360CERT - 每日安全简报 (2021-06-29)

<<Previous Next>>

漏洞 Vulnerability

CVE-2021-27850: Apache Tapestry 序列化漏洞PoC公开

https://github.com/kahla-sec/CVE-2021-27850_POC

OpenEXR多个高危漏洞

https://github.com/AcademySoftwareFoundation/openexr/pull/1001/files

安全事件 Security Incident

西部数据NAS设备遭到网络攻击，硬盘遭遇格式化

https://www.westerndigital.com/support/productsecurity/wdc-21008-recommended-security-measures-wd-mybooklive-wd-mybookliveduo

Babuk勒索软件生成器遭泄露s

https://therecord.media/builder-for-babuk-locker-ransomware-leaked-online/

OSCORP：新的银行木马出现在安卓银行木马家族

https://www.revelock.com/en/blog/oscorp-new-banking-trojan-has-appeared-in-the-world-of-android-bankers

韩国统一部和国家统一研究所发布与朝鲜有关的kimsuki黑客攻击警告

https://blog.alyac.co.kr/3868?category=957259

新的 Nobelium 攻击活动

https://msrc-blog.microsoft.com/2021/06/25/new-nobelium-activity/

Moleats黑客组织分发LastConn恶意软件

https://isarc.tachyonlab.com/4171

Crackonosh病毒从22.2万台被黑客入侵的电脑中开采了200万美元的门罗币

https://thehackernews.com/2021/06/crackonosh-virus-mined-2-million-of.html

暗网论坛Marketo贩卖大型律师事务所数据

https://securityaffairs.co/wordpress/119405/cyber-crime/marketo-marketplace.html

DreamHost 托管公司暴露了近 10 亿个敏感记录

https://www.hackread.com/dreamhost-hosting-exposed-billion-records/

<<Previous Next>>