漏洞 Vulnerability
CVE-2020-17518/17519:Apache Flink 目录遍历漏洞
https://cert.360.cn/warning/detail?id=b985a81d0fbcfd531a686a4c2d56d489
安全工具 Security Tools
zznop/drow elf注入工具
安全资讯 Security Information
美国司法部确认其邮件系统遭到SolarWinds供应链攻击
https://securityaffairs.co/wordpress/113108/data-breach/solarwinds-hackers-o365-mailboxes.html
多个游戏公司的员工账户信息在暗网销售
https://www.welivesecurity.com/2021/01/05/breached-employee-credentials-gaming-companies/
恶意软件 Malware
QNode木马通过邮件进行投放
https://securityaffairs.co/wordpress/113088/cyber-crime/qnode-rat-attack.html
ElectroRat 勒索软件窃取感染用户的电子货币钱包
https://www.hackread.com/electrorat-crypto-stealing-malware-hits-macos-windows-linux-devices/
安全事件 Security Incident
Nissan git仓库源代码泄漏
https://www.zdnet.com/article/nissan-source-code-leaked-online-after-git-repo-misconfiguration/
安全研究 Security Research
Lokibot感染链深入分析
https://blog.talosintelligence.com/2021/01/a-deep-dive-into-lokibot-infection-chain.html
经典漏洞回顾-Microsoft Windows Win32k本地提权漏洞分析 CVE-2015-0057
(完)