相關新聞
New Hertzbleed side-channel attack affects Intel, AMD CPUs
A new side-channel attack known as Hertzbleed allows remote attackers to steal full cryptographic keys by observing variations in CPU frequency enabled by dynamic voltage and frequency scaling (DVFS).
BleepingComputer
2022年06月15日 581 觀看次數
New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials
A new high-severity vulnerability has been disclosed in the Zimbra email suite that, if successfully exploited, enables an unauthenticated attacker to steal cleartext passwords of users sans any user interaction.
The Hacker News
2022年06月15日 673 觀看次數
Kaiser Permanente data breach exposes health data of 69K people
Kaiser Permanente, one of America's leading not-for-profit health plans and health care providers, has recently disclosed a data breach that exposed the health information of more than 69,000 individuals. [...]
Bleepingcomputer
2022年06月14日 593 觀看次數
PyPI package 'keep' mistakenly included a password stealer
PyPI packages 'keep,' 'pyanxdns,' 'api-res-py' were found to contain a password-stealer and a backdoor due to the presence of malicious 'request' dependency within some versions. [...]
Bleepingcomputer
2022年06月13日 676 觀看次數
New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing
A newly designed privacy-sensitive architecture aims to enable developers to create smart home apps in a manner that addresses data sharing concerns and puts users in control over their personal information. Dubbed Peekaboo by researchers from Carnegie Mellon University, the system "leverages...
The Hacker News
2022年06月11日 709 觀看次數
Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones
A new research undertaken by a group of academics from the University of California San Diego has revealed for the first time that Bluetooth signals can be fingerprinted to track smartphones (and therefore, individuals). The identification, at its core, hinges on imperfections in the Bluetooth...
The Hacker News
2022年06月10日 487 觀看次數
Qbot malware now uses Windows MSDT zero-day in phishing attacks
A critical Windows zero-day vulnerability, known as Follina and still waiting for an official fix from Microsoft, is now being actively exploited in ongoing phishing attacks to infect recipients with Qbot malware.
Bleepingcomputer
2022年06月09日 866 觀看次數
Critical PHP flaw exposes QNAP NAS devices to RCE attacks
QNAP has warned customers today that some of its Network Attached Storage (NAS) devices (with non-default configurations) are vulnerable to attacks that would exploit a three-year-old critical PHP vulnerability allowing remote code execution. [...]
Bleepingcomputer
2022年06月08日 634 觀看次數
MEGA fixes critical flaws that allowed the decryption of user data
MEGA has released a security update to address a set of severe vulnerabilities that could have exposed user data, even if the data had been stored in encrypted form. [...]
Bleepingcomputer
2022年06月08日 460 觀看次數
New SVCReady malware loads from Word doc properties
A previously unknown malware loader named SVCReady has been discovered in phishing attacks, featuring an unusual way of loading the malware from Word documents onto compromised machines. [...]
Bleepingcomputer
2022年06月08日 633 觀看次數
