报告编号:B6-2021-111199
报告来源:360CERT
报告作者:360CERT
更新日期:2021-11-11
Security Incident | 安全事件
Lyceum 利用新恶意软件攻击中东和非洲的 ISP 和电信公司
https://www.prevailion.com/latest-targets-of-cyber-group-lyceum/
针对韩国国防和安全领域专家的攻击活动
https://blog.alyac.co.kr/4255?category=957259
Lazarus 组织的 NukeSped 恶意软件分析报告
https://asec.ahnlab.com/ko/28527/
相煎何急,印 APT 组织蔓灵花针对巴基斯坦政府机构展开定向攻击
http://report.threatbook.cn/BT.pdf
谷歌广告用于窃取凭证和流失账户
https://heimdalsecurity.com/blog/google-ads-used-for-stealing-credentials-and-draining-accounts/
电子产品零售巨头 MediaMarkt 受到勒索软件攻击
https://www.bleepingcomputer.com/news/security/electronics-retail-giant-mediamarkt-hit-by-ransomware-attack/
Hive 勒索软件团伙攻击 MediaMarkt
https://heimdalsecurity.com/blog/hive-ransomware-gang-impacts-mediamarkt/
REvil 勒索软件疑犯在全球警方打击行动中被捕
https://www.databreachtoday.com/revil-ransomware-suspects-snared-in-global-police-crackdown-a-17864
Robinhood 遭到数据泄露和敲诈勒索
https://www.databreachtoday.com/robinhood-reveals-data-breach-extortion-shakedown-a-17869
WooCommerce Skimmer 伪造结账页面
https://blog.sucuri.net/2021/11/woocommerce-skimmer-spoofs-checkout-page.html
Black Shadow 泄露以色列患者记录和数据
https://www.databreachtoday.com/black-shadow-group-leaks-israeli-patient-records-data-a-17866
攻击者使用已知的 Zoho 漏洞危害关键行业的公司
https://www.scmagazine.com/analysis/cyberespionage/campaign-used-known-zoho-bug-to-compromise-firms-across-critical-industries
上个月修补的 Sitecore XP RCE 漏洞现已被积极利用
https://www.bleepingcomputer.com/news/security/sitecore-xp-rce-flaw-patched-last-month-now-actively-exploited/
猜你喜欢:
