相關新聞
RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors
Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities...
The Hacker News
2024年09月02日 476 觀看次數
South Korean hackers exploited WPS Office zero-day to deploy malware
The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS Office to install the SpyGlace backdoor on East Asian targets. [...]
Bleepingcomputer
2024年08月29日 689 觀看次數
Major Backdoor In Millions Of RFID Cards Allows Instant Cloning
Packet Storm
2024年08月27日 647 觀看次數
PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads
Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders.
The Register
2024年08月26日 479 觀看次數
New NGate Android malware uses NFC chip to steal credit card data
A new Android malware named NGate can steal money from payment cards by relaying to an attacker's device the data read by the near-field communication (NFC) chip. [...]
Bleepingcomputer
2024年08月23日 400 觀看次數
NFC Traffic Stealer Targets Android Users & Their Banking Info
The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.
Dark Reading
2024年08月23日 391 觀看次數
SolarWinds left critical hardcoded credentials in its Web Help Desk product
Why go to the effort of backdooring code when devs will basically do it for you accidentally anyway SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote, unauthenticated attackers to log into vulnerable instances, access internal functionality, and modify sensitive...
The Register
2024年08月23日 402 觀看次數
GitHub Enterprise Server vulnerable to critical auth bypass flaw
A critical vulnerability affecting multiple versions of GitHub Enterprise Server could be exploited to bypass authentication and enable an attacker to gain administrator privileges on the machine.
Bleeping Computer
2024年08月22日 445 觀看次數
Hackers use PHP exploit to backdoor Windows systems with new malware
Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). [...]
Bleepingcomputer
2024年08月21日 476 觀看次數
Multiple flaws in Microsoft macOS apps unpatched despite potential risks
Windows giant tells Cisco Talos it isn't fixing them
Cisco Talos says eight vulnerabilities in Microsoft's macOS apps could be abused by nefarious types to record video and sound from a user's device, access sensitive data, log user input, and...
The Register
2024年08月20日 429 觀看次數
