360-CERT每日安全简报
Daily Security Briefing
2021-05-31 星期一
漏洞 Vulnerability
CVE-2021-25217: Ubuntu 发布安全更新修复 isc-dhcp 软件包漏洞
https://ubuntu.com/security/notices/USN-4969-1
CVE-2021-33216: CommScope Ruckus IoT 控制器存在隐藏账户
https://korelogic.com/Resources/Advisories/KL-001-2021-007.txt
Apple 修复 watchOS 中的多个漏洞
https://support.apple.com/en-us/HT212533
安全事件 Security Incident
因供应商遭遇勒索病毒攻击,加拿大邮局数据遭遇泄露
https://www.bleepingcomputer.com/news/security/canada-post-hit-by-data-breach-after-supplier-ransomware-attack/
伪装成叙利亚电子政府的Android恶意软件
https://cybleinc.com/2021/05/27/android-trojan-malware-disguised-as-syrian-e-gov-android-app/
NOBELIUM发起的基于电子邮件的新型复杂攻击
https://www.microsoft.com/security/blog/2021/05/27/new-sophisticated-email-based-attack-from-nobelium/
疑似APT29进行了以选举欺诈为主题的网络钓鱼活动
https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-launches-election-fraud-themed-phishing-campaigns/
在VSCode扩展中新发现的bug可能会导致供应链攻击
https://thehackernews.com/2021/05/newly-discovered-bugs-in-vscode.html
富士通黑客攻击日本政府机构后大量数据泄露
https://www.bleepingcomputer.com/news/security/japanese-government-agencies-suffer-data-breaches-after-fujitsu-hack/
美国联邦调查局:APT黑客利用Fortinet漏洞破坏了美国地方政府
https://www.bleepingcomputer.com/news/security/fbi-apt-hackers-breached-us-local-govt-by-exploiting-fortinet-bugs/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn