360-CERT每日安全简报
Daily Security Briefing
2021-10-20 星期三
漏洞 Vulnerability
CVE-2021-41154: Tuleap SQL 注入漏洞
https://tuleap.net/plugins/tracker/?aid=16213
CVE-2021-20836: CX-Supervisor 越界读取漏洞
https://jvn.jp/en/vu/JVNVU90041391/index.html
安全事件 Security Incident
新型国产“阎罗王”勒索针对高收入企业进行攻击
https://www.bleepingcomputer.com/news/security/new-yanluowang-ransomware-used-in-targeted-enterprise-attacks/
Sodinokibi(REvil)支付站点和数据泄露网站遭遇劫持,被迫关闭
https://www.bleepingcomputer.com/news/security/revil-ransomware-shuts-down-again-after-tor-sites-were-hijacked/
辛克莱广播集团遭遇勒索病毒攻击,多地电视台被迫关闭
https://www.bleepingcomputer.com/news/security/ransomware-attack-likely-behind-sinclair-tv-stations-downtime/
辛克莱电视台因周末勒索软件袭击而瘫痪
https://www.bleepingcomputer.com/news/security/sinclair-tv-stations-crippled-by-weekend-ransomware-attack/
REvil勒索软件的Tor站点被劫持
https://heimdalsecurity.com/blog/revil-ransomwares-tor-sites-were-hijacked/
Thingiverse漏洞:50000台3D打印机面临劫持风险
https://www.databreachtoday.com/thingiverse-breach-50000-3d-printers-faced-hijacking-risk-a-17749
Lyceum针对突尼斯的电信和航空公司的攻击活动
https://securelist.com/lyceum-group-reborn/104586/
新组织Harvester使用新工具攻击南亚组织
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/harvester-new-apt-attacks-asia
蔓灵花APT组织针对军工行业新近攻击活动分析
https://mp.weixin.qq.com/s/XVwQ65Ta4L8uG0rlJ7XOqQ
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn