漏洞 Vulnerability
CVE-2021-44145:Apache NiFi XML外部实体注入(XXE)漏洞
https://nvd.nist.gov/vuln/detail/CVE-2021-44145
CVE-2021-43855:Wiki.js 跨站脚本漏洞
https://nvd.nist.gov/vuln/detail/CVE-2021-43855
CVE-2021-43856:Wiki.js 跨站脚本漏洞
https://nvd.nist.gov/vuln/detail/CVE-2021-43856
安全事件 Security Incident
被log4j黑客攻击的金融公司ONUS拒绝支付赎金导致200万客户数据泄露
https://www.bleepingcomputer.com/news/security/fintech-firm-hit-by-log4j-hack-refuses-to-pay-5-million-ransom/
LastPass用户主密码已被泄露
https://www.bleepingcomputer.com/news/security/lastpass-users-warned-their-master-passwords-are-compromised/
三星Galaxy商店中存在大量风险软件
https://www.bleepingcomputer.com/news/security/riskware-android-streaming-apps-found-on-samsungs-galaxy-store/
与中国国家支持的黑客相关的新恶意软件Flagpro
https://www.bleepingcomputer.com/news/security/new-flagpro-malware-linked-to-chinese-state-backed-hackers/
RedLine恶意软件将窃取浏览器中保存的密码
https://www.bleepingcomputer.com/news/security/redline-malware-shows-why-passwords-shouldnt-be-saved-in-browsers/
AQUATIC PANDA利用Log4Shell漏洞攻击学术机构
https://www.crowdstrike.com/blog/overwatch-exposes-aquatic-panda-in-possession-of-log-4-shell-exploit-tools/
攻击者利用HP iLO rootkit擦除伊朗组织的服务器
https://threats.amnpardaz.com/en/2021/12/28/implant-arm-ilobleed-a/
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论