漏洞 Vulnerability Linux 内核 BPF 内核地址泄漏漏洞安全更新 https://www.openwall.com/lists/oss-security/2021/08/01/3 安全事件 Security Incident DoppelPaymer勒索软件重命名为Grief卷土重来 https://www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-gang-rebrands-as-the-grief-group/ 猎天行动——CNC（APT-C-48）组织最新攻击活动披露 https://mp.weixin.qq.com/s/dMFyLxsErYUZX7BQyBL9YQ 攻击技术研判｜Lazarus结合NDay投递VBA恶意远控的攻击分析 https://mp.weixin.qq.com/s/x7L3R9iQdnrnEKpfop92Gg 朝鲜组织 Thallium 利用 PDF 文档漏洞进行攻击 https://blog.alyac.co.kr/3970?category=957259 分发标题为“BIO 表格”的 Word 文档 https://asec.ahnlab.com/ko/25861/ PyPI 包被发现窃取信用卡号、Discord 令牌 https://www.bleepingcomputer.com/news/security/pypi-packages-caught-stealing-credit-card-numbers-discord-tokens/ Linux eBPF 漏洞在 Ubuntu 上获得 root 权限 – 漏洞利用已发布 https://www.bleepingcomputer.com/news/security/linux-ebpf-bug-gets-root-privileges-on-ubuntu-exploit-released/ 专家发现与 WellMess 恶意软件相关的多个 C&C 服务器 https://thehackernews.com/2021/07/experts-uncover-several-c-servers.html SolarWinds 黑客入侵 27 个州检察官办公室 https://securityaffairs.co/wordpress/120704/cyber-warfare-2/solarwinds-hackers-breached-state-attorneys-offices.html 攻击者泄露了从 EA 窃取的数据，包括 FIFA 代码 https://securityaffairs.co/wordpress/120711/data-breach/ea-stolen-data-leaked.html