相關新聞 | HKCERT

Attackers bypass Coinbase and MetaMask 2FA via TeamViewer, fake support chat

A crypto-stealing phishing campaign is underway to bypass multi-factor authentication and gain access to accounts on Coinbase, MetaMask, Crypto.com, and KuCoin and steal cryptocurrency.

Bleepingcomputer 2022年11月22日 292 觀看次數

Google Chrome extension used to steal cryptocurrency, passwords

An information-stealing Google Chrome browser extension named 'VenomSoftX' is being deployed by Windows malware to steal cryptocurrency and clipboard contents as users browse the web.

Bleepingcomputer 2022年11月22日 275 觀看次數

New attacks use Windows security bypass zero-day to drop malware

New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security warnings. [...]

Bleepingcomputer 2022年11月20日 237 觀看次數

New ransomware encrypts files, then steals your Discord account

The new 'AXLocker' ransomware family is not only encrypting victims' files and demanding a ransom payment but also stealing the Discord accounts of infected users. [...]

Bleepingcomputer 2022年11月20日 261 觀看次數

F5 fixes two remote code execution flaws in BIG-IP, BIG-IQ

F5 has released hotfixes for its BIG-IP and BIG-IQ products, addressing two high-severity flaws allowing attackers to perform unauthenticated remote code execution (RCE) on vulnerable endpoints. [...]

Bleepingcomputer 2022年11月18日 305 觀看次數

FBI: Hive ransomware extorted $100M from over 1,300 victims

The Federal Bureau of Investigation (FBI) said today that the notorious Hive ransomware gang has successfully extorted roughly $100 million from over a thousand companies since June 2021. [...]

Bleepingcomputer 2022年11月18日 357 觀看次數

Microsoft fixes Windows Kerberos auth issues in emergency updates

Microsoft has released optional out-of-band (OOB) updates to fix a known issue triggering Kerberos sign-in failures and other authentication problems on enterprise Windows domain controllers after installing cumulative updates released during November's Patch Tuesday. [.....

Bleepingcomputer 2022年11月18日 342 觀看次數

Researchers Discover Hundreds of Amazon RDS Instances Leaking Users' Personal Data

Hundreds of databases on Amazon Relational Database Service (Amazon RDS) are exposing personal identifiable information (PII), new findings from Mitiga, a cloud incident response company, show.[...]

The Hacker News 2022年11月17日 305 觀看次數

Twitter source code indicates end-to-end encrypted DMs are coming

Twitter is reportedly working on finally adding end-to-end encryption (E2EE) for direct messages (DMs) exchanged between users on the social media platform. [...]

Bleepingcomputer 2022年11月17日 338 觀看次數

Warning: New RapperBot Campaign Aims to Launch DDoS Attacks at Game Servers

Cybersecurity researchers have unearthed new samples of malware called RapperBot that are being used to build a botnet capable of launching Distributed Denial of Service (DDoS) attacks against game servers.[...]

The Hacker News 2022年11月17日 351 觀看次數