相關新聞 | HKCERT

Hackers Using Microsoft MSHTML Flaw to Spy on Targeted PCs with Malware

A new Iranian threat actor has been discovered exploiting a now-addressed critical flaw in the Microsoft Windows MSHTML platform to target Farsi-speaking victims with a new PowerShell-based information stealer designed to harvest extensive details from infected machines. "[T]he stealer is a...

The Hacker News 2021年11月25日 483 觀看次數

FBI And CISA Issue Holiday Ransomware, Cyberattack Warning

Packet Storm 2021年11月24日 446 觀看次數

Suspect Arrested In Ransom Your Employer Scheme

Packet Storm 2021年11月24日 354 觀看次數

Attackers Hijack Email Threads Using ProxyLogon/ProxyShell Flaws

Exploiting Microsoft Exchange ProxyLogon & ProxyShell vulnerabilities, attackers are malspamming replies in existing threads and slipping past malicious-email filters.

ThreatPost 2021年11月23日 483 觀看次數

GoDaddy hack causes data breach affecting 1.2 million customers

In a data breach notification published today, GoDaddy said that the data of up to 1.2 million of its customers was exposed after hackers gained access to the company's Managed WordPress hosting environment.

BleepingComputer 2021年11月23日 409 觀看次數

Experts found 11 malicious Python packages in the PyPI repository

Researchers discovered 11 malicious Python packages in the PyPI repository that can steal Discord access tokens, passwords, and conduct attacks.

Security Affairs 2021年11月19日 408 觀看次數

Thousands of Firefox users accidentally commit login cookies on GitHub

Thousands of Firefox cookie databases containing sensitive data are available on request from GitHub repositories, data potentially usable for hijacking authenticated sessions.

The Register 2021年11月19日 511 觀看次數

MosesStaff Locks Up Targets, with No Ransom Demand, No Decryption

A politically motivated group is paralyzing Israeli entities with no financial goal – and no intention of handing over decryption keys.

ThreatPost 2021年11月17日 416 觀看次數

SharkBot — A New Android Trojan Stealing Banking and Cryptocurrency Accounts

Cybersecurity researchers on Monday took the wraps off a new Android trojan that takes advantage of accessibility features on the devices to siphon credentials from banking and cryptocurrency services in Italy, the U.K., and the U.S.

The Hacker News 2021年11月17日 435 觀看次數

Emotet malware is back and rebuilding its botnet via TrickBot

The Emotet malware was considered the most widely spread malware in the past, using spam campaigns and malicious attachments to distribute the malware.

Bleeping Computer 2021年11月16日 463 觀看次數