相關新聞 | HKCERT

Threat actors use beta apps to bypass mobile app store security

The FBI is warning of a new tactic used by cybercriminals where they promote malicious "beta" versions of cryptocurrency investment apps on popular mobile app stores that are then used to steal crypto. [...]

Bleepingcomputer 2023年08月15日 215 觀看次數

Sites scramble to block ChatGPT web crawler after instructions emerge

Without announcement, OpenAI recently added details about its web crawler, GPTBot, to its online documentation site. GPTBot is the name of the user agent that the company uses to retrieve webpages to train the AI models behind ChatGPT, such as GPT-4. Earlier...

Ars Technica 2023年08月12日 225 觀看次數

EvilProxy Cyberattack Flood Targets Execs via Microsoft 365

A campaign sent 120,000 phishing emails in three months, circumventing MFA to compromise cloud accounts of high-level executives at global organizations

Dark Reading 2023年08月11日 295 觀看次數

Gafgyt malware exploits five-years-old flaw in EoL Zyxel router

Fortinet has issued an alert warning that the Gafgyt botnet malware is actively trying to exploit a vulnerability in the end-of-life Zyxel P660HN-T1A router in thousands of daily attacks. [...]

Bleepingcomputer 2023年08月11日 238 觀看次數

Rhysida Ransomware Trains Its Sights on Healthcare Operations

The new group has already made an impact in multiple countries and industries, including a multistate hospital chain in the US.

Dark Reading 2023年08月11日 386 觀看次數

EvilProxy phishing campaign targets 120,000 Microsoft 365 users

EvilProxy is becoming one of the more popular phishing platforms to target MFA-protected accounts, with researchers seeing 120,000 phishing emails sent to over a hundred organizations to steal Microsoft 365 accounts.

Bleeping Computer 2023年08月10日 261 觀看次數

Hackers use open source Merlin post-exploitation toolkit in attacks

Ukraine is warning of a wave of attacks targeting state organizations using 'Merlin,' an open-source post-exploitation and command and control framework.

Bleeping Computer 2023年08月10日 247 觀看次數

New BitForge cryptocurrency wallet flaws lets hackers steal crypto

Multiple zero-day vulnerabilities named 'BitForge' in the implementation of widely used cryptographic protocols like GG-18, GG-20, and Lindell 17 affected popular cryptocurrency wallet providers, including Coinbase, ZenGo, Binance, and many more.

Bleeping Computer 2023年08月10日 242 觀看次數

QakBot Malware Operators Expand C2 Network with 15 New Servers

The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late June 2023.

The Hacker News 2023年08月10日 262 觀看次數

Author discovers AI-generated counterfeit books written in her name on Amazon

Amazon resisted a removal request, citing lack of "trademark registration numbers."

Ars Technica 2023年08月09日 233 觀看次數