相關新聞 | HKCERT

China-linked cyberspies backdoor semiconductor firms with Cobalt Strike

Hackers engaging in cyber espionage have targeted Chinese-speaking semiconductor companies with TSMC-themed lures that infect them with Cobalt Strike beacons.

Bleeping Computer 2023年10月06日 229 觀看次數

Critical Zero-Day Bug in Atlassian Confluence Under Active Exploit

A critical privilege-escalation vulnerability in Atlassian Confluence Server and Confluence Data Center has been disclosed, with evidence of exploitation in the wild as a zero-day bug.

Dark Reading 2023年10月06日 304 觀看次數

GoldDigger Android Trojan Targets Banking Apps in Asia Pacific Countries

A new Android banking trojan named GoldDigger has been found targeting several financial applications with an aim to siphon victims' funds and backdoor infected devices.

The Hacker News 2023年10月06日 260 觀看次數

Guyana Governmental Entity Hit by DinodasRAT in Cyber Espionage Attack

A governmental entity in Guyana has been targeted as part of a cyber espionage campaign dubbed Operation Jacana.

The Hacker News 2023年10月06日 265 觀看次數

Qakbot Attackers Remain Alive and Quacking, Researchers Find

All are names of Windows shortcut files being distributed in Zip archives attached to phishing email messages recently sent by attackers tied to the Qakbot operation, reported threat intelligence researchers at Cisco Talos.

Dark Reading 2023年10月06日 222 觀看次數

Atlassian patches critical Confluence zero-day exploited in attacks

Australian software company Atlassian released emergency security updates to fix a maximum severity zero-day vulnerability in its Confluence Data Center and Server software, which has been exploited in attacks. [...]

Bleepingcomputer 2023年10月05日 243 觀看次數

Cisco fixes hard-coded root credentials in Emergency Responder

Cisco released security updates to fix a Cisco Emergency Responder (CER) vulnerability that let attackers log into unpatched systems using hard-coded credentials. [...]

Bleepingcomputer 2023年10月05日 232 觀看次數

Android October security update fixes zero-days exploited in attacks

Google has released the October 2023 security updates for Android, addressing 54 unique vulnerabilities, including two known to be actively exploited. [...]

Bleepingcomputer 2023年10月04日 351 觀看次數

Google to bolster phishing and malware delivery defenses in 2024

Google will introduce new sender guidelines in February to bolster email security against phishing and malware delivery by mandating bulk senders to authenticate their emails and adhere to stricter spam thresholds [...]

Bleepingcomputer 2023年10月04日 236 觀看次數

ShellTorch flaws expose AI servers to code execution attacks

A set of critical vulnerabilities dubbed 'ShellTorch' in the open-source TorchServe AI model-serving tool impact tens of thousands of internet-exposed servers, some of which belong to large organizations. [...]

Bleepingcomputer 2023年10月04日 287 觀看次數