相關新聞 | HKCERT

MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature

A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to remotely commandeer the devices and perform financial fraud.

Dark Reading 2023年08月31日 4 觀看次數

WordPress migration add-on flaw could lead to data breaches

All-in-One WP Migration, a popular data migration plugin for WordPress sites that has 5 million active installations, suffers from unauthenticated access token manipulation that could allow attackers to access sensitive site information. [...]

Bleepingcomputer 2023年08月31日 112 觀看次數

6 Ways AI Can Revolutionize Digital Forensics

Artificial intelligence tools can automate the analysis of logs, video, and other important but tedious aspects of investigations.

Dark Reading 2023年08月30日 127 觀看次數

Apple security boss faces iPads-for-gun-permits bribery charge... again

'We will continue fighting this case' global chief's lawyer tells us An appeals court has reversed a 2021 decision to drop a bribery charge against Apple's head of global security, who is accused of donating iPads worth up to $80,...

The Register 2023年08月30日 118 觀看次數

DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates

"The current spike in DarkGate malware activity is plausible given the fact that the developer of the malware has recently started to rent out the malware to a limited number of affiliates," Telekom Security said in a report published last week.

Cyware News 2023年08月30日 0 觀看次數

How the FBI nuked Qakbot malware from infected Windows PCs

The FBI announced today the disruption of the Qakbot botnet in an international law enforcement operation that not only seized infrastructure but also uninstalled the malware from infected devices. [...]

Bleepingcomputer 2023年08月30日 112 觀看次數

Attacks on Citrix NetScaler systems linked to ransomware actor

A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks.

Bleeping Computer 2023年08月29日 111 觀看次數

Exploit released for Juniper firewall bugs allowing RCE attacks

Proof-of-concept exploit code has been publicly released for vulnerabilities in Juniper SRX firewalls that, when chained, can allow unauthenticated attackers to gain remote code execution in Juniper's JunOS on unpatched devices.

Bleeping Computer 2023年08月29日 154 觀看次數

Google debuts Duet AI to tackle new cybersecurity challenges in the cloud

The use of AI in modern defense has dominated the Google Next security discussion. The tech giant has introduced new solutions capitalizing on AI to fend off cyberattackers.

ZDnet 2023年08月29日 0 觀看次數

Hackers exploit critical Juniper RCE bug chain after PoC release

Hackers have started using a critical exploit chain to target Juniper EX switches and SRX firewalls via their Internet-exposed J-Web configuration interface. [...]

Bleepingcomputer 2023年08月29日 0 觀看次數