相關新聞 | HKCERT

New Spectre v2 attack impacts Linux systems on Intel CPUs

Researchers have demonstrated the "first native Spectre v2 exploit" for a new speculative execution side-channel flaw that impacts Linux systems running on many modern Intel processors. [...]

Bleepingcomputer 2024年04月11日 117 觀看次數

Notepad++ wants your help in "parasite website" shutdown

The Notepad++ project is seeking the public's help in taking down a copycat website that closely impersonates Notepad++ but is not affiliated with the project. There is some concern that it could pose security threats—for example, if it starts...

Bleepingcomputer 2024年04月08日 92 觀看次數

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "...

The Hacker News 2024年04月06日 117 觀看次數

Over 92,000 exposed D-Link NAS devices have a backdoor account

A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models. [...]

Bleepingcomputer 2024年04月06日 85 觀看次數

Hosting firm's VMware ESXi servers hit by new SEXi ransomware

Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups.

Bleeping Computer 2024年04月05日 115 觀看次數

New HTTP/2 DoS attack can crash web servers with a single connection

Newly discovered HTTP/2 protocol vulnerabilities called "CONTINUATION Flood" can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations.

Bleeping Computer 2024年04月05日 84 觀看次數

Parental control app exposes live GPS locations of kids on internet

KidSecurity, a popular parental control app, has leaked sensitive information about children for the second time, this time exposing GPS locations and private messages on minors’ devices.

CyberNews 2024年04月05日 118 觀看次數

Google agrees to delete Chrome browsing data of 136 million users

Google has agreed to delete billions of data records collected from 136 million Chrome users in the United States, as part of a lawsuit settlement regarding alleged undisclosed browser data collection while in Incognito mode. [...]

Bleepingcomputer 2024年04月03日 114 觀看次數

Microsoft warns Gmail blocks some Outlook email as spam, shares fix

Microsoft has confirmed that some Outlook.com users are experiencing issues with emails being blocked and marked as spam when trying to email Gmail accounts. [...]

Bleepingcomputer 2024年04月03日 98 觀看次數

New Chrome feature aims to stop hackers from using stolen cookies

Google announced a new Chrome security feature called 'Device Bound Session Credentials' that ties cookies to a specific device, blocking hackers from stealing and using them to hijack users' accounts. [...]

Bleepingcomputer 2024年04月03日 101 觀看次數