Aggregator

星光璀璨,可会再明?我用三星的这些年

不安全
2 days 2 hours ago
文章讲述了作者从 iPhone 转投三星阵营的经历,回顾了 S10e、S20 等机型的使用体验,并表达了对三星手机曾经辉煌的怀念与近年来产品力下滑的感慨。尽管对 Galaxy 的未来持悲观态度,但作者仍对其设计与功能保持一定热爱。

Signed Drivers Fueling Kernel Attacks: 620+ Malicious Drivers & 80+ Compromised Certs Target Windows

Penetration Testing Tools - Metepreter.org
2 days 2 hours ago

Malicious actors are increasingly leveraging digitally signed drivers to carry out stealthy attacks on the Windows kernel, circumventing standard security mechanisms and enhancing their ability to remain undetected. Despite the presence of safeguards such...

The post Signed Drivers Fueling Kernel Attacks: 620+ Malicious Drivers & 80+ Compromised Certs Target Windows appeared first on Penetration Testing Tools.

ddos

Ransomware War Ignites: DragonForce & RansomHub Clash Threatens Businesses with Re-Extortion

Penetration Testing Tools - Metepreter.org
2 days 2 hours ago

The hacker collective known as DragonForce, responsible for a series of high-profile cyberattacks targeting British retail giants such as Marks & Spencer, Harrods, and Co-Op, has now ignited an all-out confrontation with the rival...

The post Ransomware War Ignites: DragonForce & RansomHub Clash Threatens Businesses with Re-Extortion appeared first on Penetration Testing Tools.

ddos

比特币 ATM 上市公司迟报数据泄露,超 2.6 万人敏感信息遭窃

HackerNews
2 days 2 hours ago
HackerNews 编译,转载请注明出处: 比特币ATM上市公司Bitcoin Depot近日向数千名用户发出通知,其敏感数据(含驾照号码)可能已遭窃取。该泄露事件发生于一年前,但受害者直至近期才收到通知函。 自2025年7月8日起,26,732名消费者将陆续收到Bitcoin Depot关于此次数据泄露的函件。根据向缅因州总检察长办公室提交的文件,入侵事件实际发生于2024年6月23日。公司解释称,联邦执法部门要求其等待调查完成后再向受影响用户发送通知。近一年后的2025年6月13日,当局最终批准通知程序。 在致受影响用户的声明中,Bitcoin Depot表示:“公司监测到信息系统异常活动后立即启动调查,并聘请第三方事件响应专家协助评估未授权行为的范围”。入侵者获取了部分客户文件中的个人信息,包括姓名、电话号码、驾照号码,部分案例还涉及物理地址、出生日期及电子邮箱。 Bitcoin Depot对事件表示歉意,并强调高度重视数据安全,已采取“强化安全措施与监控、提升全员数据保护意识”等手段防止事件重演。公司同时建议用户监控金融账户流水与信用报告,警惕可疑交易。 Bitcoin Depot作为市值约3.8亿美元的上市公司,运营着数千台比特币ATM及实体兑换站点。       消息来源:cybernews; 本文由 HackerNews.cc 翻译整理,封面来源于网络; 转载请注明“转自 HackerNews.cc”并附上原文
hackernews

AI Coding Assistants Under Attack: “Slopsquatting” Malware Exploits AI Hallucinations for Supply Chain Compromise

Penetration Testing Tools - Metepreter.org
2 days 2 hours ago

A new threat has emerged in the realm of AI-assisted programming, known as “slopsquatting.” This attack has become particularly dangerous amid the surging popularity of AI coding assistants like Claude Code CLI, OpenAI Codex...

The post AI Coding Assistants Under Attack: “Slopsquatting” Malware Exploits AI Hallucinations for Supply Chain Compromise appeared first on Penetration Testing Tools.

ddos

Shellter Tool Abused by Hackers: Developers Slam Elastic for “Negligent” Disclosure

Penetration Testing Tools - Metepreter.org
2 days 2 hours ago

The development team behind the Shellter tool—a utility designed to evade antivirus and EDR detection—has confirmed that their product has fallen into the hands of malicious actors. At the same time, they have accused...

The post Shellter Tool Abused by Hackers: Developers Slam Elastic for “Negligent” Disclosure appeared first on Penetration Testing Tools.

ddos

Brazil Bank Heist: Insider Bribery Leads to $140M Theft from 6 Banks Via C&M Fintech Firm

Penetration Testing Tools - Metepreter.org
2 days 2 hours ago

Hackers have stolen nearly $140 million from six Brazilian banks by exploiting the credentials of an employee at C&M, a company responsible for maintaining financial connectivity between commercial banks and the Central Bank of...

The post Brazil Bank Heist: Insider Bribery Leads to $140M Theft from 6 Banks Via C&M Fintech Firm appeared first on Penetration Testing Tools.

ddos

SEO Poisoning Campaign Targets IT Pros: Fake PuTTY & WinSCP Sites Deliver “Oyster” Backdoor

Penetration Testing Tools - Metepreter.org
2 days 3 hours ago

Cybersecurity experts at Arctic Wolf have identified a fresh wave of attacks employing SEO poisoning techniques, aimed at distributing a well-known malware loader called Oyster—also referred to as Broomstick or CleanUpLoader. Threat actors are...

The post SEO Poisoning Campaign Targets IT Pros: Fake PuTTY & WinSCP Sites Deliver “Oyster” Backdoor appeared first on Penetration Testing Tools.

ddos

Anatsa 银行木马卷土重来,锁定北美银行客户

HackerNews
2 days 3 hours ago
HackerNews 编译,转载请注明出处: 网络安全研究人员确认,长期活跃的Android银行木马Anatsa近期针对北美金融机构和银行应用用户发起新攻击。荷兰网络安全公司ThreatFabric追踪显示,这至少是该恶意软件第三次瞄准美国与加拿大的移动银行用户。Anatsa具备窃取银行凭证、记录键盘输入及通过远程控制工具在受感染设备上直接实施欺诈交易的能力。 攻击活动通常始于开发者向应用商店上传看似合法的Android应用(如PDF阅读器或手机清理工具),这些应用在积累数万次下载前功能正常。随后通过更新注入恶意代码,将Anatsa作为独立程序安装到设备,并根据攻击目标执行不同恶意操作。本次攻击中,恶意代码潜伏于某款文件阅读器应用,在其发布约六周后(6月24日至30日期间)通过更新推送。该应用下架前在美国Play商店免费工具榜排名前列,累计下载量超5万次。 应用安全公司Cequence首席信息安全官Randolph Barr指出,这种两阶段攻击模式具有典型性:“即使资深用户亦可能疏忽,因初始应用表现正常。”虽然黑客如何推广应用以实现广泛传播尚未明确,且被盗数据具体用途仍不清晰(可能用于勒索攻击或暗网交易),但值得关注的是此次攻击目标清单显著扩展,覆盖了更广泛的美国移动银行应用。 银行木马作为窃取金融信息的常见犯罪工具,常导致未经授权的转账、账户接管及用户重大财产损失。Barr预测未来可能出现更复杂的攻击变种:“包括针对特定银行或地区的AI个性化恶意覆盖界面、安装后实时下载的模块化载荷、通过屏幕覆盖或令牌窃取绕过MFA多因素认证,以及更隐蔽的无障碍服务滥用与会话劫持。” 本月初,ThreatFabric还发现新型Android银行木马Crocodilus正在欧洲、南美及亚洲部分地区扩散。其最新变种能在受害者通讯录插入伪造联系人,使攻击者可伪装成银行客服等可信来源实施诈骗通话,潜在规避欺诈监测系统对陌生号码的警报机制。       消息来源:cybernews; 本文由 HackerNews.cc 翻译整理,封面来源于网络; 转载请注明“转自 HackerNews.cc”并附上原文
hackernews

Urgent Citrix Bleed 2 (CVE-2025-5777, CVSS 9.3) Actively Exploited: MFA Bypass & Session Hijacking Threaten Enterprises

Penetration Testing Tools - Metepreter.org
2 days 3 hours ago

Security researchers have unveiled functional exploits targeting a critical vulnerability in Citrix NetScaler ADC and Gateway devices. Designated CVE-2025-5777, the flaw has been informally dubbed CitrixBleed2 — a pointed reference to the similarly severe...

The post Urgent Citrix Bleed 2 (CVE-2025-5777, CVSS 9.3) Actively Exploited: MFA Bypass & Session Hijacking Threaten Enterprises appeared first on Penetration Testing Tools.

ddos

Linux Boot Flaw (CVE-2016-4484): Secure Boot & Disk Encryption Bypassed, Persistent Malware Possible

Penetration Testing Tools - Metepreter.org
2 days 3 hours ago

Alexander Mogh, a security researcher at ERNW, has uncovered a critical vulnerability in the boot mechanisms of modern Linux distributions, including Ubuntu 25.04 and Fedora 42. Despite full disk encryption, Secure Boot, and password-protected...

The post Linux Boot Flaw (CVE-2016-4484): Secure Boot & Disk Encryption Bypassed, Persistent Malware Possible appeared first on Penetration Testing Tools.

ddos

伊朗勒索组织加码悬赏:袭击美以目标奖金翻倍

HackerNews
2 days 3 hours ago
HackerNews 编译,转载请注明出处: 网络安全研究人员指出,伊朗勒索软件团伙Pay2Key.I2P在中东紧张局势升级之际扩大行动规模,承诺向针对以色列和美国的网络攻击参与者提供更高比例的分成。该组织被认为是原Pay2Key行动的后继者,而Pay2Key已被证实与伊朗国家支持的“狐狸猫”(Fox Kitten)黑客组织有关联——该组织曾实施针对以色列和美国机构的网络间谍活动。 网络安全公司Morphisec最新报告显示,Pay2Key.I2P采用勒索软件即服务(RaaS)模式运营,宣称过去四个月已获取超过400万美元赎金。自今年6月以来,该组织将对伊朗敌对国实施攻击的附属团伙分成比例从70%提升至80%。该组织在暗网论坛发布的声明中宣称:“我们的伊朗兄弟正遭受军事侵略,我们愿为任何攻击伊朗敌人者提供最优厚分成比例。” Morphisec分析认为该组织兼具牟利与意识形态动机,目前正试图在俄语黑客论坛招募成员。研究显示Pay2Key.I2P与Mimic勒索软件运营商存在合作,而Mimic使用了已解散的Conti团伙泄露的代码——Conti曾因公开支持俄罗斯入侵乌克兰导致其工具代码被公开。 尽管Pay2Key.I2P宣称截至6月下旬其附属团伙已成功实施50余次攻击,但具体针对以色列和美国机构的攻击数量尚不明确。此次行动正值美国官员警告伊朗可能发动报复性网络攻击之际。去年美国情报机构曾指出,德黑兰当局正协调勒索软件团伙针对美国、以色列、阿塞拜疆和阿联酋的实体实施攻击,并明确将“狐狸猫”列为关键威胁行为者。       消息来源:therecord; 本文由 HackerNews.cc 翻译整理,封面来源于网络; 转载请注明“转自 HackerNews.cc”并附上原文
hackernews

Managed ad