相關新聞 | HKCERT

LockBit ransomware gang gets aggressive with triple-extortion tactic

LockBit ransomware gang announced that it is improving defenses against distributed denial-of-service (DDoS) attacks and working to take the operation to triple extortion level. [...]

Bleepingcomputer 2022年08月29日 285 觀看次數

Fake 'Cthulhu World' P2E project used to push info-stealing malware

Hackers have created a fake 'Cthulhu World' play-to-earn community, including websites, Discord groups, social accounts, and a Medium developer site, to distribute the Raccoon Stealer, AsyncRAT, and RedLine password-stealing malware infections on unsuspecting victims....

Bleepingcomputer 2022年08月27日 241 觀看次數

Hackers abuse Genshin Impact anti-cheat system to disable antivirus

Hackers are abusing an anti-cheat system driver for the immensely popular Genshin Impact game to disable antivirus software while conducting ransomware attacks.

Bleepingcomputer 2022年08月26日 470 觀看次數

Hackers adopt Sliver toolkit as a Cobalt Strike alternative

Threat actors are dumping the Cobalt Strike penetration testing suite in favor of similar frameworks that are less known. After Brute Ratel, the open-source, cross-platform kit called Sliver is becoming an attractive alternative.

Bleepingcomputer 2022年08月26日 826 觀看次數

Phishing attacks abusing SaaS platforms see a massive 1,100% growth

Threat actors are increasingly abusing legitimate software-as-a-service (SaaS) platforms like website builders and personal branding spaces to create malicious phishing websites that steal login credentials. [...]

Bleepingcomputer 2022年08月24日 294 觀看次數

Fake DDoS Protection Alerts Distribute Dangerous RAT

Threat actors are spoofing Cloudflare DDoS bot-checks in an attempt to drop a remote-access Trojan (RAT) on systems belonging to visitors to some previously compromised WordPress websites. [...]

darkreading 2022年08月23日 398 觀看次數

Over 80,000 exploitable Hikvision cameras exposed online

Security researchers have discovered over 80,000 Hikvision cameras vulnerable to a critical command injection flaw that's easily exploitable via specially crafted messages sent to the vulnerable web server. [...]

Bleepingcomputer 2022年08月23日 586 觀看次數

An encrypted ZIP file can have two correct passwords — here's why

Password-protected ZIP archives are common means of compressing and sharing sets of files—from sensitive documents to malware samples to even malware (phishing "invoices" in emails). But, did you know it is possible for an encrypted ZIP file to have two...

Bleepingcomputer 2022年08月22日 292 觀看次數

Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug

Hackers have exploited a zero-day vulnerability in General Bytes Bitcoin ATM servers to steal cryptocurrency from customers. [...]

Bleepingcomputer 2022年08月21日 345 觀看次數

Hackers target hotel and travel companies with fake reservations

A hacker tracked as TA558 has upped their activity this year, running phishing campaigns that target multiple hotels and firms in the hospitality and travel space. [...]

Bleepingcomputer 2022年08月21日 259 觀看次數