相關新聞 | HKCERT

Cyberattackers Target Nuclear Waste Company via LinkedIn

The hackers were unsuccessful in their attempt, but this is not the first time the company has experienced this kind of attack.

Dark Reading 2024年01月03日 256 觀看次數

Google Settles Lawsuit Over Tracking 'Incognito Mode' Chrome Users

Google tracked privacy-conscious Internet users, and now it's paying for it.

Dark Reading 2024年01月03日 232 觀看次數

Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset

Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. [...]

The Hacker News 2024年01月03日 235 觀看次數

Xerox says subsidiary XBS U.S. breached after ransomware gang leaks data

The U.S. division of Xerox Business Solutions (XBS) has been compromised by hackers, and a limited amount of personal information might have been exposed, according to an announcement by the parent company, Xerox Corporation. [...]

Bleepingcomputer 2024年01月03日 237 觀看次數

New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections

Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach "leverages...

The Hacker News 2024年01月01日 256 觀看次數

Android game dev’s Google Drive misconfig highlights cloud security risks

Japanese game developer Ateam has proven that a simple Google Drive configuration mistake can result in the potential but unlikely exposure of sensitive information for nearly one million people over a period of six years and eight months. [...]

Bleepingcomputer 2023年12月31日 192 觀看次數

New Black Basta decryptor exploits ransomware flaw to recover files

Researchers have created a decryptor that exploits a flaw in Black Basta ransomware, allowing victims to recover their files for free. [...]

Bleepingcomputer 2023年12月30日 166 觀看次數

EasyPark discloses data breach that may impact millions of users

Parking app developer EasyPark has published a notice on its website warning of a data breach it discovered on December 10, 2023, which impacts an unknown number of its millions of users. [...]

Bleepingcomputer 2023年12月29日 235 觀看次數

Game mod on Steam breached to push password-stealing malware

Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system. [...]

Bleepingcomputer 2023年12月29日 196 觀看次數

Microsoft disables MSIX protocol handler abused in malware attacks

Microsoft has again disabled the MSIX ms-appinstaller protocol handler after multiple financially motivated threat groups abused it to infect Windows users with malware. [...]

Bleepingcomputer 2023年12月29日 202 觀看次數