相關新聞 | HKCERT

We're not Meta support: State AGs tell Zuck to fix rampant account takeover problem

'We refuse to operate as customer service representatives' A group of 41 US state attorneys general, tired of serving as a customer complaint clearinghouse for Facebook and Instagram users, have sent a letter to Meta asking it to figure out how to reduce a "dramatic...

The Register 2024年03月08日 182 觀看次數

Windows 10 KB5001716 update fails with 0x80070643 errors, how to fix

Microsoft is pushing out a Windows 10 KB5001716 update used to improve Windows Update that is ironically failing to install, showing 0x80070643 errors. [...]

Bleepingcomputer 2024年03月08日 153 觀看次數

Hacked WordPress sites use visitors' browsers to hack other sites

Hackers are conducting widescale attacks on WordPress sites to inject scripts that force visitors' browsers to bruteforce passwords for other sites.

Bleeping Computer 2024年03月07日 159 觀看次數

VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion

VMware released security updates to fix critical sandbox escape vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation products, allowing attackers to escape virtual machines and access the host operating system.

Bleeping Computer 2024年03月07日 150 觀看次數

Apple fixes two new iOS zero-days exploited in attacks on iPhones

Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. [...]

Bleepingcomputer 2024年03月06日 155 觀看次數

American Express admits card data exposed and blames third party

Don't leave home without … IT security A security failure at a third-party vendor exposed an untold number of American Express card numbers, expiry dates, and other data to persons unknown.…

The Register 2024年03月05日 158 觀看次數

Hackers steal Windows NTLM authentication hashes in phishing attacks

The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager (NTLM) authentication hashes to perform account hijacks. [...]

Bleepingcomputer 2024年03月05日 150 觀看次數

CISA warns of Microsoft Streaming bug exploited in malware attacks

CISA ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their Windows systems against a high-severity vulnerability in the Microsoft Streaming Service (MSKSSRV.SYS) that's actively exploited in attacks. [...]

Bleepingcomputer 2024年03月02日 154 觀看次數

Researchers Found a Zero-Click Facebook Account Takeover

The critical vulnerability in Facebook's password reset process involved a rate-limiting issue in a specific endpoint, which could be exploited to brute-force a nonce and gain access to a user's account.

Cyware News 2024年03月02日 105 觀看次數

Taiwan's Biggest Telco Breached by Suspected Chinese Hackers

Stolen data from Chunghwa Telecom — including government-related details — are up for sale on the Dark Web, the Taiwanese defense ministry confirms.

Dark Reading 2024年03月02日 166 觀看次數