相關新聞 | HKCERT

New Black Basta ransomware springs into action with a dozen breaches

A new ransomware gang known as Black Basta has quickly catapulted into operation this month, claiming to have breached over twelve companies in just a few weeks. [...]

Bleepingcomputer 2022年04月28日 712 觀看次數

QNAP warns users to disable AFP until it fixes critical bugs

Taiwanese corporation QNAP has asked customers this week to disable the AFP file service protocol on their network-attached storage (NAS) appliances until it fixes multiple critical Netatalk vulnerabilities. [...]

Bleepingcomputer 2022年04月28日 557 觀看次數

Emotet malware now installs via PowerShell in Windows shortcut files

The Emotet botnet is now using Windows shortcut files (.LNK) containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default.

Bleeping Computer 2022年04月27日 710 觀看次數

Emotet malware infects users again after fixing broken installer

The Emotet malware phishing campaign is up and running again after the threat actors fixed a bug preventing people from becoming infected when they opened malicious email attachments. [...]

Bleepingcomputer 2022年04月26日 580 觀看次數

Researchers Report Critical RCE Vulnerability in Google's VirusTotal Platform

Security researchers have disclosed a security vulnerability in the VirusTotal platform that could have been potentially weaponized to achieve remote code execution (RCE). The flaw, now patched, made it possible to "execute commands remotely within VirusTotal platform and gain access to its various scans capabilities...

The Hacker News 2022年04月26日 547 觀看次數

Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability

Atlassian has published a security advisory warning of a critical vulnerability in its Jira software that could be abused by a remote, unauthenticated attacker to circumvent authentication protections.

The Hacker News 2022年04月25日 404 觀看次數

Hackers Are Exploiting Zero Days More Than Ever

Packet Storm 2022年04月25日 453 觀看次數

Docker servers hacked in ongoing cryptomining malware campaign

Docker APIs on Linux servers are being targeted by a large-scale Monero crypto-mining campaign from the operators of the Lemon_Duck botnet. [...]

Bleepingcomputer 2022年04月22日 371 觀看次數

QNAP asks users to mitigate critical Apache HTTP Server bugs

QNAP has asked customers to apply mitigation measures to block attempts to exploit Apache HTTP Server security vulnerabilities impacting their network-attached storage (NAS) devices. [...]

Bleepingcomputer 2022年04月22日 481 觀看次數

Google: 2021 was a Banner Year for Exploited 0-Day Bugs

Last year, Google Project Zero tracked a record 58 exploited-in-the-wild zero-day security holes. Google Project Zero reported 58 exploited zero-day vulnerabilities in 2021, a record in the short time the team of security researchers has been keeping...

Thehackernews 2022年04月21日 306 觀看次數