相關新聞 | HKCERT

New Android Dropper-as-a-Service Called SecuriDropper Bypasses Google's Defenses

Dropper malware allows cybercriminals to install payloads on compromised devices. SecuriDropper disguises itself as harmless apps and uses a different Android API to install the payload, mimicking the process used by app marketplaces.

Cyware News 2023年11月06日 248 觀看次數

Atlassian warns of exploit for Confluence data wiping bug, get patching

Atlassian warned admins that a public exploit is now available for a critical Confluence security flaw that can be used in data destruction attacks targeting Internet-exposed and unpatched instances. [...]

Bleepingcomputer 2023年11月03日 237 觀看次數

Teen boys use AI to make fake nudes of classmates, sparking police probe

Parents told the high school "believed" the deepfake nudes were deleted.

Ars Technica 2023年11月03日 248 觀看次數

3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online

Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution (RCE) vulnerability.

Bleeping Computer 2023年11月02日 435 觀看次數

Hackers exploit recent F5 BIG-IP flaws in stealthy attacks

F5 is warning BIG-IP admins that devices are being breached by "skilled" hackers exploiting two recently disclosed vulnerabilities to erase signs of their access and achieve stealthy code execution.

Bleeping Computer 2023年11月02日 270 觀看次數

Hackers use Citrix Bleed flaw in attacks on govt networks worldwide

Threat actors are leveraging the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, to target government, technical, and legal organizations in the Americas, Europe, Africa, and the Asia-Pacific region.

Bleeping Computer 2023年11月02日 270 觀看次數

Mozi botnet murder mystery: China or criminal operators behind the kill switch?

Middle Kingdom or self-immolation - there are a couple of theories The Mozi botnet has all but disappeared according to security folks who first noticed the prolific network's slowdown and then uncovered a kill switch for the IoT system. But they still have one...

The Register 2023年11月02日 258 觀看次數

Atlassian warns of critical Confluence flaw leading to data loss

Australian software company Atlassian warned admins to immediately patch Internet-exposed Confluence instances against a critical security flaw that could lead to data loss following successful exploitation.

Bleeping Computer 2023年11月01日 307 觀看次數

Flipper Zero Bluetooth spam attacks ported to new Android app

Recent Flipper Zero Bluetooth spam attacks have now been ported to an Android app, allowing a much larger number of devices to implement these annoying spam alerts.

Bleeping Computer 2023年11月01日 275 觀看次數

HackerOne paid ethical hackers over $300 million in bug bounties

HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform's inception. [...]

Bleepingcomputer 2023年10月28日 252 觀看次數