相關新聞 | HKCERT

Google Chrome to warn when installed extensions are malware

Google is testing a new feature in the Chrome browser that will warn users when an installed extension has been removed from the Chrome Web Store, usually indicative of it being malware. [...]

Bleepingcomputer 2023年08月21日 518 觀看次數

WinRAR Flaw Lets Hackers Run Programs When You Open RAR Archives

A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.

Cyware News 2023年08月19日 683 觀看次數

Microsoft AI suggests food bank as a “cannot miss” tourist spot in Canada

AI-penned Microsoft Travel article recommends food bank as a must-see destination. [...]

Ars Technica 2023年08月18日 470 觀看次數

Microsoft PowerShell Gallery vulnerable to spoofing, supply chain attacks

Lax policies for package naming on Microsoft's PowerShell Gallery code repository allow threat actors to perform typosquatting attacks, spoof popular packages and potentially lay the ground for massive supply chain attacks. [...]

Bleepingcomputer 2023年08月18日 598 觀看次數

Phishing campaign steals accounts for Zimbra email servers worlwide

An ongoing phishing campaign has been underway since at least April 2023 that attempts to steal credentials for Zimbra Collaboration email servers worldwide. [...]

Bleepingcomputer 2023年08月18日 931 觀看次數

Cybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts Warn

Threat actors' use of Cloudflare R2 to host phishing pages has witnessed a 61-fold increase over the past six months.

The Hacker News 2023年08月16日 763 觀看次數

Ivanti Avalanche impacted by critical pre-auth stack buffer overflows

Two stack-based buffer overflows collectively tracked as CVE-2023-32560 impact Ivanti Avalanche, an enterprise mobility management (EMM) solution designed to manage, monitor, and secure a wide range of mobile devices.

Bleeping Computer 2023年08月16日 522 觀看次數

LinkedIn accounts hacked in widespread hijacking campaign

LinkedIn is being targeted in a wave of account hacks resulting in many accounts being locked out for security reasons or ultimately hijacked by attackers.

Bleepingcomputer 2023年08月16日 584 觀看次數

New CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices

Mandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller (ADC) or NetScaler Gateway Appliance was compromised in widespread attacks exploiting the CVE-2023-3519 vulnerability.

Bleeping Computer 2023年08月16日 511 觀看次數

FBI warns of increasing cryptocurrency recovery scams

The FBI is warning of an increase in scammers pretending to be recovery companies that can help victims of cryptocurrency investment scams recover lost assets. [...]

Bleepingcomputer 2023年08月15日 863 觀看次數