相關新聞 | HKCERT

MOVEit Hackers Pivot to SysAid Zero-Day in Ransomware Attacks

The Clop ransomware group is actively exploiting a SysAid zero-day flaw after running rampant through enterprise systems using MOVEit file transfer bug.

Dark Reading 2023年11月10日 269 觀看次數

Treasury Markets Disrupted by ICBC Ransomware Attack

The US Treasury states that it is in contact with financial regulators as it monitors the breach.

Dark Reading 2023年11月10日 209 觀看次數

Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI

A new set of malicious Python packages has slithered their way to the Python Package Index (PyPI) repository with the ultimate aim of stealing sensitive information from compromised developer systems.

The Hacker News 2023年11月09日 285 觀看次數

October 2023’s Most Wanted Malware: NJRat Jumps to Second Place while AgentTesla Spreads through new File Sharing Mal-Spam Campaign

Check Point Research reported that NJRat climbed four places into second spot last month. Meanwhile a new mal-spam campaign was discovered involving AgentTesla, the sixth most used malware, being delivered via corrupted file attachments

Check Point 2023年11月09日 238 觀看次數

Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation

Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges.

The Hacker News 2023年11月09日 211 觀看次數

Fake Ledger Live app in Microsoft Store steals $768,000 in crypto

Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at least $768,000 worth of cryptocurrency assets. [...]

Bleepingcomputer 2023年11月08日 163 觀看次數

Marina Bay Sands Becomes Latest Hospitality Cyber Victim

Marina Bay Sands, a luxury hotel and casino in Singapore known for its unique architecture, has disclosed a data breach impacting the personal data of 665,000 non-casino loyalty-program members. [...]

Dark Reading 2023年11月08日 187 觀看次數

Royal Mail jeopardizes users with open redirect flaw

The British postal service and courier company has left an open redirect vulnerability on one of its sites, exposing its customers to phishing attacks and malware infections. [...]

cybernews 2023年11月08日 213 觀看次數

Novel Google Cloud RAT Uses Calendar Events for C2

Cybercriminals are abusing legitimate functions within cloud services, and providers can't totally stop them, especially when it comes to innovative approaches like this.

Dark Reading 2023年11月07日 145 觀看次數

Veeam warns of critical bugs in Veeam ONE monitoring platform

Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical. [...]

Bleepingcomputer 2023年11月07日 147 觀看次數