microsoft Outlook December updates trigger ICS security alerts
Microsoft is investigating an issue that triggers Outlook security alerts when trying to open .ICS calendar files after installing December 2023 Patch Tuesday Office security updates. [...]
Bleepingcomputer
2024年02月06日 221 觀看次數
Deepfake scammer walks off with $25 million in first-of-its-kind AI heist
Hong Kong firm tricked by simulation of multiple real people in video chat, including voices.
Ars Technica
2024年02月05日 194 觀看次數
Clorox says cyberattack caused $49 million in expenses
Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident. [...]
Bleepingcomputer
2024年02月04日 188 觀看次數
AnyDesk Hacked: Popular Remote Desktop Software Mandates Password Reset
Remote desktop software maker AnyDesk disclosed on Friday that it suffered a cyber attack that led to a compromise of its production systems. The German company said the incident, which it discovered following a security audit, is not a ransomware attack and that it has notified relevant...
The Hacker News
2024年02月03日 307 觀看次數
More Android apps riddled with malware spotted on Google Play
An Android remote access trojan (RAT) known as VajraSpy was found in 12 malicious applications, six of which were available on Google Play from April 1, 2021, through September 10, 2023. [...]
Bleepingcomputer
2024年02月02日 276 觀看次數
Hackers push USB malware payloads via news, media hosting sites
A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub, Vimeo, and Ars Technica, to host encoded payloads embedded in seemingly benign content. [...]
Bleepingcomputer
2024年02月01日 184 觀看次數
RunC Flaws Enable Container Escapes, Granting Attackers Host Access
Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks.
The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, ...
The Hacker News
2024年02月01日 226 觀看次數
