相關新聞 | HKCERT

Ivanti warns of new Connect Secure zero-day exploited in attacks

Today, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day bug already under active exploitation. [...]

Bleepingcomputer 2024年01月31日 151 觀看次數

Microsoft Teams phishing pushes DarkGate malware via group chats

New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims' systems.

Bleeping Computer 2024年01月31日 210 觀看次數

Online ransomware decryptor helps recover partially encrypted files

CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption.

Bleeping Computer 2024年01月31日 197 觀看次數

Blackwood hackers hijack WPS Office update to install malware

A previously unknown advanced threat actor tracked as 'Blackwood' is using sophisticated malware called NSPX30 in cyberespionage attacks against companies and individuals.

Bleeping Computer 2024年01月26日 231 觀看次數

Hackers target WordPress database plugin active on 1 million sites

Malicious activity targeting a critical severity flaw in the ‘Better Search Replace’ WordPress plugin has been detected, with researchers observing thousands of attempts in the past 24 hours.

Bleeping Computer 2024年01月26日 149 觀看次數

iPhone apps abuse iOS push notifications to collect user data

Numerous iOS apps are using background processes triggered by push notifications to collect user data about devices, potentially allowing the creation of fingerprinting profiles used for tracking.

Bleeping Computer 2024年01月26日 210 觀看次數

Organizations need to switch gears in their approach to email security

Inbound email incidents primarily took the form of malicious URLs, attacks sent from a compromised account, and malware or ransomware attachments.

HelpNetSecurity 2024年01月26日 129 觀看次數

The dark side of 2023 Cybersecurity: Malware evolution and Cyber threats

In the ever-evolving cybersecurity landscape, 2023 witnessed a dramatic surge in the sophistication of cyber threats and malware. AT&T Cybersecurity Alien Labs reviewed the big events of 2023 and how malware morphed this year to try new ways to breach and wreak havoc.

Bleeping Computer 2024年01月26日 127 觀看次數

Over 5,300 GitLab servers exposed to zero-click account takeover attacks

Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month. [...]

Bleepingcomputer 2024年01月25日 188 觀看次數

Ambient light sensors can reveal your device activity. How big a threat is it?

For now, there's no reason for concern, but that could change in coming years.

Ars Technica 2024年01月24日 165 觀看次數