相關新聞 | HKCERT

Microsoft OneNote will block 120 dangerous file extensions

Microsoft has shared more information on what types of malicious embedded files OneNote will soon block to defend users against ongoing phishing attacks pushing malware. [...]

Bleepingcomputer 2023年03月31日 263 觀看次數

Winter Vivern hackers exploit Zimbra flaw to steal NATO emails

A Russian hacking group tracked as TA473, aka 'Winter Vivern,' has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since February 2023 to steal the emails of NATO officials, governments, military personnel, and diplomats. [...]

Bleepingcomputer 2023年03月31日 241 觀看次數

QNAP warns customers to patch Linux Sudo flaw in NAS devices

Taiwanese hardware vendor QNAP warns customers to secure their Linux-powered network-attached storage (NAS) devices against a high-severity Sudo privilege escalation vulnerability. [...]

Bleepingcomputer 2023年03月30日 270 觀看次數

MacStealer Malware Plucks Bushels of Data From Apple Users

A novel cyber threat against macOS users is being sold for $100 a pop on the Dark Web, and activity is ramping up.

Dark Reading 2023年03月29日 273 觀看次數

Microsoft Defender mistakenly tagging URLs as malicious

Microsoft Defender is mistakenly flagging legitimate links as malicious, with some customers having already received dozens of alert emails since the issues began over five hours ago. [...]

Bleepingcomputer 2023年03月29日 262 觀看次數

Trojanized Tor browsers target Russians with crypto-stealing malware

A surge of trojanized Tor Browser installers targets Russians and Eastern Europeans with clipboard-hijacking malware that steals infected users' cryptocurrency transactions. [...]

Bleepingcomputer 2023年03月29日 229 觀看次數

WiFi protocol flaw allows attackers to hijack network traffic

Cybersecurity researchers have discovered a fundamental security flaw in the design of the IEEE 802.11 WiFi protocol standard, allowing attackers to trick access points into leaking network frames in plaintext form. [...]

Bleepingcomputer 2023年03月29日 250 觀看次數

Apple fixes recently disclosed WebKit zero-day on older iPhones

Apple has released security updates to backport patches released last month, addressing an actively exploited zero-day bug for older iPhones and iPads. [...]

Bleepingcomputer 2023年03月28日 234 觀看次數

Exchange Online to block emails from vulnerable on-prem servers

Microsoft is introducing a new Exchange Online security feature that will automatically start throttling and eventually block all emails sent from "persistently vulnerable Exchange servers" 90 days after the admins are pinged to secure them. [...]

Bleepingcomputer 2023年03月28日 377 觀看次數

Lawyers cough up $200k after health data stolen in Microsoft Exchange pillaging

In addition to $100k given to LockBit New York law firm Heidell, Pittoni, Murphy and Bach (HPMB) has agreed to pay $200,000 to settle a data-breach lawsuit related to the now-notorious Hafnium Microsoft Exchange attacks that siphoned...

The Register 2023年03月28日 253 觀看次數