相關新聞 | HKCERT

LockBit ransomware returns to attacks with new encryptors, servers

The LockBit ransomware gang is once again conducting attacks, using updated encryptors with ransom notes linking to new servers after last week's law enforcement disruption. [...]

Bleepingcomputer 2024年02月29日 131 觀看次數

Malicious AI models on Hugging Face backdoor users’ machines

At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor. [...]

Bleepingcomputer 2024年02月29日 138 觀看次數

Black Basta, Bl00dy ransomware gangs join ScreenConnect attacks

The Black Basta and Bl00dy ransomware gangs have joined widespread attacks targeting ScreenConnect servers unpatched against a maximum severity authentication bypass vulnerability.

Bleeping Computer 2024年02月28日 131 觀看次數

New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks

Cybersecurity researchers have found that it's possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks.

The Hacker News 2024年02月28日 178 觀看次數

8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation

More than 8,000 domains and 13,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization. Guardio Labs is tracking the coordinated malicious activity, which has been ongoing since at least...

The Hacker News 2024年02月26日 174 觀看次數

LockBit ransomware returns, restores servers after police disruption

The LockBit gang is relaunching its ransomware operation on a new infrastructure less than a week after law enforcement hacked their servers, and is threatening to focus more of their attacks on the government sector. [...]

Bleepingcomputer 2024年02月26日 158 觀看次數

North Korean Hackers Targeting Developers with Malicious npm Packages

A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings from Phylum show. The packages are named execution-time-async, data-time-utils, login...

The Hacker News 2024年02月26日 153 觀看次數

Ransomware associated with LockBit still spreading 2 days after server takedown

Two days after an international team of authorities struck a major blow at LockBit, one of the Internet’s most prolific ransomware syndicates, researchers have detected a new round of attacks that are installing malware associated with the group. [...]

Ars Technica 2024年02月23日 170 觀看次數

ScreenConnect critical bug now under attack as exploit code emerges

Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software.

Bleeping Computer 2024年02月22日 165 觀看次數

VMware urges admins to remove deprecated, vulnerable auth plug-in

VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left unpatched.

Bleeping Computer 2024年02月22日 150 觀看次數