相關新聞
CISA: Critical Microsoft SharePoint bug now actively exploited
CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution.
Bleeping Computer
2024年01月15日 208 觀看次數
Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion
The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data of victims who are unwilling to agree to their demands.
The Hacker News
2024年01月15日 318 觀看次數
Framework discloses data breach after accountant gets phished
Framework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, fell victim to a phishing attack. [...]
Bleepingcomputer
2024年01月12日 385 觀看次數
Cisco says critical Unity Connection bug lets attackers get root
Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched devices.
Bleeping Computer
2024年01月11日 196 觀看次數
Ivanti warns of Connect Secure zero-days exploited in attacks
Ivanti has disclosed two Connect Secure (ICS) and Policy Secure zero-days exploited in the wild that can let remote attackers execute arbitrary commands on targeted gateways.
Bleeping Computer
2024年01月11日 215 觀看次數
Apache OFBiz zero-day pummeled by exploit attempts after disclosure
SonicWall says it has observed thousands of daily attempts to exploit an Apache OFBiz zero-day for nearly a fortnight. [...]
The Register
2024年01月09日 222 觀看次數
Google: Malware abusing API is standard token theft, not an API issue
Google is downplaying reports of malware abusing an undocumented Google Chrome API to generate new authentication cookies when previously stolen ones have expired.
Bleeping Computer
2024年01月08日 213 觀看次數
X users fed up with constant stream of malicious crypto ads
Cybercriminals are abusing X advertisements to promote websites that lead to crypto drainers, fake airdrops, and other scams.
Bleeping Computer
2024年01月08日 198 觀看次數
Hackers hijack govt and business accounts on X for crypto scams
Hackers are increasingly targeting verified accounts on X (formerly Twitter) belonging to government and business profiles and marked with 'gold' and 'grey' checkmarks to promote cryptocurrency scams, phishing sites, and sites with crypto drainers. [...]
Bleepingcomputer
2024年01月05日 214 觀看次數
Ivanti warns critical EPM bug lets hackers hijack enrolled devices
Ivanti fixed a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers hijack enrolled devices or the core server. [...]
Bleepingcomputer
2024年01月05日 200 觀看次數