相關新聞 | HKCERT

SonicWall warns of trojanized NetExtender stealing VPN logins

SonicWall is warning customers that threat actors are distributing a trojanized version of its NetExtender SSL VPN client used to steal VPN credentials. [...]

Bleepingcomputer 2025年06月25日 214 觀看次數

SparkKitty Swipes Pics From iOS, Android Devices

Like its predecessor, SparkCat, the new malware appears to be going after sensitive data — such as seed phrases for cryptocurrency wallets — in device photo galleries.

Dark Reading 2025年06月24日 293 觀看次數

Godfather Android malware now uses virtualization to hijack banking apps

A new version of the Android malware "Godfather" creates isolated virtual environments on mobile devices to steal account data and transactions from legitimate banking apps. [...]

Bleepingcomputer 2025年06月20日 218 觀看次數

'Stargazers' use fake Minecraft mods to steal player passwords

A large-scale malware campaign specifically targets Minecraft players with malicious mods and cheats that infect Windows devices with infostealers that steal credentials, authentication tokens, and cryptocurrency wallets.

Bleeping Computer 2025年06月18日 225 觀看次數

New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

A new campaign is making use of Cloudflare Tunnel subdomains to host malicious payloads and deliver them via malicious attachments embedded in phishing emails.

The Hacker News 2025年06月18日 392 觀看次數

ASUS Armoury Crate bug lets attackers get Windows admin privileges

A high-severity vulnerability in ASUS Armoury Crate software could allow threat actors to escalate their privileges to SYSTEM level on Windows machines. [...]

Bleepingcomputer 2025年06月17日 245 觀看次數

Over 46,000 Grafana instances exposed to account takeover bug

More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability that allows executing a malicious plugin and account takeover.

Bleeping Computer 2025年06月15日 223 觀看次數

Anubis ransomware adds wiper to destroy files beyond recovery

The Anubis ransomware-as-a-service (RaaS) operation has added to its file-encryptimg malware a wiper module that destroys targeted files, making recovery impossible even if the ransom is paid.

Bleeping Computer 2025年06月14日 265 觀看次數

Discord flaw lets hackers reuse expired invites in malware campaign

Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access trojans and information-stealing malware.

Bleeping Computer 2025年06月13日 241 觀看次數

Erie Insurance confirms cyberattack behind business disruptions

Erie Insurance and Erie Indemnity Company have disclosed that a weekend cyberattack is behind the recent business disruptions and platform outages on its website. [...]

Bleepingcomputer 2025年06月12日 184 觀看次數