相關新聞
GitLab affected by GitHub-style CDN flaw allowing malware hosting
BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy.
Bleeping Computer
2024年04月23日 51 觀看次數
Wave of ransomware on the cheap: junk guns still okay for small targets
Researchers observe a flood of crude and amateurish ransomware. But it’s cheap, difficult to trace, and comes in many flavors. This spells trouble for small business owners and other individuals.
CyberNews
2024年04月23日 41 觀看次數
LastPass users targeted in phishing attacks good enough to trick even the savvy
Campaign used email, SMS, and voice calls to trick targets into divulging master passwords.
Ars Technica
2024年04月19日 106 觀看次數
SoumniBot malware exploits Android bugs to evade detection
A new Android banking malware named 'SoumniBot' is using a less common obfuscation approach by exploiting weaknesses in the Android manifest extraction and parsing procedure. [...]
Bleepingcomputer
2024年04月18日 103 觀看次數
Cisco warns of large-scale brute-force attacks against VPN services
Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide. [...]
Bleepingcomputer
2024年04月17日 110 觀看次數
CISA in a flap as Chirp smart door locks can be trivially unlocked remotely
Hard-coded credentials last thing you want in home security app Some smart locks controlled by Chirp Systems' software can be remotely unlocked by strangers thanks to a critical security vulnerability.…
The Register
2024年04月16日 110 觀看次數
Cisco Duo's Multifactor Authentication Service Breached
A third-party telephony service provider for Cisco Duo falls prey to social engineering, and the company advises customer vigilance against subsequent phishing attacks.
Dark Reading
2024年04月16日 98 觀看次數
Delinea Secret Server customers should apply latest patches
Attackers could nab an org's most sensitive keys if left unaddressed Updated Customers of Delinea's Secret Server are being urged to upgrade their installations "immediately" after a researcher claimed a critical vulnerability could allow attackers to gain admin-level access.…
The Register
2024年04月16日 91 觀看次數
Microsoft will limit Exchange Online bulk emails to fight spam
Microsoft has announced plans to fight spam by imposing a daily Exchange Online bulk email limit of 2,000 external recipients starting January 2025. [...]
Bleepingcomputer
2024年04月16日 99 觀看次數
Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users
Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy.
Cyware News
2024年04月15日 118 觀看次數