报告编号:B6-2021-052799
报告来源:360CERT
报告作者:360CERT
更新日期:2021-05-27
1 Vulnerability|漏洞
CVE-2021-21985: VMware vCenter Server远程代码执行漏洞
https://cert.360.cn/warning/detail?id=21bda4287b2b47416e93cc7817bf4a1a
CVE-2021-21974:VMware ESXI OpenSLP堆溢出漏洞POC公开
https://straightblast.medium.com/my-poc-walkthrough-for-cve-2021-21974-a266bcad14b9
CVE-2021-23017:Nginx DNS解析器堆写入漏洞
http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html
2 Security Incident|安全事件
APT41组织滥用Microsoft数字签名进行恶意活动
https://www.lac.co.jp/lacwatch/report/20210521_002618.html
从Wiper到Ransomware | 伊朗Agrius组织的演化
https://assets.sentinelone.com/sentinellabs/evol-agrius
APT组织白皮书—来自加沙地区的Molerats
https://mp.weixin.qq.com/s/OxtOiqrb9lcGhwJtXqmuZg
担心遭受黑客以金融交易和报酬为名发起的攻击
https://blog.alyac.co.kr/3799?category=957259
Lazarus 发起的"Operation Dream Job" 攻击是什么?
https://resources.infosecinstitute.com/topic/what-is-operation-dream-job-by-lazarus/
英国保险公司从勒索软件攻击中恢复
https://www.databreachtoday.com/uk-insurer-recovering-from-ransomware-attack-a-16736
俄罗斯暗网市场Hydra加密货币交易在2020年达到13.7亿美元
猜你喜欢: