相關新聞 | HKCERT

Apple fixes recently disclosed WebKit zero-day on older iPhones

Apple has released security updates to backport patches released last month, addressing an actively exploited zero-day bug for older iPhones and iPads. [...]

Bleepingcomputer 2023年03月28日 615 觀看次數

Exchange Online to block emails from vulnerable on-prem servers

Microsoft is introducing a new Exchange Online security feature that will automatically start throttling and eventually block all emails sent from "persistently vulnerable Exchange servers" 90 days after the admins are pinged to secure them. [...]

Bleepingcomputer 2023年03月28日 775 觀看次數

Lawyers cough up $200k after health data stolen in Microsoft Exchange pillaging

In addition to $100k given to LockBit New York law firm Heidell, Pittoni, Murphy and Bach (HPMB) has agreed to pay $200,000 to settle a data-breach lawsuit related to the now-notorious Hafnium Microsoft Exchange attacks that siphoned...

The Register 2023年03月28日 624 觀看次數

Emotet malware distributed as fake W-9 tax forms from the IRS

A new Emotet phishing campaign is targeting U.S. taxpayers by impersonating W-9 tax forms allegedly sent by the Internal Revenue Service and companies you work with. [...]

Bleepingcomputer 2023年03月26日 699 觀看次數

Microsoft pushes OOB security updates for Windows Snipping tool flaw

Microsoft released an emergency security update for the Windows 10 and Windows 11 Snipping tool to fix the Acropalypse privacy vulnerability. [...]

Bleepingcomputer 2023年03月26日 1022 觀看次數

Microsoft fixes Acropalypse privacy bug in Windows 11 Snipping Tool

Microsoft is testing an updated version of the Windows 11 Snipping Tool that fixes a recently disclosed 'Acropalypse' privacy flaw that allows the partial restoration of cropped images. [...]

Bleepingcomputer 2023年03月24日 605 觀看次數

WordPress force patching WooCommerce plugin with 500K installs

Automattic, the company behind the WordPress content management system, is force installing a security update on hundreds of thousands of websites running the highly popular WooCommerce Payments for online stores. [...]

Bleepingcomputer 2023年03月24日 658 觀看次數

Facebook accounts hijacked by new malicious ChatGPT Chrome extension

A trojanized version of the legitimate ChatGPT extension for Chrome is gaining popularity on the Chrome Web Store, accumulating over 9,000 downloads while stealing Facebook accounts.

Bleepingcomputer 2023年03月23日 587 觀看次數

PoC exploits released for Netgear Orbi router vulnerabilities

Proof-of-concept exploits for vulnerabilities in Netgear’s Orbi 750 series router and extender satellites have been released, with one flaw a critical severity remote command execution bug.

Bleeping Computer 2023年03月23日 658 觀看次數

Hackers use new PowerMagic and CommonMagic malware to steal data

Security researchers have discovered attacks from an advanced threat actor that used "a previously unseen malicious framework" called CommonMagic and a new backdoor called PowerMagic. [...]

Bleepingcomputer 2023年03月22日 516 觀看次數