10月27日每日安全热点 - 乐购网站遭黑客攻击

2021-10-27 09:30:47 360安全客安全资讯 23331 4

漏洞 Vulnerability

F5 Traffix SDC 修复 apache http组件漏洞

https://support.f5.com/csp/article/K20622400

CVE-2021-42258: BQE BillQuick SQL注入漏洞安全更新

https://www.huntress.com/blog/threat-advisory-hackers-are-exploiting-a-vulnerability-in-popular-billing-software-to-deploy-ransomware

CVE-2021-40865: Apache Storm Worker未受权反序列化漏洞安全更新

https://seclists.org/oss-sec/2021/q4/45

安全事件 Security Incident

针对巴以地区长达三年的攻击活动揭露

https://cert.360.cn/warning/detail?id=80ddef5e537ffed8df378d9267d115d6

NOBELIUM组织的新供应链攻击活动

https://www.microsoft.com/security/blog/2021/10/25/nobelium-targeting-delegated-administrative-privileges-to-facilitate-broader-attacks/

LuoYu组织使用的恶意软件WinDealer

https://blogs.jpcert.or.jp/en/2021/10/windealer.html

乐购网站遭黑客攻击

https://www.cnbeta.com/articles/tech/1194363.htm

黑客利用流行的BillQuick计费软件部署勒索软件

https://thehackernews.com/2021/10/hackers-exploited-popular-billquick.html

微软：自5月以来，俄罗斯SVR至少入侵了14家IT供应链公司

https://www.bleepingcomputer.com/news/microsoft/microsoft-russian-svr-hacked-at-least-14-it-supply-chain-firms-since-may/

（完）