相關新聞
Report: Fileless Attacks Increase by 1,400%
Protecting runtime environments requires at least a monitoring approach that includes scanning for known malicious files and network communications, then blocking them and alerting when they appear. However, this is still insufficient.
Cyware News
2023年07月04日 260 觀看次數
Free Akira ransomware decryptor helps recover your files
Cybersecurity firm Avast has released a free decryptor for the Akira ransomware. Akira first appeared in March 2023 and made a name for itself by quickly amassing victims as it targeted organizations worldwide in a broad range of sectors.
Cyware News
2023年07月01日 236 觀看次數
Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts
As many as 200,000 WordPress websites are at risk of ongoing attacks exploiting a critical unpatched security vulnerability in the Ultimate Member plugin. The flaw, tracked as CVE-2023-3460 (CVSS score: 9.8), impacts all versions of the Ultimate...
The Hacker News
2023年07月01日 258 觀看次數
More than 16 million people and counting have had data exposed in MOVEit breaches
Since June 1, experts have warned of the vulnerability affecting the popular file transfer software, and dozens of the biggest organizations in the U.S. and Europe have since come forward to reveal that they were affected by the situation.
Cyware News
2023年07月01日 306 觀看次數
MITRE releases new list of top 25 most dangerous software bugs
MITRE shared today this year's list of the top 25 most dangerous weaknesses plaguing software during the previous two years. [...]
Bleepingcomputer
2023年06月30日 301 觀看次數
Researchers Detail 4 SAP Bugs, Including Flaw in ABAP Kernel
Patches are available for three bugs, but with technical details and PoCs now available, threat actors can craft targeted attacks.
Dark Reading
2023年06月30日 275 觀看次數
NPM Plagued With 'Manifest Confusion' Malware-Hiding Weakness
The popular package manager for software developers has been vulnerable to this attack vector for a while, and negligent in fixing the problem, according to a former employee.
Dark Reading
2023年06月29日 270 觀看次數
Warning: JavaScript registry npm vulnerable to 'manifest confusion' abuse
Failure to match metadata with packaged files is perfect for supply chain attacks
The npm Public Registry, a database of JavaScript packages, fails to compare npm package manifest data with the archive of files that data describes, creating an opportunity for the installation and execution of...
The Register
2023年06月28日 266 觀看次數
Anatsa Android trojan now steals banking info from users in US, UK
A new mobile malware campaign since March 2023 pushes the Android banking trojan 'Anatsa' to online banking customers in the U.S., the U.K., Germany, Austria, and Switzerland.
Bleeping Computer
2023年06月27日 226 觀看次數
Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack
An unknown cryptocurrency exchange located in Japan was the target of a new attack earlier this month to deploy an Apple macOS backdoor called JokerSpy.
The Hacker News
2023年06月27日 253 觀看次數