相關新聞 | HKCERT

TikTok fixes zero-day bug used to hijack high-profile accounts

Over the past week, attackers have hijacked high-profile TikTok accounts belonging to multiple companies and celebrities, exploiting a zero-day vulnerability in the social media's direct messages feature. [...]

Bleepingcomputer 2024年06月05日 621 觀看次數

361 million stolen accounts leaked on Telegram added to HIBP

A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check if their accounts have been compromised.

Bleeping Computer 2024年06月04日 1085 觀看次數

Microsoft India’s X account hijacked in Roaring Kitty crypto scam

The official Microsoft India account on Twitter, with over 211,000 followers, was hijacked by cryptocurrency scammers to impersonate Roaring Kitty, the handle used by notorious meme stock trader Keith Gill.

Bleeping Computer 2024年06月04日 568 觀看次數

AI platform Hugging Face says hackers stole auth tokens from Spaces

AI platform Hugging Face says that its Spaces platform was breached, allowing hackers to access authentication secrets for its members. [...]

Bleepingcomputer 2024年06月03日 462 觀看次數

Google Chrome change that weakens ad blockers begins June 3rd

Google is continuing with its plan to phase out Manifest V2 extensions in Chrome starting in early June 2024, weakening the abilities of ad blockers. [...]

Bleepingcomputer 2024年06月01日 390 觀看次數

Kaspersky releases free tool that scans Linux for known threats

Kaspersky has released a new virus removal tool named KVRT for the Linux platform, allowing users to scan their systems and remove malware and other known threats for free. [...]

Bleepingcomputer 2024年06月01日 354 觀看次數

Pirated Microsoft Office delivers malware cocktail on systems

Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites. [...]

Bleepingcomputer 2024年05月31日 605 觀看次數

Cybercriminals Abuse StackOverflow to Promote Malicious Python Package

Cybersecurity researchers have warned of a new malicious Python package that has been discovered in the Python Package Index (PyPI) repository to facilitate cryptocurrency theft as part of a broader campaign. [...]

The Hacker News 2024年05月30日 517 觀看次數

US dismantles 911 S5 botnet used for cyberattacks, arrests admin

The U.S. Justice Department and international partners dismantled the 911 S5 proxy botnet and arrested 35-year-old Chinese national YunHe Wang, its administrator, in Singapore. [...]

Bleepingcomputer 2024年05月30日 462 觀看次數

Exploit released for maximum severity Fortinet RCE bug, patch now

Security researchers have released a proof-of-concept (PoC) exploit for a maximum-severity vulnerability in Fortinet's security information and event management (SIEM) solution, which was patched in February.

Bleeping Computer 2024年05月29日 580 觀看次數