360CERT - 每日安全简报 (2021-10-15)

<<Previous Next>>

漏洞 Vulnerability

CVE-2021-3057: Juniper Networks CTPView 安全更新

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11210&cat=SIRT_1&actp=LIST

CVE-2021-3057: PaloAlto GlobalProtect App 安全更新

https://security.paloaltonetworks.com/CVE-2021-3057

CVE-2021-35498: TIBCO EBX 安全更新

https://www.tibco.com/support/advisories/2021/10/tibco-security-advisory-october-13-2021-tibco-ebx-2021-35498

安全事件 Security Incident

CETARAT APT组织攻击政府部门

https://blogs.quickheal.com/cetarat-apt-group-targeting-the-government-agencies/

网络攻击关闭厄瓜多尔最大的银行Banco Pichincha

https://www.bleepingcomputer.com/news/security/cyberattack-shuts-down-ecuadors-largest-bank-banco-pichincha/

巴西市场集成商Hariexpress披露了17.5亿条记录

https://www.hackread.com/brazilian-marketplace-integrator-hariexpress-records/

OpenSea中的严重漏洞可能让黑客从钱包中窃取加密货币

https://thehackernews.com/2021/10/critical-flaw-in-opensea-could-have-let.html

易受攻击的视频DVR设备现在成为了FreakOut僵尸网络的目标

https://heimdalsecurity.com/blog/vulnerable-video-dvr-devices-now-targeted-by-the-freakout-botnet/

PyPI删除了存在代码执行的mitmproxy2库

https://www.bleepingcomputer.com/news/security/pypi-removes-mitmproxy2-over-code-execution-concerns/

Verizon数字运营商的Visible客户账户遭到黑客攻击

https://www.bleepingcomputer.com/news/security/verizon-digital-carrier-visible-customer-accounts-were-hacked/

<<Previous Next>>