相關新聞 | HKCERT

Fake Ransomware Infection Spooks Website Owners

Starting this past Friday we have seen a number of websites showing a fake ransomware infection. Google search results for “FOR RESTORE SEND .1 BITCOIN” were sitting at 6 last week and increased to 291 at the time of writing this.

Sucuri Blog 2021年11月16日 644 觀看次數

Hoax Email Blast Abused Poor Coding in FBI Website

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an interview with the person who claimed responsibility for the hoax, the spam...

Krebs on Security 2021年11月14日 425 觀看次數

Top 10 Cybersecurity Best Practices to Combat Ransomware

Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile.

Threatpost 2021年11月13日 373 觀看次數

Millions of Routers, IoT Devices at Risk from New Open-Source Malware

BotenaGo, written in Google’s Golang programming language, can exploit more than 30 different vulnerabilities.

Threatpost 2021年11月12日 334 觀看次數

Average ransomware payment for US victims more than $6 million, survey says

A Mimecast survey of 742 cybersecurity professionals found that 80% have been targeted by ransomware over the last two years.

ZDnet 2021年11月10日 357 觀看次數

Robinhood Trading Platform Data Breach Hits 7M Customers

The cyberattacker attempted to extort the company after socially engineering a customer service employee to gain access to email addresses and more.

Threatpost 2021年11月09日 356 觀看次數

Two NPM Packages With 22 Million Weekly Downloads Found Backdoored

In what's yet another instance of supply chain attack targeting open-source software repositories, two popular NPM packages with cumulative weekly downloads of nearly 22 million were found to be compromised with malicious code by gaining unauthorized access to the respective developer's accounts.

ThreatPost 2021年11月09日 433 觀看次數

Zoho Password Manager Flaw Torched by Godzilla Webshell

Researchers have spotted a second, worldwide campaign exploiting the Zoho zero-day: one that’s breached defense, energy and healthcare organizations.

ThreatPost 2021年11月09日 317 觀看次數

BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released

CISA is urging vendors to patch, given the release of public exploit code & a proof of concept tool for bugs that open billions of devices – phones, PCs, toys, etc. – to DoS & code execution.

Threatpost 2021年11月06日 516 觀看次數

Cloudflare report highlights devastating DDoS attacks on VoIP services and several 'record-setting HTTP attacks'

In Q3, Cloudflare researchers said they stopped "one of the largest recorded HTTP attacks."

ZDnet 2021年11月06日 296 觀看次數