跳至主內容

相關新聞

篩選器:

Bot army risk as 3,000+ apps found spilling Twitter API keys

Please stop leaving credentials where miscreants can find them Want to build your own army? Engineers at CloudSEK have published a report on how to do just that in terms of bots and Twitter, thanks to API keys leaking from applications.…
The Register 2022年08月02日 23 觀看次數

Facebook ads push Android adware with 7 million installs on Google Play

Several adware apps promoted aggressively on Facebook as system cleaners and optimizers for Android devices are counting millions of installations on Google Play store. [...]
Bleepingcomputer 2022年07月30日 76 觀看次數

As Microsoft blocks Office macros, hackers find new attack vectors

Hackers who normally distributed malware via phishing attachments with malicious macros gradually changed tactics after Microsoft Office began blocking them by default, switching to new file types such as ISO, RAR, and Windows Shortcut (LNK) attachments.
BleepingComputer 2022年07月28日 85 觀看次數

FileWave fixes bugs that left 1,000+ orgs open to ransomware, data theft

Internet-connected MDM instances, each with an 'unrestricted number' of managed devices, were vulnerable FileWave has fixed a couple vulnerabilities in its endpoint management software that could allow a remote attacker to bypass authentication and take full control of the deployment and associated devices....
The Register 2022年07月28日 94 觀看次數

Google once again delays phasing out third-party cookies

Chrome will now fully support the tracking technology until the second half of 2024
ZDnet 2022年07月28日 94 觀看次數

We're likely only seeing 'the tip of the iceberg' of Pegasus spyware use against the US

House intel chair raises snoop tool concerns as Google and others call for greater crack down Google and internet rights groups have called on Congress to weigh in on spyware, asking for sanctions and increased enforcement against so-called legit surveillanceware makers.…
The Register 2022年07月28日 93 觀看次數

DHL Phishing Page Uses Telegram Bot for Exfiltration

One of the quickest ways for an attacker to harvest financial data, credentials, and sensitive personal information is through phishing. These social engineering attacks can typically be found masquerading as a trusted or recognizable service, intent on tricking unsuspecting users into submitting sensitive information on the...
Sucuri Blog 2022年07月27日 98 觀看次數

Microsoft: IIS extensions increasingly used as Exchange backdoors

Microsoft says attackers increasingly use malicious Internet Information Services (IIS) web server extensions to backdoor unpatched Exchange servers as they have lower detection rates compared to web shells.
Bleeping Computer 2022年07月27日 90 觀看次數

Hackers exploited PrestaShop zero-day to breach online stores

Hackers are targeting websites using the PrestaShop platform, leveraging a previously unknown vulnerability chain to perform code execution and potentially steal customers' payment information.
Bleepingcomputer 2022年07月26日 110 觀看次數

Microsoft issues emergency fix for broken Windows 11 start menu

Microsoft has addressed a known issue that was causing the start menu on some Windows 11 to malfunction after installing recent updates.
Bleepingcomputer 2022年07月26日 116 觀看次數