相關新聞 | HKCERT

FBI seizes 13 more domains linked to DDoS-for-hire services

The U.S. Justice Department announced today the seizure of 13 more domains linked to DDoS-for-hire platforms, also known as 'booter' or 'stressor' services. [...]

Bleepingcomputer 2023年05月09日 239 觀看次數

Twitter admits 'security incident' made private Circles not so much

Perhaps one of the thousands of people laid off from the biz could have fixed it, just a thought Twitter has finally admitted a "security incident" caused some users' semi-private Twitter Circle tweets to show up on others' timelines.…

The Register 2023年05月09日 230 觀看次數

Western Digital: Customer info stolen in that IT attack

Hard times for buyers of these hard drives Customer information was stolen from the IT systems of Western Digital in that March IT security breach, forcing the storage manufacturer to shut down its online store until at least next week.…

The Register 2023年05月09日 244 觀看次數

New Cactus ransomware encrypts itself to evade antivirus

A new ransomware operation called Cactus has been exploiting vulnerabilities in VPN appliances for initial access to networks of "large commercial entities." [...]

Bleepingcomputer 2023年05月08日 244 觀看次數

Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry

An advanced persistent threat (APT) actor known as Dragon Breath has been observed adding new layers of complexity to its attacks by adopting a novel DLL side-loading mechanism. "The attack is based on a classic side-loading attack, consisting...

The Hacker News 2023年05月06日 220 觀看次數

New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks

Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a security flaw. The issue, assigned the identifier CVE-2023-30777, relates to a case of reflected cross-site scripting (...

The Hacker News 2023年05月06日 238 觀看次數

Cisco phone adapters vulnerable to RCE attacks, no fix available

Cisco has disclosed a vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters, allowing an unauthenticated, remote attacker to execute arbitrary code on the devices. [...]

Bleepingcomputer 2023年05月05日 363 觀看次數

Gmail gets blue verification checks to protect against spoofing and phishing

Google will give blue checkmarks to some verified senders to ensure trust and confidence with Gmail users.

ZDnet 2023年05月05日 231 觀看次數

Kimsuky hackers use new recon tool to find security gaps

The North Korean Kimsuky hacking group has been observed employing a new version of its reconnaissance malware, now called 'ReconShark,' in a cyberespionage campaign with a global reach. [...]

Bleepingcomputer 2023年05月05日 227 觀看次數

Facebook disrupts new NodeStealer information-stealing malware

Facebook discovered a new information-stealing malware distributed on Meta called 'NodeStealer,' allowing threat actors to steal browser cookies to hijack accounts on the platform, as well as Gmail and Outlook accounts.

Bleepingcomputer 2023年05月04日 238 觀看次數