Peretas China pasang pintu belakang melalui zero-day email Cisco

Indonesia

Cisco Talos merinci bagaimana kelompok terkait China mengeksploitasi zero-day belum ditambal di perangkat keamanan email sejak akhir November 2025, menyebar pintu belakang dan alat pembersih log untuk akses persisten.

Membangun dari laporan awal 19 Desember, peneliti Cisco Talos ungkap lebih lanjut tentang kampanye zero-day yang menargetkan perangkat keamanan email. Kelompok diduga terkait China melakukan root pada perangkat untuk memasang pintu belakang dan alat hapus log, memungkinkan persistensi diam-diam kemungkinan untuk spionase.

Belum ada tambalan tersedia, mendorong pemantauan darurat aktivitas aneh. Ini selaras dengan pola serangan disponsori negara pada perangkat keras jaringan, menekankan risiko zero-day dalam pertahanan perusahaan.

Artikel Terkait

Illustration depicting the Linux CopyFail vulnerability enabling root access exploits alongside Ubuntu's DDoS-induced outage.
Gambar dihasilkan oleh AI

Linux CopyFail exploit threatens root access amid Ubuntu outage

Dilaporkan oleh AI Gambar dihasilkan oleh AI

A critical Linux vulnerability known as CopyFail, tracked as CVE-2026-31431, allows attackers to gain root access on systems running kernels since 2017. Publicly released exploit code has heightened risks for data centers and personal devices. Ubuntu's infrastructure has been offline for over a day due to a DDoS attack, hampering security communications.

FBI urges router security steps after Russian GRU attacks

US federal agencies have disclosed that Russian military intelligence compromised thousands of small office and home routers, urging owners to take immediate protective measures.

Trend Micro Apex One zero-day exploited in the wild

Dilaporkan oleh AI

A newly discovered flaw in Trend Micro's Apex One allows hackers to inject malicious code. The zero-day vulnerability is being actively exploited.

Linux

US government issues urgent CopyFail warning as Linux patches roll out

Technology

ShinyHunters exploits critical PeopleSoft zero-day vulnerability

Technology

Microsoft warns of password reset exploits by hackers

Zero-day exploit bypasses default windows 11 bitlocker encryption

A newly published zero-day exploit allows attackers with physical access to bypass BitLocker encryption on Windows 11 devices in seconds. The attack, named YellowKey, targets the default TPM-only configuration and grants full access to encrypted drives via a simple USB-based method.

18 Juni 2026 00.38

Massive Fortinet breach exposes credentials of major organizations

20 Mei 2026 21.38

Google publishes exploit code for unfixed chromium vulnerability

15 Mei 2026 14.22

Security researchers breach macOS using Anthropic AI tool

05 Mei 2026 12.10

Daemon Tools app hit by monthlong supply-chain attack

07 April 2026 17.23

Western agencies warn of russian hackers on tp-link routers

Situs web ini menggunakan cookie

Kami menggunakan cookie untuk analisis guna meningkatkan situs kami. Baca kebijakan privasi kami untuk informasi lebih lanjut.
Tolak