5月8日每日安全热点 - DDoS攻击使比利时政府网站瘫痪

360安全客 安全资讯 70145 4

漏洞 Vulnerability
戴尔修复存在12年的BIOS驱动漏洞
https://thehackernews.com/2021/05/bios-privesc-bug-affects-hundreds-of.html?utm_source=social_share
CVE-2021-1497: Cisco HyperFlex HX命令注入漏洞
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hyperflex-rce-TjjNrkpR
安全事件 Security Incident
疑似Kimsuky APT组织利用韩国外交部为诱饵的攻击活动分析
https://mp.weixin.qq.com/s/IcNf4DNdQUPClbpFS9Bn-Q
Kimsuky APT组织使用新型的AppleSeed Android组件伪装成安全软件对韩特定目标进行攻击
https://mp.weixin.qq.com/s/8RgFvA_rOR2nIGxjWbEq-w
FIN8 APT组织新动作:一起“精心布置”的定向窃密活动
https://security.tencent.com/index.php/blog/msg/187
“双头龙”源自海莲花组织?
https://blog.netlab.360.com/rotajakiro_vs_oceanlotus_cn/
Operation TunnelSnake Formerly unknown rootkit used to secretly control networks of regional organizations
https://securelist.com/operation-tunnelsnake-and-moriya-rootkit/101831/
SECTORB GROUP’S THREAT LANDSCAPE IN 2020
https://redalert.nshc.net/2021/04/29/sectorb-groups-threat-landscape-in-2020/
DDoS攻击使比利时政府网站瘫痪
https://www.welivesecurity.com/2021/05/05/belgium-government-websites-offline-ddos-attack/
Qualcomm芯片中的漏洞允许攻击者窥探通话和短信
https://www.scmagazine.com/home/security-news/mobile-security/vulnerability-in-qualcomm-chips-lets-an-attacker-snoop-on-calls-and-texts/
(完)