相關新聞 | HKCERT

Dozens of Google Products Targeted by Scammers via Malicious Search Ads

Scammers have been targeting dozens of Google products through malicious search ads. They impersonated Google's product line and used Looker Studio to lock up Windows and Mac users' browsers.

Cyware News 2024年08月17日 338 觀看次數

New Mad Liberator gang uses fake Windows update screen to hide data theft

A new data extortion group tracked as Mad Liberator is targeting AnyDesk users and runs a fake Microsoft Windows update screen to distract while exfiltrating data from the target device. [...]

Bleepingcomputer 2024年08月17日 412 觀看次數

New Phishing Attack Uses Sophisticated Infostealer Malware

A new phishing attack with advanced infostealer malware has been discovered by analysts. The malware collects sensitive data like passwords, cookies, credit card info, and browsing history.

Cyware News 2024年08月16日 549 觀看次數

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems using IPv6, which is enabled by default.

ZDnet 2024年08月15日 528 觀看次數

Critical SAP flaw allows remote attackers to bypass authentication

SAP has released its security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass that could allow remote attackers to fully compromise the system. [...]

Bleepingcomputer 2024年08月14日 343 觀看次數

NIST Finalizes Post-Quantum Encryption Standards

The new standards from NIST are designed for two tasks: general encryption and digital signatures.

Dark Reading 2024年08月14日 305 觀看次數

0.0.0.0 Day Browser Flaw Enables Malicious Requests To Local Networks

A vulnerability affecting all major browsers, dubbed “... Day,” could enable attackers to send malicious requests to local networks, potentially leading to remote code execution (RCE).

Packet Storm 2024年08月13日 346 觀看次數

In search of the foolproof AI watermark

The challenge is that digitally watermarking AI output becomes more complex as AI content improves.

ZDnet 2024年08月13日 221 觀看次數

Ivanti warns of critical vTM auth bypass with public exploit

Today, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts. [...]

Bleepingcomputer 2024年08月13日 316 觀看次數

Fake X content warnings on Ukraine war, earthquakes used as clickbait

X has always had a bot problem, but now scammers are utilizing the Ukraine war and earthquake warnings in Japan to entice users into clicking on fake content warnings and videos that lead to scam adult sites, malicious browser extensions, and shady affiliate sites. [....

Bleepingcomputer 2024年08月11日 567 觀看次數