漏洞 Vulnerability CVE-2021-45105：Apache Log4j 拒绝服务漏洞通告 https://cert.360.cn/warning/detail?id=4e4427335861d0c101b5311c79f87217 Slackware Linux更新httpd http://www.slackware.com/security/viewer.php?l=slackware-security&y=2021&m=slackware-security.507663 安全事件 Security Incident 180万人的信用卡信息从体育用品网站被盗 https://www.bleepingcomputer.com/news/security/credit-card-info-of-18-million-people-stolen-from-sports-gear-sites/ Log4j攻击者转而通过RMI注入Monero矿工 https://www.bleepingcomputer.com/news/security/log4j-attackers-switch-to-injecting-monero-miners-via-rmi/ 伦敦分类广告网站Gumtree因F12而遭遇数据泄露 https://heimdalsecurity.com/blog/london-classified-ads-site-gumtree-experiences-data-breach-due-to-f12-key/ McMenamins 啤酒厂被Conti勒索软件攻击 https://www.bleepingcomputer.com/news/security/mcmenamins-breweries-hit-by-a-conti-ransomware-attack/ 新的PseudoManuscrypt恶意软件在2021年感染了超过35000台电脑 https://thehackernews.com/2021/12/new-pseudomanuscrypt-malware-infected.html Conti勒索软件利用Log4j漏洞入侵VMware vCenter服务器 https://www.bleepingcomputer.com/news/security/conti-ransomware-uses-log4j-bug-to-hack-vmware-vcenter-servers/ 德国音响技术巨头Sennheiser公司55GB的用户数据泄漏 https://www.hackread.com/german-audio-tech-sennheiser-expose-customers-data/ TellYouThePass勒索软件在Linux复活，Windows Log4j攻击 https://www.bleepingcomputer.com/news/security/tellyouthepass-ransomware-revived-in-linux-windows-log4j-attacks/ PurpEx僵尸网络回归 https://securityaffairs.co/wordpress/125725/malware/phorpiex-botnet-return.html 新的DarkHotel APT攻击链被识别 https://www.zscaler.com/blogs/security-research/new-darkhotel-apt-attack-chain-identified