相關新聞 | HKCERT

Android SpyNote Attacks Electric and Water Public Utility Users in Japan

A smishing campaign is targeting Japanese Android users by posing as a power and water infrastructure company and luring victims to a phishing website to download the SpyNote malware.

Cyware News 2023年07月21日 145 觀看次數

Adobe emergency patch fixes new ColdFusion zero-day used in attacks

Adobe released an emergency ColdFusion security update that fixes critical vulnerabilities, including a fix for a new zero-day exploited in attacks. [...]

Bleepingcomputer 2023年07月20日 255 觀看次數

Microsoft Relents, Offers Free Critical Logging to All 365 Customers

Industry pushback prompts Microsoft to drop premium pricing for access to cloud logging data.

Dark Reading 2023年07月20日 231 觀看次數

Cybersecurity firm Sophos impersonated by new SophosEncrypt ransomware

Cybersecurity vendor Sophos is being impersonated by a new ransomware-as-a-service called SophosEncrypt, with the threat actors using the company name for their operation. [...]

Bleepingcomputer 2023年07月19日 242 觀看次數

Hackers exploiting critical WordPress WooCommerce Payments bug

Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators, on vulnerable WordPress installation. [...]

Bleepingcomputer 2023年07月18日 220 觀看次數

How AI-Augmented Threat Intelligence Solves Security Shortfalls

Researchers explore how overburdened cyber analysts can improve their threat intelligence jobs by using ChatGPT-like large language models (LLMs).

Dark Reading 2023年07月18日 246 觀看次數

Quick: Manually patch this Zimbra bug that's under attack

Smells like Russian cyber spies (again) A vulnerability in Zimbra's software is being exploited right now by miscreants to compromise systems and attack selected government organizations, experts reckon.…

The Register 2023年07月18日 212 觀看次數

Chinese APT Cracks Microsoft Outlook Emails at 25 Government Agencies

Foreign state-sponsored actors likely had access to privileged state emails for weeks, thanks to a token validation vulnerability.

Dark Reading 2023年07月13日 277 觀看次數

Critical RCE found in popular Ghostscript open-source PDF library

Ghostscript, an open-source interpreter for PostScript language and PDF files widely used in Linux, has been found vulnerable to a critical-severity remote code execution flaw. [...]

Bleepingcomputer 2023年07月13日 270 觀看次數

Cisco Talos Reports Microsoft Windows Policy Loophole Being Exploited by Threat Actor

Learn how a malicious driver exploits a loophole in the Windows operating system to run at kernel level.

TechRepublic 2023年07月12日 251 觀看次數