相關新聞 | HKCERT

Hackers stealing GitHub accounts using fake CircleCI notifications

GitHub is warning of an ongoing phishing campaign that started on September 16 and is targeting its users with emails that impersonate the CircleCI continuous integration and delivery platform.

BleepingComputer 2022年09月23日 265 觀看次數

Microsoft Exchange servers hacked via OAuth apps for phishing

Microsoft says a threat actor gained access to cloud tenants hosting Microsoft Exchange servers in credential stuffing attacks, with the end goal of deploying malicious OAuth applications and sending phishing emails.

BleepingComputer 2022年09月23日 280 觀看次數

Deepfake audio has a tell and researchers can spot it

Imagine the following scenario. A phone rings. An office worker answers it and hears his boss, in a panic, tell him that she forgot to transfer money to the new contractor before she left for the day and needs him to do it. She gives...

arstechnica 2022年09月21日 388 觀看次數

American Airlines discloses data breach after employee email compromise

American Airlines has notified customers of a recent data breach after attackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information. [...]

Bleepingcomputer 2022年09月20日 260 觀看次數

Rockstar Games Confirms 'Grand Theft Auto 6' Breach

The Take-Two Interactive subsidiary acknowledges an attack on its systems, where an attacker downloaded "early development footage for the next Grand Theft Auto" and other assets.

Dark Reading 2022年09月20日 316 觀看次數

Uber explains how it was pwned this month, points finger at Lapsus$ gang

From annoying MFA alerts to 'several internal systems' infiltrated Uber, four days after suffering a substantial cybersecurity breach, has admitted its attacker accessed "several internal systems" including the corporation's G Suite account, and downloaded internal Slack messages and a tool...

The Register 2022年09月20日 296 觀看次數

Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies

Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware.

The Hacker News 2022年09月19日 312 觀看次數

Researchers Warn of Self-Spreading Malware Targeting Gamers via YouTube

Gamers looking for cheats on YouTube are being targeted with links to malicious password-protected archive files designed to install the RedLine Stealer malware and crypto miners on compromised machines. [...]

Thehackernews 2022年09月16日 353 觀看次數

FBI: Hackers steal millions from healthcare payment processors

The Federal Bureau of Investigation (FBI) has issued an alert about hackers targeting healthcare payment processors to route payments to bank accounts controlled by the attacker. [...]

Bleepingcomputer 2022年09月15日 262 觀看次數

New Lenovo BIOS updates fix security bugs in hundreds of models

Chinese computer manufacturer Lenovo has issued a security advisory to warn its clients about several high-severity vulnerabilities impacting a wide range of products in the Desktop, All in One, Notebook, ThinkPad, ThinkServer, and ThinkStation lines. [...]

Bleepingcomputer 2022年09月15日 255 觀看次數