相關新聞
VMware fixes critical zero-day exploit chain used at Pwn2Own
VMware has released security updates to address zero-day vulnerabilities that could be chained to gain code execution systems running unpatched versions of the company's Workstation and Fusion software hypervisors. [...]
Bleepingcomputer
2023年04月26日 442 觀看次數
Google Authenticator will now sync your 2FA codes to use on different devices
The cloud-based syncing means you can access the two-factor authenticator codes from any device.
ZDnet
2023年04月25日 876 觀看次數
Hackers can breach networks using data on resold corporate routers
Enterprise-level network equipment on the secondary market hide sensitive data that hackers could use to breach corporate environments or to obtain customer information. [...]
Bleepingcomputer
2023年04月24日 275 觀看次數
EvilExtractor malware activity spikes in Europe and the U.S.
Researchers are seeing a rise in attacks spreading the EvilExtractor data theft tool, used to steal users' sensitive data in Europe and the U.S. [...]
Bleepingcomputer
2023年04月22日 270 觀看次數
Google ads push BumbleBee malware used by ransomware gangs
The enterprise-targeting Bumblebee malware is distributed through Google Ads and SEO poisoning that promote popular software like Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace. [...]
Bleepingcomputer
2023年04月22日 339 觀看次數
Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach
Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized X_TRADER application. The new findings, which come...
The Hacker News
2023年04月22日 281 觀看次數
Attackers use abandoned WordPress plugin to backdoor websites
Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors.
Bleepingcomputer
2023年04月21日 257 觀看次數
Microsoft Defender update causes Windows Hardware Stack Protection mess
In a confusing mess, a recent Microsoft Defender update rolled out a new security feature called 'Kernel-mode Hardware-enforced Stack Protection,' while removing the LSA protection feature. Unfortunately, Microsoft has not provided any documentation on this change, leading to more questions...
Bleepingcomputer
2023年04月20日 270 觀看次數
Hackers actively exploit critical RCE bug in PaperCut servers
Print management software developer PaperCut is warning customers to update their software immediately, as hackers are actively exploiting flaws to gain access to vulnerable servers. [...]
Bleepingcomputer
2023年04月19日 243 觀看次數
US, UK warn of govt hackers using custom malware on Cisco routers
The US, UK, and Cisco are warning of Russian state-sponsored APT28 hackers deploying a custom malware named 'Jaguar Tooth' on Cisco IOS routers, allowing unauthenticated access to the device. [...]
Bleepingcomputer
2023年04月19日 248 觀看次數