相關新聞 | HKCERT

New SHC-compiled Linux malware installs cryptominers, DDoS bots

A new Linux malware downloader created using SHC (Shell Script Compiler) has been spotted in the wild, infecting systems with Monero cryptocurrency miners and DDoS IRC bots. [...]

Bleepingcomputer 2023年01月05日 762 觀看次數

Rackspace confirms Play ransomware was behind recent cyberattack

Texas-based cloud computing provider Rackspace has confirmed that the Play ransomware operation was behind a recent cyberattack that took down the company's hosted Microsoft Exchange environments. [...]

Bleepingcomputer 2023年01月05日 577 觀看次數

Zoho urges admins to patch critical ManageEngine bug immediately

Business software provider Zoho has urged customers to patch a critical security flaw affecting multiple ManageEngine products. [...]

Bleepingcomputer 2023年01月05日 635 觀看次數

BitRAT malware campaign uses stolen bank data for phishing

Threat actors behind a recent malware campaign have been using the stolen information of bank customers in Colombia as lures in phishing emails designed to infect targets with the BitRAT remote access trojan, according to cloud security firm Qualys. [...]

Bleepingcomputer 2023年01月04日 582 觀看次數

Over 60,000 Exchange servers vulnerable to ProxyNotShell attacks

More than 60,000 Microsoft Exchange servers exposed online are yet to be patched against the CVE-2022-41082 remote code execution (RCE) vulnerability, one of the two security flaws targeted by ProxyNotShell exploits. [...]

Bleepingcomputer 2023年01月04日 581 觀看次數

Synology fixes maximum severity vulnerability in VPN routers

Taiwan-based NAS maker Synology has addressed a maximum (10/10) severity vulnerability affecting routers configured to run as VPN servers. [...]

Bleepingcomputer 2023年01月03日 651 觀看次數

Extracting Encrypted Credentials From Common Tools

Attackers are harvesting credentials from compromised systems. Here's how some commonly used tools can enable this.

Dark Reading 2022年12月30日 587 觀看次數

What is a Gmail app password and how do you create one?

If third-party apps need to connect to your Gmail account, your regular Google account password may not be enough. Find out how to use the App Passwords feature and why.

ZDnet 2022年12月30日 1689 觀看次數

Hackers abuse Google Ads to spread malware in legit software

Malware operators have been increasingly abusing the Google Ads platform to spread malware to unsuspecting users searching for popular software products.

Bleepingcomputer 2022年12月29日 570 觀看次數

Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

Thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints remain vulnerable to two critical security flaws disclosed by the company over the last few months. The issues in question are CVE-2022-27510 and CVE-2022-27518 (CVSS...

The Hacker News 2022年12月29日 786 觀看次數