相關新聞
Chinese botnet infects 260,000 SOHO routers, IP cameras with malware
The FBI and cybersecurity researchers have disrupted a massive Chinese botnet called "Raptor Train" that infected over 260,000 networking devices to target critical infrastructure in the US and in other countries. [...]
Bleepingcomputer
2024年09月19日 55 觀看次數
Hackers Target Selenium Grid Servers for Proxyjacking and Cryptomining Attacks
Threat actors are infecting publicly exposed Selenium Grid servers to utilize victims' internet bandwidth for cryptomining, proxyjacking, and potentially more harmful activities.
Cyware News
2024年09月16日 69 觀看次數
Windows vulnerability abused braille “spaces” in zero-day attacks
A recently fixed "Windows MSHTML spoofing vulnerability" tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group. [...]
Bleepingcomputer
2024年09月16日 73 觀看次數
'Hadooken' Malware Targets Oracle's WebLogic Servers
A threat actor is dropping a cryptominer and distributed denial-of-service (DDoS) malware on Oracle WebLogic Servers using "Hadooken." [...]
Dark Reading
2024年09月13日 110 觀看次數
New Vo1d malware infects 1.3 million Android TV streaming boxes
Threat actors have infected over 1.3 million Android TV streaming boxes with a new Vo1d backdoor malware, allowing the attackers to take full control of the devices. [...]
Bleepingcomputer
2024年09月13日 206 觀看次數
CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub.
Bleeping Computer
2024年09月11日 91 觀看次數
Ivanti fixes maximum severity RCE bug in Endpoint Management software
Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code execution on the core server.
Bleeping Computer
2024年09月11日 88 觀看次數
RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software
The RansomHub ransomware gang has been using TDSSKiller, a legitimate tool from Kaspersky, to disable endpoint detection and response (EDR) services on target systems.
Bleeping Computer
2024年09月11日 63 觀看次數
Cyberattackers Spoof Palo Alto VPNs to Spread WikiLoader Variant
The malware, first discovered two years ago, has returned in campaigns using SEO poisoning.
Dark Reading
2024年09月04日 277 觀看次數
RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors
Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities...
The Hacker News
2024年09月02日 119 觀看次數