相關新聞 | HKCERT

Log4j: Mirai botnet found targeting ZyXEL networking devices

A report explained that the Log4j vulnerability is being used to "infect and assist in the proliferation of malware used by the Mirai botnet."

ZDnet 2022年01月25日 436 觀看次數

FBI warns of malicious QR codes used to steal your money

The Federal Bureau of Investigation (FBI) warned Americans this week that cybercriminals are using maliciously crafted Quick Response (QR) codes to steal their credentials and financial info.

BleepingComputer 2022年01月24日 587 觀看次數

Hackers hijack smart contracts in cryptocurrency token 'rug pull' exit scams

Misconfiguration provides the perfect opportunity for token-based theft.

ZDnet 2022年01月24日 400 觀看次數

Box 2FA Bypass Opens User Accounts to Attack

A security bug in the file-sharing cloud app could have allowed attackers using stolen credentials to skate by one-time SMS code verification requirements.

Threatpost 2022年01月20日 317 觀看次數

Bugcrowd reports increase in critical vulnerabilities found in 2021

Bugcrowd saw a 185% increase in the last 12 months for critical vulnerability submissions with financial services companies.

ZDnet 2022年01月20日 403 觀看次數

Destructive Wiper Targeting Ukraine Aimed at Eroding Trust, Experts Say

Disruptive malware attacks on Ukrainian organizations (posing as ransomware attacks) are very likely part of Russia’s wider effort to undermine Ukraine’s sovereignty, according to analysts.

Threatpost 2022年01月20日 383 觀看次數

Sniff those Ukrainian emails a little more carefully, advises Uncle Sam in wake of Belarusian digital vandalism

NotPetya started over there, don't forget US companies should be on the lookout for security nasties from Ukrainian partners following the digital graffiti and malware attack launched against Ukraine by Belarus, the CISA has warned.…

The Register 2022年01月20日 468 觀看次數

Dark Web's Largest Marketplace for Stolen Credit Cards is Shutting Down

UniCC, the biggest dark web marketplace for stolen credit and debit cards, has announced that it's shuttering its operations after earning $358 million in purchases since 2013 using cryptocurrencies such as Bitcoin, Litecoin, Ether, and Dash. "Don't build any...

The Hacker News 2022年01月17日 490 觀看次數

DHL, Microsoft, WhatsApp top phishing list of most imitated brands

Google, LinkedIn and Amazon also ranked highly on Check Point Research's list.

ZDnet 2022年01月17日 420 觀看次數

New Unpatched Apple Safari Browser Bug Allows Cross-Site User Tracking

A software bug introduced in Apple Safari 15's implementation of the IndexedDB API could be abused by a malicious website to track users' online activity in the web browser and worse, even reveal their identity. The vulnerability, dubbed IndexedDB Leaks, was disclosed...

The Hacker News 2022年01月17日 421 觀看次數