相關新聞 | HKCERT

CrowdStrike Will Give Customers Control Over Falcon Sensor Updates

The security vendor has also implemented several changes to protect against the kind of snafu that crashed 8.5 million Windows computers worldwide last month.[...]

Dark Reading 2024年08月08日 683 觀看次數

Ronin Network hacked, $12 million returned by "white hat" hackers

Gambling blockchain Ronin Network suffered a security incident yesterday when white hat hackers exploited an undocumented vulnerability on the Ronin bridge to withdraw 4,000 ETH and 2 million USDC, totaling $12 million. [...]

Bleepingcomputer 2024年08月08日 553 觀看次數

France's Grand Palais discloses cyberattack during Olympic games

The Grand Palais Réunion des musées nationaux (Rmn) in France is warning that it suffered a cyberattack on Saturday night, August 3, 2024.

Bleeping Computer 2024年08月07日 432 觀看次數

Surge in Magniber ransomware attacks impact home users worldwide

A massive Magniber ransomware campaign is underway, encrypting home users' devices worldwide and demanding thousand-dollar ransoms to receive a decryptor.

Bleepingcomputer 2024年08月04日 680 觀看次數

Android spyware 'Mandrake' hidden in apps on Google Play since 2022

A new version of the Android spyware 'Mandrake' has been found in five applications downloaded 32,000 times from Google Play, the platform's official app store. [...]

Bleepingcomputer 2024年07月30日 498 觀看次數

PKfail Secure Boot bypass lets attackers install UEFI malware

Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware.

Bleeping Computer 2024年07月26日 388 觀看次數

Researchers Reveal ConfusedFunction Vulnerability in Google Cloud Platform

Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner.

The Hacker News 2024年07月26日 448 觀看次數

Docker fixes critical 5-year old authentication bypass flaw

Docker has issued security updates to address a critical vulnerability impacting certain versions of Docker Engine that could allow an attacker to bypass authorization plugins (AuthZ) under certain circumstances. [...]

Bleepingcomputer 2024年07月25日 355 觀看次數

Google Chrome now warns about risky password-protected archives

Google Chrome now warns when downloading risky password-protected files and provides improved alerts with more information about potentially malicious downloaded files. [...]

Bleepingcomputer 2024年07月25日 389 觀看次數

North Korean hacker got hired by US security vendor, immediately loaded malware

KnowBe4, which provides security awareness training, was fooled by stolen ID.

Ars Technica 2024年07月25日 286 觀看次數