相關新聞 | HKCERT

MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature

A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to remotely commandeer the devices and perform financial fraud.

Dark Reading 2023年08月31日 0 觀看次數

WordPress migration add-on flaw could lead to data breaches

All-in-One WP Migration, a popular data migration plugin for WordPress sites that has 5 million active installations, suffers from unauthenticated access token manipulation that could allow attackers to access sensitive site information. [...]

Bleepingcomputer 2023年08月31日 110 觀看次數

6 Ways AI Can Revolutionize Digital Forensics

Artificial intelligence tools can automate the analysis of logs, video, and other important but tedious aspects of investigations.

Dark Reading 2023年08月30日 124 觀看次數

Apple security boss faces iPads-for-gun-permits bribery charge... again

'We will continue fighting this case' global chief's lawyer tells us An appeals court has reversed a 2021 decision to drop a bribery charge against Apple's head of global security, who is accused of donating iPads worth up to $80,...

The Register 2023年08月30日 115 觀看次數

How the FBI nuked Qakbot malware from infected Windows PCs

The FBI announced today the disruption of the Qakbot botnet in an international law enforcement operation that not only seized infrastructure but also uninstalled the malware from infected devices. [...]

Bleepingcomputer 2023年08月30日 110 觀看次數

Attacks on Citrix NetScaler systems linked to ransomware actor

A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks.

Bleeping Computer 2023年08月29日 109 觀看次數

Exploit released for Juniper firewall bugs allowing RCE attacks

Proof-of-concept exploit code has been publicly released for vulnerabilities in Juniper SRX firewalls that, when chained, can allow unauthenticated attackers to gain remote code execution in Juniper's JunOS on unpatched devices.

Bleeping Computer 2023年08月29日 140 觀看次數

MalDoc in PDFs: Hiding malicious Word docs in PDF files

Japan's computer emergency response team (JPCERT) is sharing a new 'MalDoc in PDF' attack detected in July 2023 that bypasses detection by embedding malicious Word files into PDFs.

Bleeping Computer 2023年08月29日 109 觀看次數

ICO calls social media firms to protect people's data from scraping

UK's Information Commissioner's Office (ICO), together with eleven data protection and privacy authorities from around the world, have published a statement calling social media platforms to up their protections against data scrapers. [...]

Bleepingcomputer 2023年08月26日 84 觀看次數

Luna Grabber Malware Targets Roblox Gaming Devs

Roblox gaming developers are lured in by a package that claims to create useful scripts to interact with the Roblox website, for example by “promot(ing) users, shout events, and so on, or to create Discord utiltiies (sic) to manage their...

Dark Reading 2023年08月26日 80 觀看次數