相關新聞
W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks
A severe flaw in the W3 Total Cache plugin installed on more than one million WordPress sites could give attackers access to various information, including metadata on cloud-based apps. [...]
Bleepingcomputer
2025年01月17日 92 觀看次數
Attackers Hijack Google Advertiser Accounts to Spread Malware
It's an especially brazen form of malvertising, researchers say, striking at the heart of Google's business; the tech giant says it's aware of the issue and is working quickly to address the problem.
Dark Reading
2025年01月16日 140 觀看次數
MFA Failures - The Worst is Yet to Come
This article delves into the rising tide of MFA failures, the alarming role of generative AI in amplifying these attacks, the growing user discontent weakening our defenses, and the glaring vulnerabilities being frequently exploited. The storm is building, and the worst is yet to come...
Bleepingcomputer
2025年01月16日 90 觀看次數
Miscreants 'mass exploited' Fortinet firewalls, 'highly probable' zero-day used
Ransomware 'not off the table,' Arctic Wolf threat hunter tells El Reg
Updated Miscreants running a "mass exploitation campaign" against Fortinet firewalls, which peaked in December, may be using an unpatched zero-day vulnerability to compromise the equipment, according to...
The Register
2025年01月15日 66 觀看次數
Phishing texts trick Apple iMessage users into disabling protection
Cybercriminals are exploiting a trick to turn off Apple iMessage's built-in phishing protection for a text and trick users into re-enabling disabled phishing links. [...]
Bleepingcomputer
2025年01月13日 102 觀看次數
Banshee 2.0 Malware Steals Apple's Encryption to Hide on Macs
The most recent iteration of the open source infostealer skates by antivirus programs on Macs, using an encryption mechanism stolen from Apple's own antivirus product.
Dark Reading
2025年01月10日 109 觀看次數
Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed
Here's what $20 gets you these days
More than 4,000 unique backdoors are using expired domains and/or abandoned infrastructure, and many of these expose government and academia-owned hosts – thus setting these hosts up for hijacking by criminals who...
The Register
2025年01月09日 63 觀看次數
Green Bay Packers' Online Pro Shop Sacked by Payment Skimmer
Cyberattackers injected the NFL Wild Card team's online Pro Shop with malicious code to steal credit-card data from 8,500 fans.
Dark Reading
2025年01月09日 71 觀看次數
CISA warns of critical Oracle, Mitel flaws exploited in attacks
CISA has warned U.S. federal agencies to secure their systems against critical vulnerabilities in Oracle WebLogic Server and Mitel MiCollab systems that are actively exploited in attacks. [...]
Bleepingcomputer
2025年01月08日 125 觀看次數
MediaTek rings in the new year with a parade of chipset vulns
Manufacturers should have had ample time to apply the fixes
MediaTek kicked off the first full working week of the new year by disclosing a bevy of security vulnerabilities, including a critical remote code execution bug affecting 51 chipsets.…
The Register
2025年01月06日 82 觀看次數
