360-CERT每日安全简报
Daily Security Briefing
2021-08-19 星期四
漏洞 Vulnerability
iCloud for Windows 12.5 安全更新
https://support.apple.com/en-us/HT212607
Realtek AP-Router SDK 安全更新
https://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2021-35392_35395.pdf
安全事件 Security Incident
T-Mobile 确认系统遭到破坏
https://www.databreachtoday.com/t-mobile-probes-attack-confirms-systems-were-breached-a-17303
Colonial Pipeline公布数据泄露影响人数
https://heimdalsecurity.com/blog/colonial-pipeline-data-breach-impacts-hundreds-of-individuals/
福特漏洞暴露了内部系统的客户和员工记录
https://www.bleepingcomputer.com/news/security/ford-bug-exposed-customer-and-employee-records-from-internal-systems/
新的 Trickbot 攻击伪造 1Password 安装程序以提取数据
https://www.hackread.com/trickbot-installs-fake-1password-manager-extract-data/
影响 Realtek Wi-Fi SDK 的多个缺陷影响近百万物联网设备
https://thehackernews.com/2021/08/multiple-flaws-affecting-realtek-wi-fi.html
发现了数十个STARTTLS相关漏洞,影响了流行的电子邮件客户端
https://thehackernews.com/2021/08/dozens-of-starttls-related-flaws-found.html
来自 FBI 恐怖分子观察名单的 190 万多条记录可在线获取
https://securityaffairs.co/wordpress/121213/data-breach/fbi-terrorist-watchlist-leak.html
一个数据交易论坛出售属于立陶宛外交部的电子邮件
https://heimdalsecurity.com/blog/a-data-trading-forum-allegedly-sells-emails-belonging-to-lithuanian-ministry-of-foreign-affairs/
新的伊朗组织Siamesekitten发起的网络间谍活动
https://www.clearskysec.com/siamesekitten/
Confucius利用与 Pegasus 间谍软件相关的诱饵攻击巴基斯坦军方
https://www.trendmicro.com/en_us/research/21/h/confucius-uses-pegasus-spyware-related-lures-to-target-pakistani.html
APT29—觊觎全球情报的国家级黑客组织(下)
https://mp.weixin.qq.com/s/GBGJ1WOVsQCpVTY9audJPA
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn