漏洞 Vulnerability Red Hat Enterprise Linux 8.2 firefox 多个漏洞 https://access.redhat.com/errata/RHSA-2021:5016 CVE-2021-43811: Sockeye 框架yaml代码执行漏洞 https://github.com/awslabs/sockeye/pull/964 安全事件 Security Incident SolarWinds黑客一直在悄悄地将目标对准政府、云服务提供商 https://www.scmagazine.com/analysis/cloud/solarwinds-hackers-have-been-quietly-targeting-governments-cloud-providers 俄罗斯支持的高级持久性威胁（APT）组织Nobelium使用的新Ceeloader恶意软件 https://heimdalsecurity.com/blog/new-ceeloader-malware-used/ 微软查获42个中国黑客使用的恶意域名 https://thehackernews.com/2021/12/microsoft-seizes-42-malicious-web.html 330家SPAR商店在网络攻击后关闭或改用现金支付 https://securityaffairs.co/wordpress/125334/uncategorized/spar-stores-cyberattack.html 研究人员透露了巴基斯坦威胁行动组织SideCopy的更多细节 https://heimdalsecurity.com/blog/sidecopy-pakistani-threat-actor-group-targets-afghan-governments/ 假冒KPSPico Windows激活器工具KPSPico窃取加密钱包数据 https://www.hackread.com/fake-kpspico-windows-activator-kpspico-crypto-wallet/ NICKEL针对拉丁美洲和欧洲的政府组织的攻击活动 https://www.microsoft.com/security/blog/2021/12/06/nickel-targeting-government-organizations-across-latin-america-and-europe/ APT37的新Android间谍软件Chinotto https://blog.cyble.com/2021/12/06/apt37-using-a-new-android-spyware-chinotto/