360-CERT每日安全简报
Daily Security Briefing
2021-12-08 星期三
漏洞 Vulnerability
Grafana 任意文件读取漏洞通告
https://cert.360.cn/warning/detail?id=4f2ade611da7d8876ae789eb6c8aa1ed
Google Chrome 发布多个安全漏洞更新
https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html
安全事件 Security Incident
手机银行欺诈:Brata
https://www.cleafy.com/cleafy-labs/mobile-banking-fraud-brata-strikes-again
攻击者从BitMart平台窃取了价值超过1.5亿美元的加密货币代币
https://securityaffairs.co/wordpress/125321/cyber-crime/bitmart-security-breach.html
恶意的Excel XLL插件推送RedLine密码窃取恶意软件
https://www.bleepingcomputer.com/news/security/malicious-excel-xll-add-ins-push-redline-password-stealing-malware/
新的推特网络钓鱼活动针对已验证的帐户
https://www.bleepingcomputer.com/news/security/new-twitter-phishing-campaign-targets-verified-accounts/
Picus威胁库更新为Godzilla Webshell使用APTs利用CVE-2021-44077
https://www.picussecurity.com/resource/blog/godzilla-webshell-used-by-apts-exploiting-cve-2021-44077
We are greeting further cooperation with all parts of security services. If you are interested or have other technical questions relating to cybersecurity, please contact the following:

RSS:daily feed

Email:cert@360.cn

Twitter:@360CERT

or visit cert.360.cn