360CERT - 每日安全简报 (2021-11-23)

<<Previous Next>>

安全事件 Security Incident

疑似APT-C-55（Kimsuky）组织利用商业软件Web Browser Password Viewer进行攻击

https://mp.weixin.qq.com/s/QDI912ogVKyyKFYdKvBGdQ

“幼象”组织在南亚地区的网络攻击活动分析

https://mp.weixin.qq.com/s/9emBT2btFA811QLRjU54tA

11个恶意PyPI Python库被抓到窃取Discord令牌和安装shell

https://thehackernews.com/2021/11/11-malicious-pypi-python-libraries.html

新Memento勒索团伙利用WinRAR加密恶意文件

https://heimdalsecurity.com/blog/memento-ransomware-group-winrar-archives/

研究人员入侵了Conti gang的支付网站

https://securityaffairs.co/wordpress/124837/cyber-crime/payment-portal-conti-gang-compromised.html

加州Pizza Kitchen遭遇数据泄露

https://securityaffairs.co/wordpress/124785/data-breach/california-pizza-kitchen-data-breach.html

Sea Mar医疗数据被盗影响68万患者

https://www.scmagazine.com/analysis/breach/months-long-hack-theft-of-sea-mar-healthcare-data-impacts-688k-patients

CKEditor漏洞对Drupal和其他下游应用程序构成XSS威胁

https://portswigger.net/daily-swig/ckeditor-vulnerabilities-pose-xss-threat-to-drupal-and-other-downstream-applications

600万Sky路由器在17个月内面临接管攻击

https://www.bleepingcomputer.com/news/security/six-million-sky-routers-exposed-to-takeover-attacks-for-17-months/

假的TSA预检网站用假的续签合同欺骗美国旅客

https://www.bleepingcomputer.com/news/security/fake-tsa-precheck-sites-scam-us-travelers-with-fake-renewals/

<<Previous Next>>