相關新聞 | HKCERT

Ubuntu 'command-not-found' tool can be abused to spread malware

A logic flaw between Ubuntu's 'command-not-found' package suggestion system and the snap package repository could enable attackers to promote malicious Linux packages to unsuspecting users. [...]

Bleepingcomputer 2024年02月15日 165 觀看次數

US says AI models can’t hold patents

Inventors must be human, but there's still a condition where AI can officially help.

Ars Technica 2024年02月15日 146 觀看次數

Hackers used new Windows Defender zero-day to drop DarkMe malware

Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan (RAT).

Bleeping Computer 2024年02月14日 206 觀看次數

Ivanti Vulnerability Exploited to Install 'DSLog' Backdoor on 670+ IT Infrastructures

Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices.

The Hacker News 2024年02月14日 212 觀看次數

Fake LastPass lookalike made it into Apple App Store

LastPass says a rogue application impersonating its popular password manager made it past Apple's gatekeepers and was listed in the iOS App Store for unsuspecting folks to download and install. [...]

The Register 2024年02月09日 196 觀看次數

New Fortinet RCE flaw in SSL VPN likely exploited in attacks

Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks. [...]

Bleepingcomputer 2024年02月09日 159 觀看次數

Data of 7,400 students, scholars leaked in HKU breach

The Faculty of Education at the University of Hong Kong (HKU) on Wednesday said the personal data of around 7,400 students, academic visitors and research programme applicants may have been leaked in a cyberattack on January 30.

RTHK 2024年02月08日 157 觀看次數

Facebook ads push new Ov3r_Stealer password-stealing malware

A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency.

Bleeping Computer 2024年02月08日 152 觀看次數

3 million smart toothbrushes were just used in a DDoS attack. Really

What's next, malware-infected dental floss? But seriously: It's a reminder that even the smallest smart home devices can be a threat. Here's how to protect yourself.

ZDnet 2024年02月07日 155 觀看次數

Critical Bugs in Canon Small Office Printers Allow Code Execution, DDoS

A grouping of serious printer bugs, unveiled at last summer's Pwn2Own, were patchless for months, but are finally fixed now.

Dark Reading 2024年02月07日 149 觀看次數