相關新聞 | HKCERT

Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI

Details have emerged about a now-patched security flaw in the DeepSeek artificial intelligence (AI) chatbot that, if successfully exploited, could permit a bad actor to take control of a victim's account by means of a prompt injection attack. Security researcher Johann...

The Hacker News 2024年12月09日 275 觀看次數

Anna Jaques Hospital ransomware breach exposed data of 300K patients

Anna Jaques Hospital has confirmed on its website that a ransomware attack it suffered almost precisely a year ago, on December 25, 2023, has exposed sensitive health data for over 316,000 patients. [...]

Bleepingcomputer 2024年12月07日 375 觀看次數

Hackers Using Fake Video Conferencing Apps to Steal Web3 Professionals' Data

Cybersecurity researchers have warned of a new scam campaign that leverages fake video conferencing apps to deliver an information stealer called Realst targeting people working in Web3 under the guise of fake business meetings. "The threat actors behind the malware have set up fake companies using AI to make...

The Hacker News 2024年12月07日 309 觀看次數

Microsoft Expands Access to Windows Recall AI Feature

The activity-recording capability has drawn concerns from the security community and privacy experts, but the tech giant is being measured in its gradual rollout, which is still in preview mode.

Dark Reading 2024年12月07日 329 觀看次數

Veeam Urges Updates After Discovering Critical Vulnerability

The vulnerability affects certain versions of the Veeam Service Provider Console that can only be fixed by updating with the latest patch.

Dark Reading 2024年12月05日 271 觀看次數

Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability

Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA).

The Hacker News 2024年12月04日 307 觀看次數

Exploit released for critical WhatsUp Gold RCE flaw, patch now

A proof-of-concept (PoC) exploit for a critical-severity remote code execution flaw in Progress WhatsUp Gold has been published, making it critical to install the latest security updates as soon as possible.

Bleeping Computer 2024年12月04日 307 觀看次數

BootKitty UEFI malware exploits LogoFAIL to infect Linux systems

The recently uncovered 'Bootkitty' UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka 'LogoFAIL,' to infect computers running on a vulnerable UEFI firmware. [...]

Bleepingcomputer 2024年12月03日 273 觀看次數

Gen AI could speed up coding, but businesses should still consider risks

Organizations keen to fund gen AI-powered software development for the anticipated benefits should also understand that this may come with adverse effects.

ZDnet 2024年11月28日 291 觀看次數

Hackers abuse popular Godot game engine to infect thousands of PCs

Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months. [...]

Bleepingcomputer 2024年11月28日 304 觀看次數