相關新聞 | HKCERT

Zimbra auth bypass bug exploited to breach over 1,000 servers

An authentication bypass Zimbra security vulnerability is actively exploited to compromise Zimbra Collaboration Suite (ZCS) email servers worldwide.

Bleeping Computer 2022年08月12日 733 觀看次數

Automotive supplier breached by 3 ransomware gangs in 2 weeks

An automotive supplier had its systems breached and files encrypted by three different ransomware gangs over two weeks in May, two of the attacks happening within just two hours.

Bleeping Computer 2022年08月11日 749 觀看次數

CISA warns of Windows and UnRAR flaws exploited in the wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation.

Bleeping Computer 2022年08月11日 695 觀看次數

deBridge Finance crypto platform targeted by Lazarus hackers

Hackers suspected to be from the North Korean Lazarus group tried their luck at stealing cryptocurrency from deBridge Finance, a cross-chain protocol that enables the decentralized transfer of assets between various blockchains.

Bleepingcomputer 2022年08月09日 683 觀看次數

Email marketing firm hacked to steal crypto-focused mailing lists

Email marketing firm Klaviyo disclosed a data breach after threat actors gained access to internal systems and downloaded marketing lists for cryptocurrency-related customers.

Bleepingcomputer 2022年08月09日 576 觀看次數

Hackers Exploit Twitter Vulnerability to Exposes 5.4 Million Accounts

Twitter on Friday revealed that a now-patched zero-day bug was used to link phone numbers and emails to user accounts on the social media platform. "As a result of the vulnerability, if someone submitted an email address or phone number to Twitter's...

The Hacker News 2022年08月08日 546 觀看次數

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-...

The Hacker News 2022年08月07日 680 觀看次數

Snapchat, Amex sites abused in Microsoft 365 phishing attacks

Attackers abused open redirects on the websites of Snapchat and American Express in a series of phishing attacks to steal Microsoft 365 credentials. [...]

Bleepingcomputer 2022年08月07日 575 觀看次數

Windows 10 22H2 is coming, here's everything we know

Microsoft has confirmed the next version of Windows 10 is called "version 22H2". The company will rolling out the next version of Windows 10 later his year and the update is already available for those who manually check for updates using the Settings app in the Release...

Bleepingcomputer 2022年08月07日 571 觀看次數

New GwisinLocker ransomware encrypts Windows and Linux ESXi servers

A new ransomware family called 'GwisinLocker' targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines. [...]

Bleepingcomputer 2022年08月06日 787 觀看次數