相關新聞 | HKCERT

CISA warns orgs to switch to Exchange Online Modern Auth until October

CISA has urged government agencies and private sector organizations using Microsoft's Exchange cloud email platform to expedite the switch from Basic Authentication legacy authentication methods without multifactor authentication (MFA) support to Modern Authentication alternatives.

Bleepingcomputer 2022年06月30日 109 觀看次數

New YTStealer Malware Aims to Hijack Accounts of YouTube Content Creators

Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies.

The Hacker News 2022年06月30日 100 觀看次數

FBI: Stolen PII and deepfakes used to apply for remote tech jobs

The Federal Bureau of Investigation (FBI) warns of increasing complaints that cybercriminals are using Americans' stolen Personally Identifiable Information (PII) and deepfakes to apply for remote work positions. [...]

Bleepingcomputer 2022年06月29日 101 觀看次數

Microsoft 365 now prevents data leaks with new session timeouts

Microsoft announced today the general availability of tenant-wide idle session timeout for Microsoft 365 web apps to protect confidential data on shared or non-company devices left unattended. [...]

Bleepingcomputer 2022年06月29日 103 觀看次數

Italy Data Protection Authority Warns Websites Against Use of Google Analytics

Following the footsteps of Austria and France, the Italian Data Protection Authority has become the latest regulator to find the use of Google Analytics to be non-compliant with E.U. data protection regulations.

The Hacker News 2022年06月28日 112 觀看次數

Microsoft will fix Windows RRAS, VPN issues for all users in July

Microsoft has finally confirmed Internet connectivity issues affecting servers with Routing and Remote Access Service (RRAS) enabled after installing Windows updates released as part of this month's Patch Tuesday.

The Hacker News 2022年06月28日 99 觀看次數

Clever phishing method bypasses MFA using Microsoft WebView2 apps

A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim's authentication cookies, allowing threat actors to bypass multi-factor authentication when logging into stolen accounts. [...]

Bleepingcomputer 2022年06月26日 108 觀看次數

Fake copyright infringement emails install LockBit ransomware

LockBit ransomware affiliates are using an interesting trick to get people into infecting their devices by disguising their malware as copyright claims. [...]

Bleepingcomputer 2022年06月26日 96 觀看次數

Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware

A week after it emerged that a sophisticated mobile spyware dubbed Hermit was used by the government of Kazakhstan within its borders, Google said it has notified Android users of infected devices. Additionally, necessary changes have been implemented in Google Play Protect — Android's...

The Hacker News 2022年06月25日 84 觀看次數

NSA shares tips on securing Windows devices with PowerShell

The National Security Agency (NSA) and cybersecurity partner agencies issued an advisory today recommending system administrators to use PowerShell to prevent and detect malicious activity on Windows machines. [...]

Bleepingcomputer 2022年06月24日 123 觀看次數