相關新聞 | HKCERT

BreachForums v1 database leak is an OPSEC test for hackers

The entire database for the notorious BreachForums v1 hacking forum was released on Telegram Tuesday night, exposing a treasure trove of data, including members' information, private messages, cryptocurrency addresses, and every post on the forum. [...]

Bleepingcomputer 2024年07月24日 363 觀看次數

CrowdStrike: 'Content Validator' bug let faulty update pass checks

CrowdStrike released a Preliminary Post Incident Review (PIR) on the faulty Falcon update explaining that a bug allowed bad data to pass its Content Validator and cause millions of Windows systems to crash on July 19, 2024. [...]

Bleepingcomputer 2024年07月24日 324 觀看次數

Goodbye? Attackers Can Bypass 'Windows Hello' Strong Authentication

Accenture researcher undercut WHfB's default authentication using open source Evilginx adversary-in-the-middle (AitM) reverse-proxy attack framework.

Dark Reading 2024年07月24日 510 觀看次數

Likely eCrime Actor Uses Filenames Capitalizing on July 19, 2024, Falcon Sensor Content Issues in Operation Targeting LATAM-Based CrowdStrike Customers

On July 19, 2024, an issue present in a single content update for the CrowdStrike Falcon® sensor impacting Windows operating systems was identified, and a fix was deployed. [...]

CrowdStrike 2024年07月24日 436 觀看次數

Lumma Stealer Packed with CypherIt Distributed Using Falcon Sensor Update Phishing Lure

On July 23, 2024, CrowdStrike Intelligence identified the phishing domain crowdstrike-office365[.]com, which impersonates CrowdStrike and delivers malicious ZIP and RAR files containing a Microsoft Installer (MSI) loader. The loader ultimately executes Lumma Stealer packed with CypherIt...

CrowdStrike 2024年07月24日 568 觀看次數

Threat Actor Distributes Python-Based Information Stealer Using a Fake Falcon Sensor Update Lure

On July 23, 2024, CrowdStrike Intelligence identified a malicious ZIP file containing a Python-based information stealer now tracked as Connecio. [...]

CrowdStrike 2024年07月24日 452 觀看次數

Cybercriminals Exploit CrowdStrike Outage Chaos

Cybercriminals are leveraging the ongoing mass global IT outage to launch phishing campaigns, according to reports. [...]

CrowdStrike 2024年07月23日 438 觀看次數

Threat Actor Uses Fake CrowdStrike Recovery Manual to Deliver Unidentified Stealer

On July 22, 2024, CrowdStrike Intelligence identified a Word document containing macros that download an unidentified stealer now tracked as Daolpu. The document impersonates a Microsoft recovery manual.1 Initial analysis suggests the activity is likely criminal. [...]

CrowdStrike 2024年07月23日 471 觀看次數

Fake CrowdStrike fixes target companies with malware, data wipers

Threat actors are exploiting the massive business disruption from CrowdStrike's glitchy update on Friday to target companies with data wipers and remote access tools.

Bleeping Computer 2024年07月22日 612 觀看次數

Falcon Sensor Content Issue from July 19, 2024, Likely Used to Target CrowdStrike Customers

On July 19, 2024, an issue present in a single content update for the CrowdStrike Falcon® sensor impacting Windows operating systems was identified, and a fix was deployed.

CrowdStrike 2024年07月22日 460 觀看次數