360CERT - 每日安全简报 (2021-05-20)

<<Previous Next>>

漏洞 Vulnerability

Windows TokenMagic 权限提升漏洞 msf 利用代码公开

https://packetstormsecurity.com/files/162605/Microsoft-Windows-TokenMagic-Privilege-Escalation.html

rxvt/rxvt-unicode 本地命令执行漏洞

https://packetstormsecurity.com/files/162621/rxvt-2.7.0-rxvt-unicode-9.22-Code-Execution.html

安全事件 Security Incident

一路向北：Konni APT组织以“朝鲜局势”相关主题为诱饵对俄进行持续定向攻击活动

https://mp.weixin.qq.com/s/DDLLGwumDATr4fRsYtYjQw

APT组织白皮书—来自黎巴嫩的Volatile Cedar

https://mp.weixin.qq.com/s/vJ9AF-dOnmvkq-lY5G7-Vw

“Operation Magichm” 浅谈蔓灵花组织的CHM文件投放与后续操作

https://mp.weixin.qq.com/s/adVxC5CgfHoI8_2dKmUGKw

Codecov黑客获得了Monday.com源代码的访问权限

https://www.bleepingcomputer.com/news/security/codecov-hackers-gained-access-to-mondaycom-source-code/

仅仅9个月，Darkside勒索软件团伙获利9000万美元

https://www.zdnet.com/article/after-just-9-months-darkside-ransomware-gang-brings-in-90-million-in-bitcoin/

Magecart Skimming战术演变

https://blog.malwarebytes.com/cybercrime/2021/05/newly-observed-php-based-skimmer-shows-ongoing-magecart-group-12-activity/

<<Previous Next>>