10月20日每日安全热点 - 新组织Harvester使用新工具攻击南亚组织

2021-10-20 09:30:41 360安全客安全资讯 7558 4

漏洞 Vulnerability

CVE-2021-41154: Tuleap SQL 注入漏洞

https://tuleap.net/plugins/tracker/?aid=16213

CVE-2021-20836: CX-Supervisor 越界读取漏洞

https://jvn.jp/en/vu/JVNVU90041391/index.html

安全事件 Security Incident

新型国产“阎罗王”勒索针对高收入企业进行攻击

https://www.bleepingcomputer.com/news/security/new-yanluowang-ransomware-used-in-targeted-enterprise-attacks/

Sodinokibi(REvil)支付站点和数据泄露网站遭遇劫持，被迫关闭

https://www.bleepingcomputer.com/news/security/revil-ransomware-shuts-down-again-after-tor-sites-were-hijacked/

辛克莱广播集团遭遇勒索病毒攻击，多地电视台被迫关闭

https://www.bleepingcomputer.com/news/security/ransomware-attack-likely-behind-sinclair-tv-stations-downtime/

辛克莱电视台因周末勒索软件袭击而瘫痪

https://www.bleepingcomputer.com/news/security/sinclair-tv-stations-crippled-by-weekend-ransomware-attack/

REvil勒索软件的Tor站点被劫持

https://heimdalsecurity.com/blog/revil-ransomwares-tor-sites-were-hijacked/

Thingiverse漏洞：50000台3D打印机面临劫持风险

https://www.databreachtoday.com/thingiverse-breach-50000-3d-printers-faced-hijacking-risk-a-17749

Lyceum针对突尼斯的电信和航空公司的攻击活动

https://securelist.com/lyceum-group-reborn/104586/

新组织Harvester使用新工具攻击南亚组织

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/harvester-new-apt-attacks-asia

蔓灵花APT组织针对军工行业新近攻击活动分析

https://mp.weixin.qq.com/s/XVwQ65Ta4L8uG0rlJ7XOqQ

（完）