相關新聞
RunC Flaws Enable Container Escapes, Granting Attackers Host Access
Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks.
The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, ...
The Hacker News
2024年02月01日 474 觀看次數
Ivanti warns of new Connect Secure zero-day exploited in attacks
Today, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day bug already under active exploitation. [...]
Bleepingcomputer
2024年01月31日 377 觀看次數
Microsoft Teams phishing pushes DarkGate malware via group chats
New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims' systems.
Bleeping Computer
2024年01月31日 601 觀看次數
Online ransomware decryptor helps recover partially encrypted files
CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption.
Bleeping Computer
2024年01月31日 624 觀看次數
Blackwood hackers hijack WPS Office update to install malware
A previously unknown advanced threat actor tracked as 'Blackwood' is using sophisticated malware called NSPX30 in cyberespionage attacks against companies and individuals.
Bleeping Computer
2024年01月26日 586 觀看次數
Hackers target WordPress database plugin active on 1 million sites
Malicious activity targeting a critical severity flaw in the ‘Better Search Replace’ WordPress plugin has been detected, with researchers observing thousands of attempts in the past 24 hours.
Bleeping Computer
2024年01月26日 470 觀看次數
iPhone apps abuse iOS push notifications to collect user data
Numerous iOS apps are using background processes triggered by push notifications to collect user data about devices, potentially allowing the creation of fingerprinting profiles used for tracking.
Bleeping Computer
2024年01月26日 561 觀看次數
Organizations need to switch gears in their approach to email security
Inbound email incidents primarily took the form of malicious URLs, attacks sent from a compromised account, and malware or ransomware attachments.
HelpNetSecurity
2024年01月26日 411 觀看次數
The dark side of 2023 Cybersecurity: Malware evolution and Cyber threats
In the ever-evolving cybersecurity landscape, 2023 witnessed a dramatic surge in the sophistication of cyber threats and malware. AT&T Cybersecurity Alien Labs reviewed the big events of 2023 and how malware morphed this year to try new ways to breach and wreak havoc.
Bleeping Computer
2024年01月26日 468 觀看次數
Over 5,300 GitLab servers exposed to zero-click account takeover attacks
Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month. [...]
Bleepingcomputer
2024年01月25日 496 觀看次數
