相關新聞 | HKCERT

Hackers target Check Point VPNs to breach enterprise networks

Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company warned in a Monday advisory. [...]

Bleepingcomputer 2024年05月28日 158 觀看次數

TP-Link fixes critical RCE bug in popular C5400X gaming router

The TP-Link Archer C5400X gaming router is vulnerable to security flaws that could enable an unauthenticated, remote attacker to execute commands on the device. [...]

Bleepingcomputer 2024年05月28日 113 觀看次數

Sav-Rx discloses data breach impacting 2.8 million Americans

Prescription management company Sav-Rx is warning over 2.8 million people in the United States that it suffered a data breach, stating that their personal data was stolen in a 2023 cyberattack. [...]

Bleepingcomputer 2024年05月27日 102 觀看次數

Arc browser’s Windows launch targeted by Google ads malvertising

A new Google Ads malvertising campaign, coinciding with the launch of the Arc web browser for Windows, was tricking people into downloading trojanized installers that infect them with malware payloads. [...]

Bleepingcomputer 2024年05月25日 131 觀看次數

CISA Warns of Actively Exploited Apache Flink Security Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities (KEV) catalog, ...

The Hacker News 2024年05月24日 208 觀看次數

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

Ransomware attacks targeting VMware ESXi infrastructure following an established pattern regardless of the file-encrypting malware deployed. [...]

The Hacker News 2024年05月24日 189 觀看次數

GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack

Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions (EDRs) and thwart detection in what's called a Bring Your Own Vulnerable Driver (BYOVD) attack.

The Hacker News 2024年05月23日 270 觀看次數

Critical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms

An on-by-default endpoint in ubiquitous logging service Fluent Bit contains an oversight that hackers can toy with to rattle most any cloud environment.

Dark Reading 2024年05月21日 237 觀看次數

QNAP QTS zero-day in Share feature gets public RCE exploit

An extensive security audit of QNAP QTS, the operating system for the company's NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed. [...]

Bleepingcomputer 2024年05月20日 154 觀看次數

Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising

A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP. [...]

Bleepingcomputer 2024年05月19日 192 觀看次數