相關新聞 | HKCERT

FBI warnings are true—fake file converters do push malware

The FBI is warning that fake online document converters are being used to steal people's information and, in worst-case scenarios, lead to ransomware attacks. [...]

Bleepingcomputer 2025年03月23日 277 觀看次數

UK urges critical orgs to adopt quantum cryptography by 2035

The UK's National Cyber Security Centre (NCSC) has published specific timelines on migrating to post-quantum cryptography (PQC), dictating that critical organizations should complete migration by 2035.

Bleeping Computer 2025年03月21日 291 觀看次數

WhatsApp patched zero-click flaw exploited in Paragon spyware attacks

WhatsApp has patched a zero-click, zero-day vulnerability used to install Paragon's Graphite spyware following reports from security researchers at the University of Toronto's Citizen Lab. [...]

Bleepingcomputer 2025年03月20日 421 觀看次數

Malicious Android 'Vapor' apps on Google Play installed 60 million times

Over 300 malicious Android applications downloaded 60 million items from Google Play acted as adware or attempted to steal credentials and credit card information.

Bleeping Computer 2025年03月19日 262 觀看次數

New Windows zero-day exploited by 11 state hacking groups since 2017

At least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017.

Bleeping Computer 2025年03月19日 392 觀看次數

Medusa Ransomware Strikes 300+ Targets: FBI & CISA Urge Immediate Action to #StopRansomware

Medusa ransomware now operates as a RaaS model, recruiting affiliates from criminal forums to launch attacks, encrypt data, and extort victims worldwide.

TechRepublic 2025年03月18日 293 觀看次數

Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts

Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. [...]

Bleepingcomputer 2025年03月16日 446 觀看次數

ClickFix: How to Infect Your PC in Three Easy Steps

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed "ClickFix," the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft...

Krebs on Security 2025年03月15日 340 觀看次數

ClickFix attack delivers infostealers, RATs in fake Booking.com emails

Microsoft is warning that an ongoing phishing campaign impersonating Booking.com is using ClickFix social engineering attacks to infect hospitality workers with various malware, including infostealers and RATs. [...]

Bleepingcomputer 2025年03月13日 346 觀看次數

Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails

Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social engineering technique called ClickFix to deliver credential-stealing malware. The activity, the tech giant's threat intelligence team said...

The Hacker News 2025年03月13日 345 觀看次數