相關新聞 | HKCERT

Apple releases emergency update to fix zero-day exploited in attacks

Apple has issued a new round of Rapid Security Response (RSR) updates to address a new zero-day bug exploited in attacks and impacting fully-patched iPhones, Macs, and iPads. [...]

Bleepingcomputer 2023年07月11日 480 觀看次數

Microsoft: Windows 11 21H2 reaching end of service in October

Microsoft warned customers today that multiple editions of Windows 11, version 21H2, will reach the end-of-service (EOS) in three months, on October 10, 2023. [...]

Bleepingcomputer 2023年07月11日 387 觀看次數

VMware warns of exploit available for critical vRealize RCE bug

VMware warned customers today that exploit code is now available for a critical vulnerability in the VMware Aria Operations for Logs analysis tool, which helps admins manage terabytes worth of app and infrastructure logs in large-scale environments. [...]

Bleepingcomputer 2023年07月11日 253 觀看次數

MOVEit Transfer customers warned to patch new critical flaw

MOVEit Transfer, the software at the center of the recent massive spree of Clop ransomware breaches, has received an update that fixes a critical-severity SQL injection bug and two other less severe vulnerabilities.

Bleeping Computer 2023年07月10日 242 觀看次數

New ‘Big Head’ ransomware displays fake Windows update alert

Security researchers have dissected a recently emerged ransomware strain named ‘Big Head’ that may be spreading through malvertising that promotes fake Windows updates and Microsoft Word installers.

Bleeping Computer 2023年07月10日 278 觀看次數

StackRot Linux Kernel Bug Has Exploit Code on the Way

Linus Torvalds led a Linux kernel team in developing a set of patches for the privilege escalation flaw.

Dark Reading 2023年07月07日 329 觀看次數

Cisco warns of bug that lets attackers break traffic encryption

Tracked as CVE-2023-20185, the flaw was found during internal security testing in the ACI Multi-Site CloudSec encryption feature of data center Cisco Nexus 9000 Series Fabric Switches.

Cyware News 2023年07月06日 271 觀看次數

New tool exploits Microsoft Teams bug to send malware to users

A member of U.S. Navy's red team has published a tool called TeamsPhisher that leverages an unresolved security issue in Microsoft Teams to bypass restrictions for incoming files from users outside of a targeted organization, the so-called external tenants. [...

Bleepingcomputer 2023年07月05日 267 觀看次數

Mexico-Based Hacker Targets Global Banks With Android Malware

Packet Storm 2023年07月04日 302 觀看次數

New Python Tool Checks NPM Packages for Manifest Confusion Issues

A malicious actor could manipulate the manifest data of a new package, and potentially expose developers to risks such as cache poisoning, installation of unknown dependencies, execution of unknown scripts, and possibly even downgrade attacks.

Cyware News 2023年07月04日 283 觀看次數