2月22日每日安全热点 - Kroger出现数据泄露大量员工数据存在风险

360安全客 安全资讯 27750 4

Inspired by 360CERT

漏洞 Vulnerability

微软称CVE-2021-1732在20年夏季已出现在野利用

https://www.bleepingcomputer.com/news/security/recently-fixed-windows-zero-day-actively-exploited-since-mid-2020/

 

Sonicwall发布漏洞更新

https://www.bleepingcomputer.com/news/security/sonicwall-releases-additional-update-for-sma-100-vulnerability/

 

恶意软件 Malware

Google Alert被利用推送伪造Flash更新

https://www.bleepingcomputer.com/news/security/warning-google-alerts-abused-to-push-fake-adobe-flash-updater/

 

安全研究 Security Research

路由器DNS劫持攻击

https://cujo.com/dns-hijacking-attacks-on-home-routers-in-brazil/

 

Laravel RCE

https://zdresearch.com/rce-on-a-laravel-private-program/

 

现代物联网攻击

https://cujo.com/genetics-of-a-modern-iot-attack/

 

安全工具 Security Tools

Blobhunter:微软Azure Blob安全评估工具

https://github.com/cyberark/BlobHunter

 

安全事件 Security Incident

Lakehead大学遭网络攻击后关闭网络

https://www.bleepingcomputer.com/news/security/lakehead-university-shuts-down-campus-network-after-cyberattack/

 

Kroger出现数据泄露大量员工数据存在风险

https://www.bleepingcomputer.com/news/security/kroger-data-breach-exposes-pharmacy-and-employee-data/

 

安全客 Security Geek

谈谈Office Moniker类漏洞和公式编辑器类漏洞

https://www.anquanke.com/post/id/231427

 

浅析UMAS协议

https://www.anquanke.com/post/id/231884

(完)