相關新聞 | HKCERT

Thousands of GitHub repositories deliver fake PoC exploits with malware

Researchers at the Leiden Institute of Advanced Computer Science found thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for various vulnerabilities, some of them including malware.

Bleepingcomputer 2022年10月24日 243 觀看次數

Health system data breach due to Meta Pixel hits 3 million patients

Advocate Aurora Health (AAH), a 26-hospital healthcare system in Wisconsin and Illinois, is notifying its patients of a data breach that exposed the personal data of 3,000,000 patients.

Bleepingcomputer 2022年10月21日 266 觀看次數

These 16 Clicker Malware Infected Android Apps Were Downloaded Over 20 Million Times

As many as 16 malicious apps with over 20 million cumulative downloads have been taken down from the Google Play Store after they were caught committing mobile ad fraud.

Bleepingcomputer 2022年10月21日 264 觀看次數

Experts Warn of Stealthy PowerShell Backdoor Disguising as Windows Update

Details have emerged about a previously undocumented and fully undetectable (FUD) PowerShell backdoor that gains its stealth by disguising itself as part of a Windows update process.

Thehackernews 2022年10月20日 273 觀看次數

Microsoft data breach exposes customers’ contact info, emails

Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet.

Bleepingcomputer 2022年10月20日 607 觀看次數

Hackers compromised Hong Kong govt agency network for a year

Researchers at Symantec have uncovered cyberattacks attributed to the China-linked espionage actor APT41 (a.k.a. Winnti) that breached government agencies in Hong Kong and remained undetected for a year in some cases.

Bleepingcomputer 2022年10月19日 338 觀看次數

Researchers Say Microsoft Office 365 Uses Broken Email Encryption to Secure Messages

New research has disclosed what's being called a security vulnerability in Microsoft 365 that could be exploited to infer message contents due to the use of a broken cryptographic algorithm. [...]

Thehackernews 2022年10月18日 290 觀看次數

Windows Mark of the Web bypass zero-day gets unofficial patch

A free unofficial patch has been released through the 0patch platform to address an actively exploited zero-day flaw in the Windows Mark of the Web (MotW) security mechanism. [...]

Bleepingcomputer 2022年10月18日 270 觀看次數

New PHP information-stealing malware targets Facebook accounts

Threat analysts have spotted a new Ducktail campaign using a new infostealer variant and novel TTPs (tactics, techniques, and procedures), while the Facebook users it targets are no longer limited to holders of business accounts. [...]

Bleepingcomputer 2022年10月16日 254 觀看次數

Over 45,000 VMware ESXi servers just reached end-of-life

Over 45,000 VMware ESXi servers inventoried by Lansweeper just reached end-of-life (EOL), with VMware no longer providing software and security updates unless companies purchase an extended support contract. [...]

Bleepingcomputer 2022年10月16日 244 觀看次數