相關新聞 | HKCERT

Hackers Exploiting Recently Reported Windows Print Spooler Vulnerability in the Wild

A security flaw in the Windows Print Spooler component that was patched by Microsoft in February is being actively exploited in the wild, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned.

Thehackernews 2022年04月21日 422 觀看次數

Most Email Security Approaches Fail to Block Common Threats

A full 89 percent of organizations experienced one or more successful email breaches during the previous 12 months, translating into big-time costs.

Thehackernews 2022年04月21日 278 觀看次數

Okta Says Security Breach by Lapsus$ Hackers Impacted Only Two of Its Customers

Identity and access management provider Okta on Tuesday said it concluded its probe into the breach of a third-party vendor in late January 2022 by the LAPSUS$ extortionist gang.

Thehackernews 2022年04月21日 391 觀看次數

Kaspersky cracks Yanluowang ransomware, offers free decryptor

Step one, get some scrambled files back. Steps two through 37... Kaspersky has found a vulnerability in the Yanluowang ransomware encryption algorithm and, as a result, released a free decryptor tool to help victims of this software nasty recover their files.…

The Register 2022年04月20日 446 觀看次數

QNAP urges customers to disable UPnP port forwarding on routers

Taiwanese hardware vendor QNAP urged customers on Monday to disable Universal Plug and Play (UPnP) port forwarding on their routers to prevent exposing their network-attached storage (NAS) devices to attacks from the Internet. [...]

Bleepingcomputer 2022年04月20日 355 觀看次數

GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens

Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations.

The Hacker News 2022年04月19日 422 觀看次數

New EnemyBot DDoS botnet recruits routers and IoTs into its army

A new Mirai-based botnet malware named Enemybot has been observed growing its army of infected devices through vulnerabilities in modems, routers, and IoT devices, with the threat actor operating it known as Keksec. [...]

Bleepingcomputer 2022年04月14日 470 觀看次數

US warns of govt hackers targeting industrial control systems

A joint cybersecurity advisory issued by CISA, NSA, FBI, and the Department of Energy (DOE) warns of government-backed hacking groups being able to hijack multiple industrial devices using a new ICS-focused malware toolkit. [...]

Bleepingcomputer 2022年04月14日 453 觀看次數

Critical flaw in Elementor WordPress plugin may affect 500k sites

The authors of the Elementor Website Builder plugin for WordPress have just released version 3.6.3 to address a critical remote code execution flaw that may impact as many as 500,000 websites. [...]

Bleepingcomputer 2022年04月13日 537 觀看次數

Critical HP Teradici PCoIP flaws impact 15 million endpoints

HP is warning of new critical security vulnerabilities in the Teradici PCoIP client and agent for Windows, Linux, and macOS that impact 15 million endpoints.

BleepingComputer 2022年04月13日 409 觀看次數