IT 新聞


New PetitPotam attack allows take over of Windows domains

A new NTLM relay attack called PetitPotam has been discovered that allows threat actors to take over a domain controller, and thus an entire Windows domain.

Fake Windows 11 installers now used to infect you with malware

Scammers are already taking advantage of the hype surrounding Microsoft's next Windows release to push fake Windows 11 installers riddled with malware, adware, and other malicious tools.

MacOS malware steals Telegram accounts, Google Chrome data

Security researchers have published details about the method used by a strain of macOS malware to steal login information from multiple apps, enabling its operators to steal accounts.

The Week in Ransomware - July 23rd 2021 - Kaseya decrypted

This week has quite a bit of news ranging from the USA formally accusing China of the recent ProxyLogon vulnerability and Kaseya mysteriously obtaining the universal decryption key.

Apple fixes bug that breaks iPhone WiFi when joining rogue hotspots

Apple has rolled out iOS 14.7 earlier this week with security updates to address dozens of iOS and macOS vulnerabilities, including a severe iOS bug dubbed WiFiDemon that could lead to denial of service or arbitrary code execution.

Microsoft backtracks on Windows 11 using dark mode by default

During the Inspire event, Microsoft announced that it would ship commercial Windows 11 SKUs in dark mode by default to support remote work. A week later, the company is backtracking on this decision.

Attackers deploy cryptominers on Kubernetes clusters via Argo Workflows

Threat actors are abusing misconfigured Argo Workflows instances to deploy cryptocurrency miners on Kubernetes (K8s) clusters.

Twitter reveals surprisingly low two-factor auth (2FA) adoption rate

Twitter has revealed in its latest transparency report that only 2.3% of all active accounts have enabled at least one method of two-factor authentication (2FA) between July and December 2020.

Major news sites serve porn after vid.me domain takeover

Major news sites including The Washington Post, New York Magazine, and HuffPost, saw their stories now displaying porn videos instead of the once-embedded intended ones. The fiasco happened as prominent websites relied on the now-defunct domain vid.me to embed streaming videos in their articles.

Windows 11 update improves taskbar, Microsoft Store and more

Microsoft has released a new build 22000.100 to Windows 11 Insiders in the Dev channel of the Windows Insider program.

分享此頁面