安全事件 Security Incident APT35的新PowerShell后门PowerLess https://www.cybereason.com/blog/powerless-trojan-iranian-apt-phosphorus-adds-new-powershell-backdoor-for-espionage Moses Staff为勒索软件活动增加了新木马 https://www.cybereason.com/blog/strifewater-rat-iranian-apt-moses-staff-adds-new-trojan-to-ransomware-operations Gameredon继续对乌克兰进行网络间谍攻击 https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/shuckworm-gamaredon-espionage-ukraine MuddyWater通过恶意PDF、可执行文件攻击土耳其用户 https://blog.talosintelligence.com/2022/01/iranian-apt-muddywater-targets-turkey.html 新APT组织White Tur https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/threat-actor-of-in-tur-est.html Arid Viper利用以政治为主题的网络钓鱼邮件、恶意软件攻击巴勒斯坦 https://blog.talosintelligence.com/2022/02/arid-viper-targets-palestine.html Antlion组织利用定制化后门攻击中国台湾的金融机构 https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/china-apt-antlion-taiwan-financial-attacks Gamaredon组织继续攻击乌克兰 https://unit42.paloaltonetworks.com/gamaredon-primitive-bear-ukraine-update-2021/ TEMP_Heretic组织利用Zimbra的零日漏洞发起攻击 https://www.volexity.com/blog/2022/02/03/operation-emailthief-active-exploitation-of-zero-day-xss-vulnerability-in-zimbra/ ACTINIUM组织针对乌克兰组织的攻击活动 https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/