TopSOC Information Security Limited

To address this SonicWall issue, patch and disable the WAN access for management asap.

https://www-bleepingcomputer-com.cdn.ampproject.org/c/s/www.bleepingcomputer.com/news/security/sonicwall-warns-of-critical-access-control-flaw-in-sonicos/amp/

www-bleepingcomputer-com.cdn.ampproject.org

PA VPN users needs to take this into account
https://www.darkreading.com/threat-intelligence/cyberattackers-spoof-palo-alto-vpns-to-spread-wikiloader-variant

Cyberattackers Spoof Palo Alto VPNs to Spread WikiLoader Variant The malware, first discovered two years ago, has returned in campaigns using SEO poisoning.

Forigate user needs to take action ASAP against this 0Day problem.
https://mp.weixin.qq.com/s/zgSpmQ-2I5vIUP_FsBsLDw

mp.weixin.qq.com

CISP 注册信息安全专业人员 為"中国信息安全测评中心"發出的權威認證。現正線上開班。CISP也是香港人才清單資深網絡安全專家其中一認證。

有意請聯絡：
香港： +852 59659228 或WhatsApp 關小姐
澳門：+853 28837877 或 WeChat (topsoceducation)

Send a message to learn more

Online shop companies should check if they are running Magento which is vulnerability for attack.

For online buyer, it seems you are not be able to detect the problem. Therefore, use a smaller amount credit card for online shopping and keep you eyes on your credit card transactions are the ways to reduce the risk.

https://www.malwarebytes.com/blog/news/2024/08/hundreds-of-online-stores-hacked-in-new-campaign

$topsoc

Hundreds of online stores hacked in new campaign | Malwarebytes Whenever you shop online and enter your payment details, you could be at risk of being a victim of fraud. Digital...

Windows server 要盡快落patch啦！
https://tp2rc.tanet.edu.tw/node/902

【漏洞預警】Microsoft Windows作業系統存在高風險安全漏洞(CVE-2024-38063)，請儘速確認並進行修補 [內容說明:] 轉發 國家資安資訊分享與分析中心 NISAC-200-202408-00000033 研究人員發現部分Microsoft作業系統存在遠端執行程式碼 (Remote Code Ex*****on)漏洞(CVE-2024-38063)，未經身分鑑別之遠端攻擊者可藉由重複發送特製IPv6封包觸發漏洞，.....

你的API保護了嗎？ 可以找我們了解。
https://www.wepro180.com/akamai-報告揭示-近三成網絡攻擊以api為目標/?fbclid=IwZXh0bgNhZW0BMAABHamzCOZjoNjyVcL6kACrxs4trhdEDHM1FCKtwKvRs9edQLXq4_g2As1CDA_aem__Z4N98kx2KdUJsKXbfgtwg

Different WAF and how to bypass WAF are explained
https://mp.weixin.qq.com/s/V-fkTyFFKshXSCiaT24Xeg

mp.weixin.qq.com

Another data breach incident
https://cyberpress.org/toyota-data-leak/?amp=1

TOYOTA Allegedly Breach - 240 GB of Data Leaked Online Cyber Press Researchers discovered a significant data leak at Toyota US, followed by a major data breach.

EDR 殺手😱
https://news.sophos.com/en-us/2024/08/14/edr-kill-shifter/?amp=1

Ransomware attackers introduce new EDR killer to their arsenal Sophos discovers the threat actors behind RansomHub ransomware using EDRKillShifter in attacks

HK security incidents. You may be one of the victims.

https://www.hk01.com/%E7%A4%BE%E6%9C%83%E6%96%B0%E8%81%9E/1047634/%E6%A8%82%E6%96%BD%E6%9C%83%E9%81%AD%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5-%E6%B6%89%E6%AF%85%E8%A1%8C%E8%80%85%E7%B3%BB%E7%B5%B1-%E7%A7%81%E9%9A%B1%E7%BD%B2%E6%8E%A5%E9%80%9A%E5%A0%B1%E6%96%9947%E8%90%AC%E4%BA%BA%E5%8F%97%E5%BD%B1%E9%9F%BF?utm_source=01appshare&utm_medium=referral

樂施會遭黑客入侵　涉毅行者系統　私隱署接通報料47萬人受影響 最近不少機構都懷疑出現資料外洩風險。香港樂施會上月公布，發現電腦系統遭網絡攻擊，涉事系統包括樂施毅行者。私隱專員公署今日（14日）表示，已

Another major data leakage incident
https://www.bleepingcomputer.com/news/security/hackers-leak-27-billion-data-records-with-social-security-numbers/

Hackers leak 2.7 billion data records with Social Security numbers Almost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing names, social security numbers, all known physical addresses, and possible aliases.

Patch available and advice to deactivate the Remote Desktop Licensing Service if not needed

https://borncity.com/win/2024/08/09/windows-server-at-risk-from-poc-exploit-for-cve-2024-38077/

Windows Server at risk from PoC exploit for CVE-2024-38077 [German]Another follow-up to the July 2024 patchday, in which Microsoft closed the vulnerability CVE-2024-38077 in the Windows Remote Desktop Licensing (RDL) service of Windows Server. This is a Remote Code Ex*****on (RCE) vulnerability that has been rated with a CVSS 3.1 score of 9.8. Anyone who ha...

This is the potential hacker entry point. Continuous monitoring and detection is necessary to reduce the risk.
———— the extract from the news ————
“The firewall might be not strong enough or not updated, or there might be some loopholes with the software systems,” he said. “It could also be a staff member who accidentally clicked on a phishing email.”

amp-scmp-com.cdn.ampproject.org

今天到香港警察總部交流，原来今年至今網安事故已經多於上年的一倍😱
大家不要掉已輕心

Crowdstrike user must take action now. A temporary fix can be found below:
Cyberstike has given users a potential way to fix their systems.
Boot Windows into Safe Mode or the Windows Recovery Environment (you can do that by holding down the F8 key before the Windows logo flashes on screen)
Navigate to the C:WindowsSystem32driversCrowdstrike directory
Locate the file matching “C-00000291*.sys” file, right click and rename it to “C-00000291*.renamed”
Boot the host normally.
Good luck!

https://www.dailymail.co.uk/news/article-13650443/Australias-Microsoft-outage-Crowdstrike-crisis-LIVE-Minute-minute-updates-bizarre-issue-brings-TV-stations-banks-Qantas-Woolworths-more.html

Australia's Microsoft outage crisis: Minute-by-minute updates Follow Daily Mail Australia's live coverage of the nationwide cyber outage.

More crypto mining malwares when the currency value is getting higher.
https://thehackernews.com/2024/06/8220-gang-exploits-oracle-weblogic.html?m=1

8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining 8220 Gang exploits Oracle WebLogic Server flaws using fileless ex*****on techniques to drop XMRig miner payload.

國家權威 CISP 網絡安全證書課程8月班，有興趣請與我們聯絡。
詳情可瀏覽以下網址：
https://topsoc.com.mo/cisp-2024augustclass/

Hacking will be happened in different industries. Be aware!
https://inews.hket.com/article/3774534/%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%EF%BD%9C%E5%8C%A1%E6%99%BA%E6%9C%83%E5%9C%B0%E5%8D%80%E6%94%AF%E6%8F%B4%E4%B8%AD%E5%BF%83%E6%98%A8%E7%99%BC%E7%8F%BE%E9%81%AD%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5%E3%80%80%E5%8D%B3%E6%99%82%E4%B8%AD%E6%96%B7%E4%BC%BA%E6%9C%8D%E5%99%A8%E9%80%A3%E7%B5%90

黑客入侵｜匡智會地區支援中心昨發現遭黑客入侵　即時中斷伺服器連結 - 香港經濟日報 - 即時新聞頻道 - 科技 匡智殘疾人士地區支援中心於6月11日早上發現，轄下兩間分別位於北區及觀塘西的殘疾人士地區支援中心的伺服器遭黑客入侵，導致系統未能正常運作，部份內部文件被上鎖。該會表示，發現事件後已即時中斷伺服器連結，

Please join us to learn the latest technology on AI and Cloud security

在21世紀，雲端應用逐步增多，相應的雲端安全威脅也愈加嚴峻。本中心聯同資訊系統審計與控制協會（澳門分會）、亞馬遜網路服務公司、雲端安全聯盟和高信資訊安全有限公司合辦“利用人工智能及機器學習提高高階雲端防禦力”研討會，內容是探討人工智能和機器學習在偵測和回應高階雲端威脅及其防禦。

研討會定於2024年6月18日，下午2時30分假澳門新濠影滙明星匯三樓會議廳 VI & VII舉行。詳情和報名，請參閱以下宣傳海報.

見報第二單，使用更新的技術作案會越來越越嚴重，要做好保護措施及安全意識培訓是關鍵。
https://amp-scmp-com.cdn.ampproject.org/c/s/amp.scmp.com/news/hong-kong/law-and-crime/article/3264684/hong-kong-employee-tricked-paying-out-hk4-million-after-video-call-deepfake-chief-financial-officer

amp-scmp-com.cdn.ampproject.org

Be careful when you use these tools…
https://gbhackers-com.cdn.ampproject.org/c/s/gbhackers.com/weaponized-winscp-putty/amp/

gbhackers-com.cdn.ampproject.org

見報的網安事故有不少，應該是不見報的冰山一角
https://news.now.com/urgentnews.jsp?taskId=36463

【最新】公司註冊處電子服務網站洩露11萬人資料，包括姓名、電話和身份證號碼等 【最新】公司註冊處電子服務網站洩露11萬人資料，包括姓名、電話和身份證號碼等

安全事故越來越多，做好保護措施最實際。 https://www.881903.com/news/local/2531785/%E5%85%AD%E7%A6%8F%E7%8F%A0%E5%AF%B6%E6%9C%83%E5%93%A1%E8%B3%87%E6%96%99%E5%BA%AB%E7%96%91%E9%81%AD%E9%BB%91%E5%AE%A2%E5%85%A5%E4%BE%B5-%E5%85%AD%E7%A6%8F%E6%9C%AA%E7%A2%BA%E5%AE%9A%E6%98%AF%E5%90%A6%E5%A4%96%E6%B4%A9

六福珠寶會員資料庫疑遭黑客入侵 六福：未確定是否外洩｜本地｜商業電台 881903 六福珠寶會員資料庫疑遭黑客入侵 六福：未確定是否外洩六福珠寶的會員資料庫懷疑被黑客入侵，資料庫被放上暗網放售。據了解，外洩的資料涉及

Education sector is at very high risk. Contact us today to learn how we can provide top-notch protection within your budget.

https://hongkongfp.com/2024/05/10/hackers-steal-data-on-8100-hong-kong-students-amid-wave-of-cyberattacks/

Hackers steal data on 8,100 Hong Kong students amid wave of cyberattacks Personal details of more than 8,000 students at a private Hong Kong college have been stolen and reportedly posted on the dark web, the latest in a spate of cyberattacks in the city which have spar…

It is getting more and more security incidents nowadays. It means hacking activities are getting more and non stop. Be prepared. Contact us today to learn how we can provide top-notch protection within your budget.
https://cybersecuritynews-com.cdn.ampproject.org/c/s/cybersecuritynews.com/dell-hacked/amp/

Dell Hacked - 49 Million Customers Data Affected Dell Technologies is investigating a data breach incident involving a company portal containing limited customer information related to purchases.

中小企業網絡安全風險越來越嚴重！
https://www.am730.com.hk/本地/am專題-ai黑客攻擊加劇中小企易成目標-20-中小企無網絡保安預算/446034?utm_source=am730appshare&utm_medium=copy_link

又一單勒索軟件攻擊比較影響大的事故。我哋近排都處理咗3單勒索軟件成功攻擊個案，建議大家快啲加強保護，免為下一個受害者。

https://www.hk01.com/社會新聞/1012034/仁安醫院遭黑客入侵索千萬美元-連日改人手操作-醫護憂易出錯