Few Zoom hacks selling in the black market right now

There are a few Zoom hacks selling in the black market right now. That means the hacker can buy the hacks and hack people directly and spy on camera (not just when you are using Zoom), monitor the target computer or even stealing passwords from victims. Related news:https://threatpost.com/alleged-zoom-zero-days-for-window…/…/ #StormEye#Zoom#Hack About cybersecurity service:http://stormeye.io/cybersecurity-service/

Cybersecurity warning and initial review of undisclosed critical Microsoft Windows vulnerability CVE-2020-0796 11 March 2020 Details

Details  Microsoft has recently (10 March 2020) leaked the information of the upcoming SMBv3 patch. The CVE tracking is CVE-2020-0796. We observed that the vulnerability is in SMB3.1.1, which affects only Windows 10 and Windows Server 2016 or maybe other newer versions. The affected list should be related to the link https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200005. #microsoft #windows #Cybersecurity…

Cybersecurity Alert Undisclosed critical Microsoft Windows vulnerability CVE-2020-0796 11 March 2020

Executive Summary Microsoft has recently (10 March 2020) leaked the information of the upcoming patch, which affects only Windows 10 and Windows Server 2016 or maybe other newer versions. This vulnerability affects Windows 10 and potential Windows Server 2016 and Windows Server 2019. It allows malicious users or hackers to enter the vulnerable servers and…

Investigation of fake “secret investment” Facebook advertisements

StormEye carried out an investigation into the case a stolen identity of Mr. Alan Tam, a Hong Kong celebrity, whose name has been used to promote in fake “secret investment” Facebook advertisements. This investigation gives in-depth technical analysis and provides an understanding of how maladvertising campaign run behind the scene. Using multiple angles and methodologies,…

Stormeye 資安週報 (5/5/2019 ~ 11/5/2019)

以色列Israel Defense Forces (IDF) 發射導彈炸毀黑客建築物以色列政府的軍方部隊 Israel Defense Forces (IDF) 日前發射導彈炸毀有指是哈馬斯黑客份子 (Hamas cyber operatives)基地的建築物,並宣稱成功停止黑客入侵及瓦解該黑客組織。此事有指為世界第一個開打網路戰的第一彈,但同時被質疑軍方消息是否可靠及是否確定黑客份子正處於該建築物而非使用被入侵並用作跳板的受害者電腦。 WordPress 插件 WPGraphQL 發現有嚴重漏洞受影響軟件: WPGraphQL, WordPress plugin受影響版本: 0.2.3WordPress 插件 WPGraphQL 被發現有不需要經過授權能執行管理員指令,可導致黑客全權接管網站,建議馬上更新插件到最新版並檢查網站日誌和可疑行為。 WordPress 正式發佈 5.2 版本 加強安全性及自動更新新版本Wordpress 正式發佈,此版本將加上自動更新功能,為Wordpress網站自動更新到最新版本以防止有任何因為未更新Wordpress而帶來的危機。為保障此自動更新功能的可靠性,Wordpress官方亦加上加密功能去確保更新伺服器回傳的檔案並未有被修改。同時官方亦簡介一下在5.3或5.4版本中會加入插件自動更新功能及Code signing,以確保插件安全。 Biance 幣安 再次被駭 盜走7,000枚比特幣(Bitcoin)相關交易資料: https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05eaBiance 幣安 宣佈 8May2019 發現一起黑客入侵,黑客疑似在入侵前已獲取了大量使用者的API密鑰及個人資料,同時亦能繞過雙重認證檢查,估計是一起帶針對性的釣魚攻擊。事件中有7,000 枚比特幣(Bitcoin)被盜並被分散到40 個不同的電子錢包,相信受害者亦無法取回金額。 #IDF #Israel #以色列 #WPGraphQL #wordpress #bitcoin