相關新聞 | HKCERT

Ragnarok ransomware releases master decryptor after shutdown

Ragnarok ransomware gang appears to have called it quits and released the master key that can decrypt files locked with their malware.

Bleeping Computer 2021年08月27日 568 觀看次數

Synology: Multiple products impacted by OpenSSL RCE vulnerability

Taiwan-based NAS maker Synology has revealed that recently disclosed remote code execution (RCE) and denial-of-service (DoS) OpenSSL vulnerabilities impact some of its products.

Bleeping Computer 2021年08月27日 460 觀看次數

Mirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit

Researchers warn of Dark.IoT's rapidly evolving nasty A denial-of-service vulnerability affecting SDKs for Realtek chipsets used in 65 vendors' IoT devices has been incorporated into a son-of-Mirai botnet, according to new research.…

The Register 2021年08月26日 571 觀看次數

ProxyLogon flaw, evil emails, SQL injections used to open backdoors on Windows boxes

Multi-use toolkit deployed on victims' networks across Asia, North America ESET and TrendMicro have identified a novel and sophisticated backdoor tool that miscreants have slipped onto compromised Windows computers in companies mostly in Asia but also in North America.…

The Register 2021年08月26日 482 觀看次數

Win10 Admin Rights Tossed Off by Yet Another Plug-In

Then again, you don’t even need the actual device – in this case, a SteelSeries peripheral – since emulation works just fine to launch with full SYSTEM rights.

Threatpost 2021年08月26日 440 觀看次數

Microsoft Spills 38 Million Sensitive Data Records Via Careless Power App Configs

Data leaked includes COVID-19 vaccination records, social security numbers and email addresses tied to American Airlines, Ford, Indiana Department of Health and New York City public schools.

Threatpost 2021年08月24日 495 觀看次數

ProxyShell Attacks Pummel Unpatched Exchange Servers

CISA is warning about a surge of ProxyShell attacks, as Huntress discovered 140 webshells launched against 1,900 unpatched Microsoft Exchange servers.

Threatpost 2021年08月24日 363 觀看次數

Windows 10 Admin Rights Gobbled by Razer Devices

So much for Windows 10's security: A zero-day in the device installer software grants admin rights just by plugging in a mouse or other compatible device. UPDATE: Microsoft is investigating.

Threatpost 2021年08月23日 461 觀看次數

How Ready Are You for a Ransomware Attack?

Oliver Tavakoli, CTO at Vectra, lays out the different layers of ransomware defense all companies should implement.

Threatpost 2021年08月20日 448 觀看次數

Bogus Cryptomining Apps Infest Google Play

The apps attempt to swindle users into buying in-app upgrades or clicking on masses of ads.

Threatpost 2021年08月19日 499 觀看次數