360-CERT每日安全简报
Daily Security Briefing
2021-07-26 星期一
漏洞 Vulnerability
CVE-2020-36239:Jira Data Center等产品远程代码执行漏洞
https://confluence.atlassian.com/adminjiraserver/jira-data-center-and-jira-service-management-data-center-security-advisory-2021-07-21-1063571388.html
CVE-2021-1600/1601:Cisco Intersight虚拟设备敏感信息泄露漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsi2-iptaclbp-L8Dzs8m8
安全事件 Security Incident
Caliente Bardits传播Bandook恶意软件攻击西班牙组织
https://www.ehackingnews.com/2021/07/caliente-bandits-target-spanish.html
Ransomware勒索软件团伙利用伪造的浏览器更新攻击了CNA的网络
https://www.bleepingcomputer.com/news/security/ransomware-gang-breached-cna-s-network-via-fake-browser-update/
StrongPity APT组首次部署Android恶意软件
https://www.trendmicro.com/en_us/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time.html
TicketClub意大利数据库在暗网提供
https://securityaffairs.co/wordpress/120406/data-breach/ticketclub-italy-data-leak.html
XLoader Windows InfoStealer恶意软件现在升级并攻击macOS系统
https://thehackernews.com/2021/07/xloader-windows-infostealer-malware-now.html
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn