5月17日每日安全热点 - 保险巨头CNA在勒索软件攻击后完成所有系统恢复

2021-05-17 09:30:31 360安全客安全资讯 2209 4

漏洞 Vulnerability

CVE-2021-31922：PulseSecure vTM http请求走私漏洞

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44790/?kA23Z000000boUbSAI

CVE-2021-20025：SonicWall邮件沙箱静态凭证漏洞

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0012

CVE-2020-3556：Cisco AnyConnect任意代码执行漏洞官方发布漏洞补丁

https://www.bleepingcomputer.com/news/security/cisco-fixes-6-month-old-anyconnect-vpn-zero-day-with-exploit-code/

安全事件 Security Incident

Colonial在勒索软件攻击后重新开始运营

https://www.databreachtoday.com/colonial-restarts-operations-following-ransomware-attack-a-16576

Verizon Business DBIR 商业数据违规调查报告

https://www.zdnet.com/article/phishing-ransomware-web-app-attacks-dominate-data-breaches-in-2021-says-verizon-business-dbir/

保险巨头CNA在勒索软件攻击后完成所有系统恢复

https://www.bleepingcomputer.com/news/security/insurance-giant-cna-fully-restores-systems-after-ransomware-attack/

化学品分销商向DarkSide勒索软件支付440万美元

https://www.bleepingcomputer.com/news/security/chemical-distributor-pays-44-million-to-darkside-ransomware/

（完）