相關新聞 | HKCERT

Exim patches three of six zero-day bugs disclosed last week

Exim developers have released patches for three of the zero-days disclosed last week through Trend Micro's Zero Day Initiative (ZDI), one of them allowing unauthenticated attackers to gain remote code execution. [...]

Bleepingcomputer 2023年10月03日 308 觀看次數

Exploit available for critical WS_FTP bug exploited in attacks

Over the weekend, security researchers released a proof-of-concept (PoC) exploit for a maximum severity remote code execution vulnerability in Progress Software's WS_FTP Server file sharing platform. [...]

Bleepingcomputer 2023年10月03日 221 觀看次數

New BunnyLoader threat emerges as a feature-rich malware-as-a-service

Security researchers discovered a new malware-as-a-service (MaaS) named 'BunnyLoader' advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system clipboard. [...]

Bleepingcomputer 2023年10月03日 229 觀看次數

10 new vulnerabilities disclosed by Talos, including use-after-free issue in Google Chrome

Cisco Talos disclosed 10 vulnerabilities over the past two weeks affecting a range of software, including the popular Google Chrome web browser.

Talos Intelligence 2023年09月29日 218 觀看次數

Backdoored firmware lets China state hackers control routers with “magic packets”

Hackers backed by the Chinese government are planting malware into routers that provides long-lasting and undetectable backdoor access to the networks of multinational companies in the US and Japan, governments in both countries said Wednesday.

Ars Technica 2023年09月29日 176 觀看次數

Budworm hackers target telcos and govt orgs with custom malware

A Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and a government entity in Asia using a new variant of its custom 'SysUpdate' backdoor.

Bleeping Computer 2023年09月29日 191 觀看次數

Building automation giant Johnson Controls hit by ransomware attack

Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices, including VMware ESXi servers, impacting the company’s and its subsidiaries’ operations.

Bleeping Computer 2023年09月29日 174 觀看次數

China APT Cracks Cisco Firmware in Attacks Against the US and Japan

An old Chinese state-linked threat actor has been quietly manipulating Cisco routers to breach multinational organizations in the US and Japan.

Dark Reading 2023年09月29日 204 觀看次數

China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies

Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to access the networks of various companies in the two countries.

The Hacker News 2023年09月29日 197 觀看次數

Cisco urges admins to fix IOS software zero-day exploited in attacks

Cisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerability targeted by attackers in the wild.

Bleeping Computer 2023年09月29日 173 觀看次數