360-CERT每日安全简报
Daily Security Briefing
2021-05-17 星期一
漏洞 Vulnerability
CVE-2021-31922:PulseSecure vTM http请求走私漏洞
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44790/?kA23Z000000boUbSAI
CVE-2021-20025:SonicWall邮件沙箱静态凭证漏洞
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0012
CVE-2020-3556:Cisco AnyConnect任意代码执行漏洞官方发布漏洞补丁
https://www.bleepingcomputer.com/news/security/cisco-fixes-6-month-old-anyconnect-vpn-zero-day-with-exploit-code/
安全事件 Security Incident
Colonial在勒索软件攻击后重新开始运营
https://www.databreachtoday.com/colonial-restarts-operations-following-ransomware-attack-a-16576
Verizon Business DBIR 商业数据违规调查报告
https://www.zdnet.com/article/phishing-ransomware-web-app-attacks-dominate-data-breaches-in-2021-says-verizon-business-dbir/
保险巨头CNA在勒索软件攻击后完成所有系统恢复
https://www.bleepingcomputer.com/news/security/insurance-giant-cna-fully-restores-systems-after-ransomware-attack/
化学品分销商向DarkSide勒索软件支付440万美元
https://www.bleepingcomputer.com/news/security/chemical-distributor-pays-44-million-to-darkside-ransomware/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn