相關新聞 | HKCERT

Ivanti discloses new critical auth bypass bug in MobileIron Core

IT software company Ivanti disclosed today a new critical security vulnerability in its MobileIron Core mobile device management software.

Bleepingcomputer 2023年08月03日 247 觀看次數

Russian hackers target govt orgs in Microsoft Teams phishing attacks

Microsoft says a hacking group tracked as APT29 and linked to Russia's Foreign Intelligence Service (SVR) targeted dozens of organizations worldwide, including government agencies, in Microsoft Teams phishing attacks.

Bleepingcomputer 2023年08月03日 349 觀看次數

Canon Inkjet Printers at Risk for Third-Party Compromise via Wi-Fi

Nearly 200 models are affected by vulnerability that may give wireless access to unauthorized third parties.

Dark Reading 2023年08月02日 227 觀看次數

Threat actors abuse Google AMP for evasive phishing attacks

Security researchers are warning of increased phishing activity that abuses Google Accelerated Mobile Pages (AMP) to bypass email security measures and get to inboxes of enterprise employees. [...]

Bleepingcomputer 2023年08月02日 332 觀看次數

Google: Android patch gap makes n-days as dangerous as zero-days

Google has published its annual -day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that elevates the value and use of disclosed flaws for extended periods. [...]

Bleepingcomputer 2023年07月30日 496 觀看次數

Israel's largest oil refinery website offline after DDoS attack

Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group's cyber systems. [...]

Bleepingcomputer 2023年07月30日 338 觀看次數

Linux version of Abyss Locker ransomware targets VMware ESXi servers

The Abyss Locker operation is the latest to develop a Linux encryptor to target VMware's ESXi virtual machines platform in attacks on the enterprise. [...]

Bleepingcomputer 2023年07月29日 471 觀看次數

Hackers Target Apache Tomcat Servers for Mirai Botnet and Crypto Mining

Misconfigured and poorly secured Apache Tomcat servers are being targeted as part of a new campaign designed to deliver the Mirai botnet malware and cryptocurrency miners.

The Hacker News 2023年07月28日 251 觀看次數

New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads

A new malvertising campaign has been observed leveraging ads on Google Search and Bing to target users seeking IT tools like AnyDesk, Cisco AnyConnect VPN, and WinSCP, and trick them into downloading trojanized installers with an aim to breach enterprise networks and likely carry out future ransomware...

The Hacker News 2023年07月28日 246 觀看次數

Zimbra patches zero-day vulnerability exploited in XSS attacks

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers.

Bleeping Computer 2023年07月28日 235 觀看次數