相關新聞 | HKCERT

Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware

The recently disclosed critical Spring4Shell vulnerability is being actively exploited by threat actors to execute the Mirai botnet malware, particularly in the Singapore region since the start of April 2022.

Thehackernews 2022年04月11日 441 觀看次數

FIN7 crime-gang pen tester headed to US prison for five years

He's the third FIN7 gangster to face time behind bars Another member of notorious cybercrime ring FIN7 is headed to jail after the gang breached major companies' networks across the US and stole more than $1 billion from these businesses' customers.…

The Register 2022年04月08日 486 觀看次數

Microsoft takes down APT28 domains used in attacks against Ukraine

Microsoft has successfully disrupted attacks against Ukrainian targets coordinated by the Russian APT28 hacking group after taking down seven domains used as attack infrastructure. [...]

Bleepingcomputer 2022年04月08日 445 觀看次數

This new malware targets AWS Lambda environments

A new malware variant that targets AWS Lambda has been discovered.

ZDNet 2022年04月07日 288 觀看次數

Cash App notifies 8.2 million US customers about data breach

Cash App is notifying 8.2 million current and former US customers of a data breach after a former employee accessed their account information. [...]

Bleepingcomputer 2022年04月06日 414 觀看次數

Microsoft detects Spring4Shell attacks across its cloud services

Microsoft said that it's currently tracking a "low volume of exploit attempts" targeting the critical Spring4Shell (aka SpringShell) remote code execution (RCE) vulnerability across its cloud services. [...]

Bleepingcomputer 2022年04月06日 394 觀看次數

Remote Access Trojan adds ransomware and DDoS attacks to usual bag of tricks

Known as Borat, a new Trojan spotted by Cyble allows attackers to compile malicious code to launch ransomware campaigns and DDoS attacks on the victim’s machine. The post Remote Access Trojan adds ransomware and DDoS attacks to usual bag of tricks appeared first on TechRepublic.

TechRepublic 2022年04月06日 369 觀看次數

SpringShell attacks target about one in six vulnerable orgs

Roughly one out of six organizations worldwide that are impacted by the Spring4Shell zero-day vulnerability have already been targeted by threat actors, according to statistics from one cybersecurity company. [...]

Bleepingcomputer 2022年04月06日 442 觀看次數

Fake Trezor data breach emails used to steal cryptocurrency wallets

A compromised Trezor hardware wallet mailing list was used to send fake data breach notifications to steal cryptocurrency wallets and the assets stored within them.

Bleepingcomputer 2022年04月04日 378 觀看次數

$620 million in crypto stolen from Axie Infinity's Ronin bridge

A hacker has stolen almost $620 million in Ethereum and USDC tokens from Axie Infinity's Ronin network bridge, making it possibly the largest crypto hack in history. [...]

Bleepingcomputer 2022年03月30日 453 觀看次數