相關新聞 | HKCERT

Over 16,000 Fortinet devices compromised with symlink backdoor

Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices. [...]

Bleepingcomputer 2025年04月17日 384 觀看次數

AI-Powered Presentation Tool Leveraged in Phishing Attacks

Researchers at Abnormal Security said threat actors are using a legitimate presentation and graphic design tool named "Gamma" in phishing attacks.

Dark Reading 2025年04月16日 554 觀看次數

Infamous message board 4chan taken down following major hack

4chan, a notorious online forum, was taken offline earlier today after what appears to be a significant hack and has since been loading intermittently. [...]

Bleepingcomputer 2025年04月16日 621 觀看次數

Midnight Blizzard deploys new GrapeLoader malware in embassy phishing

Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. [...]

Bleepingcomputer 2025年04月16日 519 觀看次數

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems. "Threat actors are increasingly using open source tools in their...

The Hacker News 2025年04月15日 223 觀看次數

Google adds Android auto-reboot to block forensic data extractions

Google is rolling out a new security mechanism on Android devices that will automatically reboot locked, unused devices after three consecutive days of inactivity, restoring memory to an encrypted state. [...]

Bleepingcomputer 2025年04月15日 356 觀看次數

New SSL/TLS certs to each live no longer than 47 days by 2029

IT admins, get ready to grumble CA/Browser Forum – a central body of web browser makers, security certificate issuers, and friends – has voted to cut the maximum lifespan of new SSL/TLS certs to just 47 days by March 15, 2029...

The Register 2025年04月15日 211 觀看次數

Why is someone mass-scanning Juniper and Palo Alto Networks products?

Espionage? Botnets? Trying to exploit a zero-day? Updated Someone or something is probing devices made by Juniper Networks and Palo Alto Networks, and researchers think it could be evidence of espionage attempts, attempts to build a botnet, or an effort to...

The Register 2025年04月11日 219 觀看次數

Oracle says "obsolete servers" hacked, denies cloud breach

Oracle finally confirmed in email notifications sent to customers that a hacker stole and leaked credentials that were stolen from what it described as "two obsolete servers."

Bleeping Computer 2025年04月10日 377 觀看次數

Malicious VSCode extensions infect Windows with cryptominers

Nine VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer to mine Ethereum and Monero.

Bleeping Computer 2025年04月08日 330 觀看次數