相關新聞 | HKCERT

Malicious ‘SentinelOne’ PyPI package steals data from developers

Threat actors have published a malicious Python package on PyPI, named 'SentinelOne,' that pretends to be the legitimate SDK client for the trusted American cybersecurity firm but, in reality, steals data from developers.

Bleepingcomputer 2022年12月20日 568 觀看次數

Restaurant CRM platform ‘SevenRooms’ confirms breach after data for sale

Restaurant customer management platform SevenRooms has confirmed it suffered a data breach after a threat actor began selling stolen data on a hacking forum.

Bleepingcomputer 2022年12月20日 577 觀看次數

Glupteba malware is back in action after Google disruption

The Glupteba malware botnet has sprung back into action, infecting devices worldwide after its operation was disrupted by Google almost a year ago. [...]

Bleepingcomputer 2022年12月18日 499 觀看次數

T-Mobile hacker gets 10 years for $25 million phone unlock scheme

Argishti Khudaverdyan, the former owner of a T-Mobile retail store, was sentenced to 10 years in prison for a $25 million scheme where he unlocked and unblocked cellphones by hacking into T-Mobile's internal systems. [...]

Bleepingcomputer 2022年12月18日 444 觀看次數

Google introduces end-to-end encryption for Gmail on the web

Google announced on Friday that it's adding end-to-end encryption to Gmail on the web, allowing enrolled Google Workspace users to send and receive encrypted emails within their domain and outside their domain. [...]

Bleepingcomputer 2022年12月17日 484 觀看次數

Hackers leak personal info allegedly stolen from 5.7M Gemini users

Gemini crypto exchange announced this week that customers were targeted in phishing campaigns after a threat actor collected their personal information from a third-party vendor. [...]

Bleepingcomputer 2022年12月16日 555 觀看次數

New GoTrim Botnet Attempting to Break into WordPress Sites' Admin Accounts

A new Go-based botnet has been spotted scanning and brute-forcing self-hosted websites using the WordPress content management system (CMS) to seize control of the targeted systems.

The Hacker News 2022年12月15日 639 觀看次數

Open-source repositories flooded by 144,000 phishing packages

Unknown threat actors have uploaded a massive 144,294 phishing-related packages on open-source package repositories, inluding NPM, PyPi, and NuGet.

Bleepingcomputer 2022年12月15日 614 觀看次數

LockBit claims attack on California's Department of Finance

The Department of Finance in California has been the target of a cyberattack now claimed by the LockBit ransomware gang. [...]

Bleepingcomputer 2022年12月14日 549 觀看次數

Microsoft-signed malicious Windows drivers used in ransomware attacks

Microsoft has revoked several Microsoft hardware developer accounts after drivers signed through their profiles were used in cyberattacks, including ransomware incidents. [...]

Bleepingcomputer 2022年12月14日 572 觀看次數