'Payroll pirate' hackers diverting salary payments from university employees, Microsoft says 网络犯罪分子通过钓鱼邮件入侵Workday等第三方平台，试图转移员工薪水至自己的账户。自2025年3月以来，已成功入侵11个账户并发送近6000封钓鱼邮件。攻击者利用恶意链接窃取多因素认证码，并删除警告邮件以掩盖行踪。此类攻击属于商业电邮诈骗（BEC），过去几年已造成数亿美元损失。... 2025-10-9 17:31:6 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media phishing workday microsoft classroom

Renewal of cyber information-sharing law must mind the gap, senator says 美国参议员Gary Peters提出法案延长《网络安全信息共享法》十年，并包含追溯条款保护企业免受法律追究。法案旨在确保持续获取实时威胁信息以应对网络攻击，同时缓解行业对法律不确定性的担忧。... 2025-10-9 17:1:3 | 阅读: 15 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media peters security senate bill

Discord says 70,000 users had government IDs exposed in third-party breach 社交平台Discord约7万名用户的政府ID被盗，原因是第三方客服提供商遭攻击；公司称数据泄露规模被夸大，并已联系受影响用户并采取措施应对。... 2025-10-9 16:30:59 | 阅读: 7 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media claims cloud exchanged

California enacts law giving consumers ability to universally opt out of data sharing 加利福尼亚州长签署新法,要求浏览器简化用户选择退出第三方数据销售的流程,并新增多项数据隐私保护措施。... 2025-10-8 21:0:59 | 阅读: 10 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media bill california wednesday newsom

Major US law firm says hackers broke into attorneys’ emails accounts 一家美国律师事务所遭零日攻击，怀疑是国家支持的黑客所为，可能来自中国。攻击目标为法律界和国家安全信息，FBI正在调查。... 2025-10-8 16:45:56 | 阅读: 8 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media firm connolly williams nation suspected

China-linked hackers target Asian organizations with Nezha monitoring tool Researchers found evidence that suspected China-based actors used a monitoring tool called Nezha du... 2025-10-8 16:15:59 | 阅读: 19 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media nezha huntress minton monitoring victim

Germany will not support 'Chat Control' message scanning in the EU 德国官员表示将投票反对欧盟允许扫描私人消息的提案，认为随机监控违反宪法原则。该提案旨在通过“聊天控制”保护儿童，但引发隐私担忧。Signal基金会警告此举将导致大规模监控。... 2025-10-8 14:16:10 | 阅读: 3 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media hubig remarks proposals measure officials

Russian hackers turn to AI as old tactics fail, Ukrainian CERT says 俄罗斯黑客在针对乌克兰的网络攻击中不断采用人工智能和新战术。自2022年入侵以来，攻击数量上升但高影响事件减少。黑客利用AI生成恶意软件，并转向短期、快速的攻击模式。同时，他们利用零点击漏洞和协同导弹攻击以增强破坏力。... 2025-10-8 14:1:5 | 阅读: 10 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media ukraine russia attackers

Russia is at ‘hybrid war’ with Europe, warns EU chief, calling for members ‘to take it very seriously’ 俄罗斯对欧洲实施网络攻击、破坏和挑衅行为，构成混合战争威胁。冯德莱恩指出这些行为有计划且不断升级，要求欧洲加强应对能力。... 2025-10-8 13:16:0 | 阅读: 12 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media european russia von leyen drones

Cybercrime crew claims attack on Japanese brewer as it restarts operations 俄语勒索软件团伙Qilin声称对日本饮料巨头朝日啤酒的网络攻击负责，导致其运营中断数日，生产暂停并推迟产品发布。黑客窃取了财务记录、员工数据等，并在泄密网站上发布截图。该团伙以勒索软件即服务模式运营，曾多次攻击医院、政府机构等目标。... 2025-10-8 12:31:5 | 阅读: 18 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media asahi ransomware qilin forcing beverage

Teenagers arrested in England over cyberattack on nursery chain Kido 两名17岁男孩因涉嫌针对英国早教连锁机构Kido的网络攻击和勒索被捕。黑客试图通过发布儿童照片及家长信息勒索比特币，引发网络安全界强烈谴责。警方正在调查此案，并强调将继续追查责任人以维护正义。... 2025-10-8 12:15:56 | 阅读: 30 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media extortion ransomware carers hull

Police searched national network of automatic license plate reading cameras in abortion investigation A Texas woman was tracked via license plate cameras after aborting her pregnancy. Sheriff Adam King claimed the surveillance was due to family safety concerns, but new documents show the investigation began two weeks post-abortion, contradicting his claims. Privacy experts highlight how law enforcement and tech companies can monitor individuals without consent, potentially violating privacy laws.... 2025-10-7 17:15:52 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media flock abortion cameras woman network

Russia blocks mobile internet for foreign SIM cards, citing drone threats 俄罗斯实施新规：外国 SIM 卡用户入境后 24 小时内无法使用移动互联网及短信服务。此举旨在加强通信控制并以反制无人机为由。获得当地 SIM 卡需繁琐流程且面临供应紧张问题。新政策加剧了国内频繁发生的网络中断现象，并对跨境业务及旅行者造成显著影响。... 2025-10-7 14:46:12 | 阅读: 13 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media russia drones ukraine security officials

Discord says sensitive info stolen during cyberattack on customer service provider Discord警告用户称，近期一起针对其第三方客服提供商的网络攻击泄露了部分用户的敏感信息。受影响用户包括曾与Discord客服或安全团队沟通的人士。泄露数据包括姓名、用户名、邮箱、IP地址、聊天记录及部分用户的政府ID图像等。Discord已采取措施应对，并联系相关数据保护机构进行调查和修复。... 2025-10-7 12:46:0 | 阅读: 18 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media engaging stole ticketing digits

Jaguar Land Rover to restart production following cyberattack 捷豹路虎在遭受网络攻击导致全球停产后逐步恢复生产，并推出融资计划帮助供应商缓解资金困难。英国政府提供贷款支持引发批评，同时强调经济安全威胁及对就业保护的重要性。... 2025-10-7 12:1:6 | 阅读: 21 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media jlr british kyle financing security

Medusa ransomware used during exploitation of GoAnywhere file transfer bug, Microsoft says 网络犯罪分子利用Medusa勒索软件和文件传输工具漏洞攻击多个组织。微软报告指出该漏洞被Storm-1175团伙利用，并导致横向移动和恶意软件部署。CISA已确认并要求修复，Fortra未回应是否被利用，Medusa已影响300多组织。... 2025-10-6 20:45:52 | 阅读: 18 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media fortra medusa ransomware exploited

FBI, UK Gov’t urge orgs to patch Oracle E-Business vuln after alleged Clop campaign 文章描述了Oracle发布安全警报，警告一个被广泛利用的高危漏洞CVE-2025-61882影响其E-Business Suite系统。该漏洞评分为9.8分，可远程无凭证利用。FBI助理局长强调需立即修复，并指出暴露在互联网上的系统风险极高。英国和新加坡也发布类似警告。CISA要求联邦机构于10月28日前完成修复。同时，犯罪团伙Clop正利用此漏洞进行勒索攻击。... 2025-10-6 19:1:4 | 阅读: 19 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media exploited security 61882

New malware leverages WhatsApp to target Brazilian government and businesses 黑客利用WhatsApp平台传播恶意软件Sorvepotel，在巴西针对Windows电脑发起攻击。该恶意软件通过伪装成合法文档的钓鱼信息传播，并能劫持WhatsApp Web会话向所有联系人发送感染文件。其主要目标是分发更多恶意软件以窃取银行信息等敏感数据。... 2025-10-6 17:15:52 | 阅读: 10 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media brazil sorvepotel ukraine phishing spreading

Signal calls on Germany to vote against ‘Chat Control,’ saying it would leave EU market Signal因拒绝遵守欧盟"聊天控制"法规而退出市场。该法规要求扫描所有消息和文件以防止滥用内容。Signal认为这会破坏隐私和国家安全。... 2025-10-6 15:30:54 | 阅读: 8 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media whittaker officials reporter friday

Suspected Chinese cyber spies targeted Serbian aviation agency 一项疑似中国关联的网络间谍活动针对塞尔维亚航空管理部门及其他欧洲机构展开，通过钓鱼邮件引导受害者访问伪造的Cloudflare页面并投放恶意软件Sogu、PlugX和Korplug。这些工具常与中国的国家支持黑客有关。... 2025-10-6 14:31:11 | 阅读: 5 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media plugx european strikeready espionage serbian