360-CERT每日安全简报
Daily Security Briefing
2021-06-08 星期二
漏洞 Vulnerability
CVE-2021-33898: Invoice Ninja远程代码执行漏洞
https://github.com/invoiceninja/invoiceninja/issues/5909
CODESYS工业自动化软件中发现10个严重漏洞
https://thehackernews.com/2021/06/10-critical-flaws-found-in-codesys.html
安全事件 Security Incident
Colonial Pipeline被DarkSide攻击,与该公司登录凭证数据泄露相关
https://edition.cnn.com/2021/06/04/politics/colonial-pipeline-ransomware-attack-password/index.html?utm_source=twCNNp&utm_content=2021-06-05T11%3A03%3A08&utm_medium=social&utm_term=link
攻击者扫描未修补的VMware vCenter服务器
https://www.bleepingcomputer.com/news/security/attackers-scan-for-unpatched-vmware-vcenter-servers-poc-exploit-available/
谷歌发现改变芯片内存的新漏洞
https://www.databreachtoday.com/google-finds-new-exploit-that-alters-chip-memory-a-16808
Solarwind黑客利用NativeZone后门攻击24个国家
https://www.hackread.com/solarwinds-hackers-return-nativezone-backdoor/
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn