漏洞 Vulnerability CVE-2021-37608: Apache OFBiz任意文件上传漏洞 https://www.mail-archive.com/[email protected]/msg06678.html CVE-2021-37690: Tensorflow UAF漏洞 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3hxh-8cp2-g4hg 安全事件 Security Incident TeamTNT新变种通过ELF打包bash脚本，利用Hadoop ResourceManager RCE 传播 https://blog.netlab.360.com/wei-xie-kuai-xun-teamtntxin-huo-dong-tong-guo-gan-ran-wang-ye-wen-jian-ti-gao-chuan-bo-neng-li/ IISpy：微软Web服务器后门 https://www.ehackingnews.com/2021/08/iispy-installs-backdoor-on-microsofts.html 100万张被盗信用卡在暗网曝光 https://www.cnbeta.com/articles/tech/1165047.htm IT咨询巨头埃森哲遭遇Lockbit勒索软件攻击，被勒索3.2亿美元 https://www.bleepingcomputer.com/news/security/accenture-confirms-hack-after-lockbit-ransomware-data-leak-threats/ Bahamut组织利用钓鱼网站分发Android APK https://blog.cyble.com/2021/08/10/bahamut-threat-group-targeting-users-through-phishing-campaign/ Aggah 使用被攻陷的网站攻击亚洲各地的企业，包括台湾制造业 https://www.anomali.com/blog/aggah-using-compromised-websites-to-target-businesses-across-asia-including-taiwan-manufacturing-industry LOREC53组织分析报告——攻击组件部分 http://blog.nsfocus.net/lorec53-nsfocus/ 冒充统一部，与朝鲜有关的APT攻击出现… “网络攻击注意力变成了工作” https://blog.alyac.co.kr/4009?category=957259