1月14日每日安全热点 - 俄罗斯副部长电子邮件被攻击

360安全客 安全资讯 62176 4

漏洞 Vulnerability
CVE-2021-45608:KCodes NetUSB缓冲区溢出漏洞
https://thehackernews.com/2022/01/new-kcodes-netusb-bug-affect-millions.html
CVE-2021-36774:Apache Kylin权限许可和访问控制问题漏洞
http://vulhub.org.cn/vuln/VHN-398619
安全事件 Security Incident
新的SysJocker后门以Windows、macOS和Linux为目标
https://www.bleepingcomputer.com/news/security/new-sysjocker-backdoor-targets-windows-macos-and-linux/
美国政府警告俄罗斯黑客攻击关键基础设施
https://www.bleepingcomputer.com/news/security/us-govt-warns-of-russian-hackers-targeting-critical-infrastructure/
CISA提醒联邦机构注意仍在利用的古老错误
https://www.bleepingcomputer.com/news/security/cisa-alerts-federal-agencies-of-ancient-bugs-still-being-exploited/
国家黑客在Log4j攻击中使用新的PowerShell后门
https://www.bleepingcomputer.com/news/security/state-hackers-use-new-powershell-backdoor-in-log4j-attacks/
俄罗斯副部长电子邮件被攻击
https://www.bleepingcomputer.com/news/security/hackers-take-over-diplomats-email-target-russian-deputy-minister/
黑客使用云服务分发 Nanocore、Netwire 和 AsyncRAT 恶意软件
https://thehackernews.com/2022/01/hackers-use-cloud-services-to.html
美国网络司令部将MuddyWater与伊朗情报部门关联起来
https://www.cybercom.mil/Media/News/Article/2897570/iranian-intel-cyber-suite-of-malware-uses-open-source-tools/
MuddyWater组织最新攻击活动分析
https://www.sentinelone.com/labs/wading-through-muddy-waters-recent-activity-of-an-iranian-state-sponsored-threat-actor/
疑似海莲花利用Web存档文件部署后门
https://www.netskope.com/blog/abusing-microsoft-office-using-malicious-web-archive-files
KONNI不按套路出牌,使用新手法针对俄罗斯方向持续展开攻击
https://mp.weixin.qq.com/s/AA4dpzwhSyktQGQ83cMHbA
(完)