相關新聞 | HKCERT

Confluence Code Exec Flaw Being Used By Crypto Miners

Packet Storm 2021年09月23日 14 觀看次數

High-Severity RCE Flaw Disclosed in Several Netgear Router Models

Networking equipment company Netgear has released patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system.  Traced as CVE-2021-40847 (CVSS score: 8...

The Hacker News 2021年09月22日 6 觀看次數

Microsoft Warns of a Wide-Scale Phishing-as-a-Service Operation

Microsoft has opened the lid on a large-scale phishing-as-a-service (PHaaS) operation that's involved in selling phishing kits and email templates as well as providing hosting and automated services at a low cost, thus enabling cyber actors to...

The Hacker News 2021年09月22日 8 觀看次數

More than 1 in 3 people have tried to guess someone else's password: 3 in 4 succeed

According to a new study, one in 10 people believe someone could guess their password by looking through their social media.

ZDnet 2021年09月22日 11 觀看次數

Bitdefender releases universal decryptor for REvil/Sodinokibi victims hit before July 13

Bitdefender's Bogdan Botezatu said they have tested the tool against recent attacks and found that it cannot yet decrypt attacks after the July 13 date.

ZDnet 2021年09月17日 85 觀看次數

CISA, FBI: State-Backed APTs May Be Exploiting Critical Zoho Bug

The newly identified bug in a Zoho single sign-on and password management tool has been under active attack since early August.

Threatpost 2021年09月17日 66 觀看次數

Google Is Backing Security Reviews Of These Key Open Source Projects

Packet Storm 2021年09月17日 75 觀看次數

Customer Care Giant TTEC Hit By Ransomware

TTEC, [NASDAQ: TTEC], a company used by some of the world's largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident that appears to be the result of a ransomware attack...

Krebs on Security 2021年09月16日 70 觀看次數

No Patch for High-Severity Bug in Legacy IBM System X Servers

Two of IBM's aging flagship server models, retired in 2020, won’t be patched for a command-injection flaw.

Threatpost 2021年09月16日 26 觀看次數

Mēris Botnet Hit Russia's Yandex With Massive 22 Million RPS DDoS Attack

Russian internet giant Yandex has been the target of a record-breaking distributed denial-of-service (DDoS) attack by a new botnet called Mēris. The botnet is believed to have pummeled the company's web infrastructure with millions of HTTP requests, before...

The Hacker News 2021年09月11日 47 觀看次數