相關新聞 | HKCERT

Avira antivirus causes Windows computers to freeze after boot

Since Friday, Windows users have reported problems with the operating system freezing shortly after booting, an issue linked to a faulty update for Avira's security software. [...]

Bleepingcomputer 2023年12月13日 234 觀看次數

Sophos backports RCE fix after attacks on unsupported firewalls

Sophos was forced to backport a security update for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions after discovering hackers actively exploiting the flaw in attacks. [...]

Bleepingcomputer 2023年12月13日 241 觀看次數

50K WordPress sites exposed to RCE attacks by critical bug in backup plugin

A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites. [...]

Bleepingcomputer 2023年12月12日 227 觀看次數

Apple emergency updates fix recent zero-days on older iPhones

Apple has issued emergency security updates to backport patches for two actively exploited zero-day flaws to older iPhones and some Apple Watch and Apple TV models. [...]

Bleepingcomputer 2023年12月12日 323 觀看次數

Google Play Movies gets a new shutdown date: January 17

Purchased content will be scattered across a confusing array of apps and OSes.

Ars Technica 2023年12月12日 263 觀看次數

Over 30% of Log4J apps use a vulnerable version of the library

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries the maximum severity rating, despite patches being available for more than two years. [...

Bleepingcomputer 2023年12月10日 194 觀看次數

New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices

A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices.

The Hacker News 2023年12月08日 316 觀看次數

WordPress fixes POP chain exposing websites to RCE attacks

WordPress has released version 6.4.2 that addresses a remote code execution (RCE) vulnerability that could be chained with another flaw to allow attackers run arbitrary PHP code on the target website.

Bleeping Computer 2023年12月08日 230 觀看次數

Apple 'Lockdown Mode' Bypass Subverts Key iPhone Security Feature

Even the most severe security protections for mobile phones aren't all-encompassing or foolproof, as a tactic involving a spoof of lockdown mode shows.

Dark Reading 2023年12月06日 271 觀看次數

Microsoft will offer extended support options for Windows 10 PCs, for a price

When the end-of-support deadline rolls around in October 2025, you'll need to pay to keep receiving security updates for your Windows 10 PC. But Microsoft won't say how much those updates will cost.

ZDnet 2023年12月06日 211 觀看次數