漏洞 Vulnerability 2021-10 补丁日: Oracle多个产品漏洞安全风险通告 https://cert.360.cn/warning/detail?id=f1c530e7d479b805ff31afe0798c4448 strongswan 安全更新 https://lists.debian.org/debian-lts-announce/2021/10/msg00014.html 安全事件 Security Incident Karma勒索病毒 https://www.sentinelone.com/labs/karma-ransomware-an-emerging-threat-with-a-hint-of-nemty-pedigree/?__cf_chl_captcha_tk__=pmd_wzCGJ9rzk_sGYrCyHVsDVCVF3H7I6g1FxAQjNeQ4jkc-1634625575-0-gqNtZGzNAyWjcnBszQh9 国家支持的黑客利用定制恶意软件入侵电信公司 https://www.bleepingcomputer.com/news/security/state-backed-hackers-breach-telcos-with-custom-malware/ TikTok通过“我们中间的假”和“蒸汽”服务提供新的玩家目标 https://threatpost.com/tiktok-gamer-targets-among-us-steam/175546/ TeamTNT在Docker Hub上部署恶意Docker映像 https://securityaffairs.co/wordpress/123535/cyber-crime/teamtnt-docker-attack.html PurpleFox添加了使用WebSocket的新后门 https://www.trendmicro.com/en_us/research/21/j/purplefox-adds-new-backdoor-that-uses-websockets.html 通过群发电子邮件运动传播的 FlawedGrace 的新变种 https://thehackernews.com/2021/10/a-new-variant-of-flawedgrace-spreading.html