相關新聞 | HKCERT

Almost 900 servers hacked using Zimbra zero-day flaw

Almost 900 servers have been hacked using a critical Zimbra Collaboration Suite (ZCS) vulnerability, which at the time was a zero-day without a patch for nearly 1.5 months. [...]

Bleepingcomputer 2022年10月15日 228 觀看次數

Feature-Rich 'Alchimist' Cyberattack Framework Targets Windows, Mac, Linux Environments

The comprehensive, multiplatform framework comes loaded with weapons, and it is likely another effort by a China-based threat group to develop an alternative to Cobalt Strike and Sliver.

Dark Reading 2022年10月14日 276 觀看次數

Unofficial WhatsApp Android app caught stealing users’ accounts

A new version of an unofficial WhatsApp Android application named 'YoWhatsApp' has been found stealing access keys for users' accounts.

Bleeping Computer 2022年10月13日 286 觀看次數

All Windows versions can now block admin brute-force attacks

Microsoft announced today that IT admins can now configure any Windows system still receiving security updates to automatically block brute force attacks targeting local administrator accounts via a group policy. [...]

Bleepingcomputer 2022年10月12日 280 觀看次數

Android leaks some traffic even when 'Always-on VPN' is enabled

Mullvad VPN has discovered that Android leaks traffic every time the device connects to a WiFi network, even if the "Block connections without VPN," or "Always-on VPN," features is enabled. [...]

Bleepingcomputer 2022年10月12日 284 觀看次數

The 2020-2022 ATM/PoS malware landscape

Attacks using ATM or PoS malware are on the rise again in 2022 after the COVID-19 lockdowns. The post The 2020-2022 ATM/PoS malware landscape appeared first on TechRepublic.

TechRepublic 2022年10月12日 233 觀看次數

Fortinet warns admins to patch critical auth bypass bug immediately

Fortinet has warned administrators to update FortiGate firewalls and FortiProxy web proxies to the latest versions, which address a critical severity vulnerability.

Bleeping Computer 2022年10月10日 284 觀看次數

Hackers exploiting unpatched RCE bug in Zimbra Collaboration Suite

Hackers are actively exploiting an unpatched remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS), a widely deployed web client and email server.

Bleeping Computer 2022年10月10日 319 觀看次數

Linux kernel 5.19.12 code could cause permanent damage to some laptop displays

For desktop Linux users, updating to a new Linux kernel typically carries relatively small, contained risks: wonky drivers, GRUB pain, maybe a full wipe and reinstall. For one subset of laptop owners on rolling release distributions, however, kernel version 5.19...

arstechnica 2022年10月07日 278 觀看次數

Meta sues app dev for stealing over 1 million WhatsApp accounts

Meta has sued several Chinese companies doing business as HeyMods, Highlight Mobi, and HeyWhatsApp for developing and allegedly using "unofficial" WhatsApp Android apps to steal over one million WhatsApp accounts starting May 2022.

Bleepingcomputer 2022年10月07日 300 觀看次數