360CERT - 每日安全简报 (2021-11-29)

<<Previous Next>>

漏洞 Vulnerability

Symfony 安全更新

https://github.com/symfony/symfony/releases/tag/v5.3.12

安全事件 Security Incident

海上服务提供商Swire Pacific Offshore被Clop勒索软件袭击

https://securityaffairs.co/wordpress/125034/cyber-crime/swire-pacific-offshore-clop-ransomware.html

宜家电子邮件系统遭受持续的网络攻击

https://www.bleepingcomputer.com/news/security/ikea-email-systems-hit-by-ongoing-cyberattack/

TrickBot网络钓鱼检查屏幕分辨率以逃避研究人员

https://www.bleepingcomputer.com/news/security/trickbot-phishing-checks-screen-resolution-to-evade-researchers/

在Gmail和Instagram钓鱼欺诈中利用Microsoft MSHTML漏洞

https://www.hackread.com/microsoft-mshtml-flaw-gmail-instagram-phishing-scam/

VMware解决vCenter Server中的文件读取和SSRF漏洞

https://securityaffairs.co/wordpress/124973/security/vmware-ssrf-vcenter-server.html

新的Linux恶意软件隐藏在日期无效的cron作业中

https://www.bleepingcomputer.com/news/security/new-linux-malware-hides-in-cron-jobs-with-invalid-dates/

双尾蝎APT组织以巴勒斯坦选举热点信息为诱饵的攻击活动分析

https://mp.weixin.qq.com/s/65vzRcusF66Hc4F4O0ZZJw

<<Previous Next>>