相關新聞 | HKCERT

PixPirate Android malware uses new tactic to hide on phones

The latest version of the PixPirate banking trojan for Android employs a new method to hide on phones while remaining active, even if its dropper app has been removed.

Bleeping Computer 2024年03月14日 124 觀看次數

Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs

Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws. [...]

Bleepingcomputer 2024年03月13日 142 觀看次數

Microsoft says Windows 10 21H2 support is ending in June

Microsoft announced today that it would end support for Windows 10 21H2 in June when the Enterprise and Education editions reach the end of service. [...]

Bleepingcomputer 2024年03月12日 143 觀看次數

Researchers expose Microsoft SCCM misconfigs usable in cyberattacks

Security researchers have created a knowledge base repository for attack and defense techniques based on improperly setting up Microsoft's Configuration Manager, which could allow an attacker to execute payloads or become a domain controller. [...]

Bleepingcomputer 2024年03月12日 137 觀看次數

Fake Leather wallet app on Apple App Store is a crypto drainer

The developers of the Leather cryptocurrency wallet are warning of a fake app on the Apple App Store, with users reporting it is a wallet drainer that stole their digital assets. [...]

Bleepingcomputer 2024年03月11日 109 觀看次數

Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability

Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-...

The Hacker News 2024年03月11日 145 觀看次數

Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware

Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. [...]

Bleepingcomputer 2024年03月10日 128 觀看次數

Canva Warns of Three Security Vulnerabilities in Fonts

The first, CVE-2023-45139, involved a high-severity bug in the FontTools library. The second and third vulnerabilities, CVE-2024-25081 and CVE-2024-25082, were related to naming conventions and compression.

Cyware News 2024年03月09日 105 觀看次數

AnyCubic fixes exploited 3D printer zero day flaw with new firmware

AnyCubic has released new Kobra 2 firmware to fix a zero-day vulnerability exploited last month to print security warnings on 3D printers worldwide. [...]

Bleepingcomputer 2024年03月08日 172 觀看次數

Switzerland: Play ransomware leaked 65,000 government documents

The National Cyber Security Centre (NCSC) of Switzerland has released a report on its analysis of a data breach following a ransomware attack on Xplain, disclosing that the incident impacted thousands of sensitive Federal government files. [...]

Bleepingcomputer 2024年03月08日 150 觀看次數