360-CERT每日安全简报
Daily Security Briefing
2021-11-25 星期四
漏洞 Vulnerability
Apache JSPWiki 多个安全漏洞
https://jspwiki.apache.org/
安全事件 Security Incident
GoDaddy hack导致数据泄露影响120万客户
https://www.bleepingcomputer.com/news/security/godaddy-hack-causes-data-breach-affecting-12-million-customers/
犹他州成像协会数据泄露影响583643名患者
https://securityaffairs.co/wordpress/124886/data-breach/utah-imaging-associates-data-breach.html
风力涡轮机巨头维斯塔斯的数据在网络攻击中受损
https://www.bleepingcomputer.com/news/security/wind-turbine-giant-vestas-data-compromised-in-cyberattack/
Squirrelwaffle利用ProxyShell和ProxyLogon劫持电子邮件链
https://www.trendmicro.com/en_us/research/21/k/Squirrelwaffle-Exploits-ProxyShell-and-ProxyLogon-to-Hijack-Email-Chains.html
英国政府警告数千家中小企业他们的在线商店遭到黑客攻击
https://www.bleepingcomputer.com/news/security/uk-govt-warns-thousands-of-smbs-their-online-stores-were-hacked/
黑客滥用Glitch平台窃取凭证
https://www.databreachtoday.com/hackers-abusing-glitch-platform-to-steal-credentials-a-17968
Tardigrade黑客用秘密恶意软件瞄准大型制药疫苗制造商
https://www.bleepingcomputer.com/news/security/tardigrade-hackers-target-big-pharma-vaccine-makers-with-stealthy-malware/
APT-C-23的Android间谍软件新变种
https://news.sophos.com/en-us/2021/11/23/android-apt-spyware-targeting-middle-east-victims-improves-its-capabilities/
“肚脑虫”组织近期利用Google云盘分发新款恶意插件的攻击活动分析
https://mp.weixin.qq.com/s/J2FL52rVX2tTCODdwIin4Q
威胁组织利用Tardigrade恶意软件攻击疫苗生产基础设施
https://www.isac.bio/post/tardigrade
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn