漏洞 Vulnerability 360CERT发布全网受Log4j库漏洞影响的厂商自查列表 https://cert.360.cn/report/detail?id=972e3b6b433ca2b15edb2abdbeb94cfe Rh-PostgreSQL12-PostgreSQL的Red Hat软件集合更新 https://access.redhat.com/errata/RHSA-2021:5197 安全事件 Security Incident 顶级员工管理公司Kronos遭受勒索软件攻击 https://www.hackread.com/workforce-management-firm-kronos-ransomware-attack/ “Seedworm”袭击者袭击亚洲、中东的电信公司 https://threatpost.com/seedworm-attackers-telcos-asia-middle-east/176992/ 利用Log4Shell的StealthLoader恶意软件 https://research.checkpoint.com/2021/stealthloader-malware-leveraging-log4shell/ Superior Plus是被勒索软件袭击的最新燃料供应商 https://www.databreachtoday.com/superior-plus-latest-fuel-supplier-hit-by-ransomware-a-18128 Anubis安卓恶意软件卷土重来，主要针对金融机构 https://heimdalsecurity.com/blog/anubis-android-malware-is-back-and-it-is-focusing-on-financial-institutions/ 用于窃取Microsoft Exchange凭据的IIS可扩展Web服务器 https://heimdalsecurity.com/blog/iis-extensible-web-server-used-to-steal-microsoft-exchange-credentials/ 弗吉尼亚州大会的IT部门遭到勒索软件攻击 https://thehill.com/policy/cybersecurity/585705-virginia-general-assemblys-it-unit-hit-by-ransomware-attack 对BHG类阿片治疗网络的网络攻击扰乱了患者护理 https://www.bleepingcomputer.com/news/security/cyberattack-on-bhg-opioid-treatment-network-disrupts-patient-care/ BlackTech组织对国内企业APT攻击分析 http://it.rising.com.cn/anquan/19843.html MuddyWater滥用Slack API窃取航空公司数据 https://securityintelligence.com/posts/nation-state-threat-group-targets-airline-aclip-backdoor/ 攻击者利用Owowa攻击亚洲的政府组织 https://securelist.com/owowa-credential-stealer-and-remote-access/105219/