相關新聞 | HKCERT

Hackers use PowerPoint files for 'mouseover' malware delivery

Hackers believed to work for Russia have started using a new code execution technique that relies on mouse movement in Microsoft PowerPoint presentations to trigger a malicious PowerShell script.

BleepingComputer 2022年09月27日 595 觀看次數

New Erbium password-stealing malware spreads as game cracks, cheats

The new 'Erbium' information-stealing malware is being distributed as fake cracks and cheats for popular video games to steal victims' credentials and cryptocurrency wallets.

BleepingComputer 2022年09月27日 534 觀看次數

Hackers Using Fake CircleCI Notifications to Hack GitHub Accounts

GitHub has put out an advisory detailing what may be an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform.

The Hacker News 2022年09月26日 611 觀看次數

Microsoft SQL servers hacked in TargetCompany ransomware attacks

Vulnerable Microsoft SQL servers are being targeted in a new wave of attacks with FARGO ransomware, security researchers are warning.

BleepingComputer 2022年09月26日 943 觀看次數

Hackers stealing GitHub accounts using fake CircleCI notifications

GitHub is warning of an ongoing phishing campaign that started on September 16 and is targeting its users with emails that impersonate the CircleCI continuous integration and delivery platform.

BleepingComputer 2022年09月23日 568 觀看次數

Microsoft Exchange servers hacked via OAuth apps for phishing

Microsoft says a threat actor gained access to cloud tenants hosting Microsoft Exchange servers in credential stuffing attacks, with the end goal of deploying malicious OAuth applications and sending phishing emails.

BleepingComputer 2022年09月23日 586 觀看次數

Deepfake audio has a tell and researchers can spot it

Imagine the following scenario. A phone rings. An office worker answers it and hears his boss, in a panic, tell him that she forgot to transfer money to the new contractor before she left for the day and needs him to do it. She gives...

arstechnica 2022年09月21日 675 觀看次數

American Airlines discloses data breach after employee email compromise

American Airlines has notified customers of a recent data breach after attackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information. [...]

Bleepingcomputer 2022年09月20日 631 觀看次數

Rockstar Games Confirms 'Grand Theft Auto 6' Breach

The Take-Two Interactive subsidiary acknowledges an attack on its systems, where an attacker downloaded "early development footage for the next Grand Theft Auto" and other assets.

Dark Reading 2022年09月20日 1215 觀看次數

Uber explains how it was pwned this month, points finger at Lapsus$ gang

From annoying MFA alerts to 'several internal systems' infiltrated Uber, four days after suffering a substantial cybersecurity breach, has admitted its attacker accessed "several internal systems" including the corporation's G Suite account, and downloaded internal Slack messages and a tool...

The Register 2022年09月20日 623 觀看次數